Hi @Asterix ,

Assuming that you’re using FSM OData REST API calls for the integration. Since there are methods like basic authentication, token based authentication and OAuth2 based authentication used in FSM Odata REST API, I guess you are trying to move on with OAuth2 based authentication as you have used the terms client id, secret keys. These are usually configured at Azure AD in the Azure portal in order to enable SSO authentication in FSM in which is a must for OAuth2 based authentication. When Azure AD is setup, you should get Client(application) ID, Directory (tenant) ID and Secret key. The same can be setup for AD FS as well.

Once you get those three parameters from Azure portal, you need to setup Application parameters in FSM in order to enable SSO.

FSM_AUTHENTICATION_METHODS -  OIDC,FSM

OPENID_AD_AUTHORITY -  Tenant ID

OPENID_MAX_AGE -  60

OPENID_NATIVE_APPLICATION_ID – Application ID

OPENID_SECRET – Secret Key

OPENID_SKEW - 1

OPENID_WEB_APPLICATION_ID – Application ID

Refresh cache and create a new person record set up for single-sign-on (SSO) authentication using the OIDC protocol. SSO will use the Azure AD or AD FS associated with your FSM installation for credentials that you can then use to get a token for Odata operations.

Then you need to get a token for SSO from FSM. Send the PerformLoginSSO message to the Odata endpoint of your FSM application server using this URL with the POST method : -http://YourFSMAppServer/odata/PerformLoginSSO

Once you request the token the SSO token will be received for the authentication. Kindly read the guidelines with regards to FSM Odata REST API authentication modes and OIDC Implementation for FSM in the documentations to get a clear idea on this.