List of domains to whitelist to setting up FSM OIDC

Question

Hi Experts,

We have a customer who is setting up OIDC SSO login (Azure AD) on a on-premise environment which have a firewall which restricts access to the internet.

Due to this they are getting 500 status code error on webclient and smart client (OIDC123). The same credentials used on another internet accessible environment it is working as expected.

They are asking which URLs they need to whitelist in order to get OIDC working.

So far they’ve whitelisted following URLs (ref)

*.login.microsoftonline.com

*.aadcdn.msftauth.net

*.aadcdn.msftauthimages.net

*.aadcdn.msauthimages.net

*.logincdn.msftauth.net

*.login.live.com

*.msauth.net

*.aadcdn.microsoftonline-p.com

*.microsoftonline-p.com

Page 1 / 1

Hi Nimesha,

I think you missed the following URL:

https://sts.windows.net/

The OIDC Configuration from the Azure tenant will be fetched from here. Full request URL looks like:

https://sts.windows.net/<Azure AD Tenant>/.well-known/openid-configuration

Best regards
Roman

Reply

roklde · Answer

Hi Nimesha,I think you missed the following URL:https://sts.windows.net/The OIDC Configuration from the Azure tenant will be fetched from here. Full request URL looks like:https://sts.windows.net/<Azure AD Tenant>/.well-known/openid-configurationBest regardsRoman​​​​​​​

Reply

Did you find what you're looking for? If not:

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded