Dear community members,

I have an application running in ibmwebsphere I need to Authenticate any user who try to access the url of that application using azure ad. How can I do this in IBM websphere? I have registered an application in azure ad and have a tenant I'd, client I'd and secret. But I am confused how I configure my IBM websphere , under global security to redirect anyone who access my application API to azure login page and then if the authentication is successful allow to the actual url . I don't think I need to change my application configuration here, but can implement it only with the configuration in IBM websphere console. Can someone please help me here how can I do this? 

Thanks in advance

Sudheesh 

You must configure OIDC TAI in Websphere to redirect to Azure for login.

Check the following documents:

Configuring an OpenID Connect Relying Party

https://www.ibm.com/docs/en/was-nd/9.0.5?topic=users-configuring-openid-connect-relying-party

https://help.hcltechsw.com/connections/v7/admin/secure/c_azure_oidc_container.html

https://help.hcltechsw.com/connections/v7/admin/secure/t_azure_oidc_websphere.html