Today, we use openID Configuration for getting the CIAM Authorization request, as well as a small use case in AzureActiveDirectoryAudience.java. Our existing implementation for open id uses /.well-known/openid-configuration, but this seems to have been broken for CIAM tenants, as they no longer get the correct authorization url from this configuration. The correct configuration is now /v2.0/.well-known/openid-configuration, which returns the correct authorization request for CIAM.
As for the audience use case, open id is used when the authority url is not using a home tenant (common, organizations, or consumer), and not using a uuid tenant, in which case we try to check it in openid. This is a very small use case, it doesn't seem like anything would break by updating to v2.0 openID on this end.
Today, we use openID Configuration for getting the CIAM Authorization request, as well as a small use case in
AzureActiveDirectoryAudience.java
. Our existing implementation for open id uses/.well-known/openid-configuration
, but this seems to have been broken for CIAM tenants, as they no longer get the correct authorization url from this configuration. The correct configuration is now /v2.0/.well-known/openid-configuration, which returns the correct authorization request for CIAM.As for the audience use case, open id is used when the authority url is not using a home tenant (common, organizations, or consumer), and not using a uuid tenant, in which case we try to check it in openid. This is a very small use case, it doesn't seem like anything would break by updating to v2.0 openID on this end.
Common consumer validation before i skipped the check https://identitydivision.visualstudio.com/Engineering/_build/results?buildId=1191815&view=results