Azure EntraID OIDC config issue

[wraak]

im going down the path of attempting OIDC via EntraID, i used general setup notes from other similar integrations cisco for example https://docs.sse.cisco.com/sse-user-guide/docs/configure-microsoft-entra-id-oidc-integration

a. i added a new App Registration, configured Web Redirect URIs pointing at client MFA auth https page with LETSENCRYPT certs:
https://wagoidc.mycompany.com:8080/authorise/oidc
and enabled ID tokens (used for implicit and hybrid flows)

b. created new client secret

c. setup API Permissions for the newly registered Azure EntraID App to allow Microsoft Graph Permissions as follows: Directory.Read.All; Group.Read.All; User.Read.All; UserAuthenticationMethod.Read.All

heres my config
"Authenticators": {
"DefaultMethod": "oidc",
"Issuer": "WAG-WG",
"Methods": ["oidc"],
"DomainURL": "https://wagoidc.mycompany.com:8080/",
"OIDC": {
"IssuerURL": "https://login.microsoftonline.com/AZURE-CUSTOMER-ID/v2.0/.well-known/openid-configuration",
"ClientSecret": "client-secret",
"ClientID": "client-id"

ultimately starting wag results in this:

2025/03/25 14:50:29 OIDC callback: https://wagoidc.mycompany.com:8080/authorise/oidc
2025/03/25 14:50:29 Connecting to OIDC provider: https://login.microsoftonline.com/AZURE-CUSTOMER-ID/v2.0/.well-known/openid-configuration
2025/03/25 14:50:30 failed to initialise method: oidc err: http status not ok: 404 Not Found

same issue with auth0
2025/04/01 14:01:57 Connecting to OIDC provider: https://dev-customerid.us.auth0.com/.well-known/openid-configuration
2025/04/01 14:01:57 failed to initialise method: oidc err: http status not ok: 404 Not Found Not found.

any idea whats happening?

[NHAS]

Hi there,

I am pretty unfamiliar with both azure and auth0, however I believe the .well-known endpoint is more for discovery, and you should just be using the realm URLs directly.

I.e

 https://login.microsoftonline.com/AZURE-CUSTOMER-ID/v2.0/

and

 https://dev-customerid.us.auth0.com/

And thus the OIDC client will do the rest of the work for you.

There is an example for how to do keycloak here: https://wag-docs.dev/guide/sso

Feel free to open a PR with a guide on either azure/auth0 if you get it working :)