Office 365 Account Provider

To allow users to sign in with your Office 365 subscription:

Configure an App in the Office 365 Entra ID tenant

Login to the Azure portal tenant of your Office 365 subscription.
On the left side click All services and in the Filter type Azure Active Directory.
From the Azure Active Directory blade select App Registrations.
Click New registration.
In Name type a unique display name for the application.
Select the preferred Supported account type. When selecting Multitenant, app approval by an admin might be required in the other tenants.
Under Redirect URI select Web and enter https://www.theidentityhub.com/{tenant}/authenticate/processaccountproviderresponse.
Click Register.
Take a note of the Application (client) ID.
On the left: click Certificates & secrets.
Click New client secret.
In Description type The Identity Hub and select an Expiration.
Click Add.
Take a note of the VALUE you will need it as App Password later on.
On the left: click API permissions.
Click Add a permission and select Microsoft Graph.
Click Delegated permissions and scroll down to User.
Check User.Read.
Click Add permissions.
Click Grant admin consent for [Entra ID TENANT NAME] (requires administrator rights).

Parameter	Description
App ID	The Application (client) ID of the App created on the Azure Portal (see Configure an App in the Office 365 Entra ID tenant).
App Password	The client secret VALUE of the App created on the Azure Portal (see Configure an App in the Office 365 Entra ID tenant).

By default no incoming claims are mapped except

To map all incoming claims (even those not specified in the claim mappings) uncheck Remove all incoming claims that are not mapped.

See the Claim Mappings page for a more detailed explanation.