socialIdentityProvider resource type
Namespace: microsoft.graph
Important
APIs under the /beta
version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Represents social identity providers for both Microsoft Entra ID and Azure AD B2C tenants.
Inherits from identityProviderBase.
For more information about adding Google and Facebook as identity providers in external tenants, see Add Google as an identity provider (preview) and Add Facebook as an identity provider (preview).
Tenant configuration | Supported IdPs |
---|---|
Workforce tenant | Google , Facebook |
External tenant | Apple , Google , Facebook |
Azure AD B2C tenant | Microsoft , Google , Facebook , Amazon , LinkedIn , Twitter , Weibo (preview), QQ (preview), WeChat (preview), GitHub (preview) |
Methods
None.
For the list of API operations for managing social identity providers, see the identityProviderBase resource type.
Properties
Property | Type | Description |
---|---|---|
clientId | String | The client identifier for the application obtained when registering the application with the identity provider. Required. |
clientSecret | String | The client secret for the application that is obtained when the application is registered with the identity provider. This is write-only. A read operation returns **** . Required. |
id | String | The identifier of the identity provider. Inherited from identityProviderBase. Read-only. |
displayName | String | The display name of the identity provider. Inherited from identityProviderBase. |
identityProviderType | String | For external and workforce tenants, possible values: Facebook , Google For Azure AD B2C tenants, possible values: Microsoft , Google , Amazon , LinkedIn , Facebook , GitHub , Twitter , Weibo , QQ , WeChat . |
Where to get the client identifier and secret
Each identity provider has a process for creating an app registration. For example, users create an app registration with Facebook at developers.facebook.com. The resulting client identifier and client secret can be passed to create identityProvider. Then, each user object in the directory can be federated to any of the tenant's identity providers for authentication. This enables the user to sign in by entering credentials on the identity provider's sign-in page. The token from the identity provider is validated by Microsoft Entra ID before the tenant issues a token to the application.
Relationships
None.
JSON representation
The following JSON representation shows the resource type.
{
"id": "String",
"identityProviderType": "String",
"displayName": "String",
"clientId": "String",
"clientSecret": "String"
}