 Hey folks! We are answering frequently asked questions from the Okta Customer Identity Cloud Community, and today we are going to discuss how to connect to Azure AD using an OIDC Enterprise connection. Let's get started. You may want to consider this approach because, unlike the Azure AD connection, which accepts a limited set of claims, the OIDC Enterprise will accept any claim included in the ID token. This is useful if you need a custom claim present in the Auth0 user profile. We will start with the Azure portal. Click on App Registrations and then New Registration. Enter a name for this application. For the supported account types, we will just leave it as Accounts in this organizational directory only. For the redirect URI, under Select a Platform, select Web. For the URI value, we are going to use our tenant's domain, followed by the login callback path. Go ahead and click Register. The confirmation page will be displayed, showing that our app has been created. Take note of the application, or Client ID here, because we will need this on the Auth0 side. Next, we will go to the End Points tab and copy the OpenID Connect Metadata Document URL. Navigate to the Authentication section. If you want to add your custom domain, you can add an additional redirect URI here. Next, we are going to scroll down to the Implicit Grant and Hybrid Flows, and we are going to check the ID Tokens box and click Save. Click on Token Configuration, and we are going to add an optional claim. Select ID for the token type. Here you can select any claims that you'd like. We will select Email, Given Name, and Family Name, and click Add. When clicking on Add here, we'll be asked for permission for the Microsoft Graph. This is required, so we will accept the request. Optionally, at this point, we could also click on Add Group Claims to add group information to the ID Token, which Auth0 will then store in the user profile. Now, we will go through the steps that are needed on the Auth0 side. We are going to go to Authentication and to Enterprise, then to OpenID Connect. Click on Create a Connection and provide a name for the connection. For the issuer URL, paste the well-known OpenID configuration URL that we copied earlier on the Azure side. To get the client ID, we will go back to our Azure portal, go to the Overview section, and copy our client ID from here, and click Create. Before you test this, you'll need to go to the Applications tab and enable this connection for at least one application. Now, let's try this connection. Go back to our list of OIDC connections, click on the three dots, and then hit Try and here we see that it worked. Today, we looked at how to connect to Azure AD using an OIDC Enterprise connection. If you found this video helpful, please like and subscribe to us on YouTube and join us for more content on community.auth0.com.