![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 60%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,817 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 39%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFM%3C/text%3E%3C/svg%3E)
Hi @Galko, Michal • Thank you for reaching out.
My understanding is that you are trying to provide information to an external software supplier to be able to integrate their application with your Entra Directory, so that you can use your own corporate credentials for SSO in their application.
Your IT admin has created an Enterprise Application for this in your own Entra Directory, probably granted Admin Consent and provided a set of client credentials for the OAUTH2 Client Credentials Grant Flow to you.
The application vendor will need to modify their application logic, code, or a repository where they store the credentials externally in a secure fashion to utilize these credentials. What exactly needs to be done is very dependent on the software architecture, as Entra ID supports several application types which have different possible methods attached to them, so I will point you into the general direction and one of the example implementations which you can forward to the software supplier for implementation, so they can hopefully evaluate which flow and implementation best fits their software architecture.
Application types for the Microsoft identity platform
The easiest way to implement the different flows is most likely to utilize MSAL in the application as an abstraction library, rather than performing native REST calls against the OAUTH endpoints: Application configuration options
I will leave you with the sample repository for the Web App application type which should be one of the most common types these days as well for their reference: Web applications.
If the external application supplier is struggling with these concepts encourage them to ask pointed questions in the Q&A community as well, we are always glad to help and point to more concrete examples once we understand the actual architecture and requirements from an application side a bit better as well.
If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.