Domain federation prerequisites and requirements
- Last UpdatedAug 21, 2025
- 2 minute read
Before you contact AVEVA with the details outlined on this page, we recommend the following:
-
You are, or have the assistance of, a domain expert who is familiar with your chosen provider.
-
You have identified a method to share details with AVEVA in a secure way.
Details and parameters to submit to AVEVA
Depending on your chosen method of authentication, you are required to submit the following details for each method:
Entra ID
|
Parameter |
Description |
|
Primary domain |
The primary domain for the Entra ID. Shown on the overview page for your Entra ID. |
|
Email domain(s) |
The email domain or domains that users will be signing in with. For example: companyname@onmicrosoft.com. |
|
Client ID |
The Entra ID application ID. |
|
Client secret |
The Entra ID client secret value. |
|
Client secret expiry date |
The expiry date for the Entra ID application key |
Open ID Connect (OIDC)
|
Parameter |
Description |
|
Email domains |
The domain(s) to be federated to your IdP. Note: You must be able to prove that you own these domains. |
|
Issuer URL |
The URL for the OIDC Discovery Endpoint. This is the location of the OpenID Provider Configuration Document for your IdP. If your IdP does not support discover, or the document is private, you must provide the following details separately:
|
|
Client ID |
A unique identifier for your registered application. |
|
Client secret |
The secret for the Client ID. Only required for the back channel type. |
|
Scopes |
A comma-separated list of OIDC scopes to request when connecting to the IdP. The default list is: openid, profile, email |
Active Directory Federation Services (ADFS)
-
Provide either the Endpoint URL or the Federations Metadata File (XML)