- 2 minutes to read

OpenID Field Mapping Quick Reference

Use this page when configuring OpenID Connect and OAuth 2.0 values in the Nodinite installation wizard.

What This Page Helps You Do

Match each wizard field to the correct Entra ID value
Reduce configuration mistakes across General, Web Client, Web API, and Log API settings
Keep all required IDs, scopes, and claims in one checklist

Section	Field	Where to Get It	Example / Format
General	Discovery URL (.well-known)	Your Entra ID Tenant ID	`https://login.microsoftonline.com/<tenant-id>/v2.0/.well-known/openid-configuration`
General	Installation Client ID	NodiniteInstallationClient application (client) ID	`xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx`
General	Installation Client Scopes	webApi application (client) ID	`api://<webApi-client-id>/.default`
General	Installation Client Claims - Key	Fixed value	`http://schemas.microsoft.com/ws/2008/06/identity/claims/role`
General	Installation Client Claims - Value	App role value from webApi	`AppRole_WebApi_all`
Web Client	Client ID	webClient application (client) ID	`xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx`
Web Client	Callback Path	Registered redirect URI path	`/signin-oidc`
Web Client	Scopes	Default OIDC scopes plus API scope	`openid`, `profile`, `email`, `offline_access`, `api://<webApi-client-id>/nodinite_webapi_all`
Web Client	Nodinite Claims (Groups)	Entra ID group Object ID	`groups` + group object ID
Web Client	Nodinite Claims (App Roles)	Entra ID app role values	`http://schemas.microsoft.com/ws/2008/06/identity/claims/role` + `Nodinite.Admin,Nodinite.User`
Web API	Audiences	webApi application (client) ID	`xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx`
Log API	Audiences	Log API audience identifier	`nodinite-%ENVIRONMENTNAME%-logapi`

Choose one user authorization approach:

For larger tenants, app roles are typically easier to manage and keep token payloads compact.