From 2643f7aee3934b0a3dff17b2c1ccb5bd3db41762 Mon Sep 17 00:00:00 2001
From: Ben Sheppard <ben.sheppard@camunda.com>
Date: Tue, 23 Apr 2024 13:22:41 +0100
Subject: [PATCH 1/2] docs(identity): update example to use tenant id instead
 of client id

---
 docs/self-managed/setup/guides/connect-to-an-oidc-provider.md | 4 ++--
 .../helm-kubernetes/guides/connect-to-an-oidc-provider.md     | 4 ++--
 .../self-managed/setup/guides/connect-to-an-oidc-provider.md  | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/docs/self-managed/setup/guides/connect-to-an-oidc-provider.md b/docs/self-managed/setup/guides/connect-to-an-oidc-provider.md
index 8e1bb289e3..7e93ffaa12 100644
--- a/docs/self-managed/setup/guides/connect-to-an-oidc-provider.md
+++ b/docs/self-managed/setup/guides/connect-to-an-oidc-provider.md
@@ -148,13 +148,13 @@ For authentication, the Camunda components use the scopes `email`, `openid`, `of
 global:
   identity:
     auth:
-      issuer: https://login.microsoftonline.com/<Client ID from Step 1>/v2.0
+      issuer: https://login.microsoftonline.com/<Tenant ID>/v2.0
       # this is used for container to container communication
       issuerBackendUrl: https://login.microsoftonline.com/<Microsoft Entra tenant id>/v2.0
       tokenUrl: https://login.microsoftonline.com/<Microsoft Entra tenant id>/oauth2/v2.0/token
       jwksUrl: https://login.microsoftonline.com/<Microsoft Entra tenant id>/discovery/v2.0/keys
       type: "MICROSOFT"
-      publicIssuerUrl: https://login.microsoftonline.com/<Client ID from Step 1>/v2.0
+      publicIssuerUrl: https://login.microsoftonline.com/<Tenant ID>/v2.0
       identity:
         clientId: <Client ID from Step 2>
         existingSecret: <Client secret from Step 2>
diff --git a/versioned_docs/version-8.4/self-managed/platform-deployment/helm-kubernetes/guides/connect-to-an-oidc-provider.md b/versioned_docs/version-8.4/self-managed/platform-deployment/helm-kubernetes/guides/connect-to-an-oidc-provider.md
index 16eb4a5748..618a271528 100644
--- a/versioned_docs/version-8.4/self-managed/platform-deployment/helm-kubernetes/guides/connect-to-an-oidc-provider.md
+++ b/versioned_docs/version-8.4/self-managed/platform-deployment/helm-kubernetes/guides/connect-to-an-oidc-provider.md
@@ -142,13 +142,13 @@ For authentication, the Camunda components use the scopes `email`, `openid`, `of
 global:
   identity:
     auth:
-      issuer: https://login.microsoftonline.com/<Client ID from Step 1>/v2.0
+      issuer: https://login.microsoftonline.com/<Tenant ID>/v2.0
       # this is used for container to container communication
       issuerBackendUrl: https://login.microsoftonline.com/<Microsoft Entra tenant id>/v2.0
       tokenUrl: https://login.microsoftonline.com/<Microsoft Entra tenant id>/oauth2/v2.0/token
       jwksUrl: https://login.microsoftonline.com/<Microsoft Entra tenant id>/discovery/v2.0/keys
       type: "MICROSOFT"
-      publicIssuerUrl: https://login.microsoftonline.com/<Client ID from Step 1>/v2.0
+      publicIssuerUrl: https://login.microsoftonline.com/<Tenant ID>/v2.0
       operate:
         clientId: <Client ID from Step 1>
         audience: <Client ID from Step 1>
diff --git a/versioned_docs/version-8.5/self-managed/setup/guides/connect-to-an-oidc-provider.md b/versioned_docs/version-8.5/self-managed/setup/guides/connect-to-an-oidc-provider.md
index 8e1bb289e3..7e93ffaa12 100644
--- a/versioned_docs/version-8.5/self-managed/setup/guides/connect-to-an-oidc-provider.md
+++ b/versioned_docs/version-8.5/self-managed/setup/guides/connect-to-an-oidc-provider.md
@@ -148,13 +148,13 @@ For authentication, the Camunda components use the scopes `email`, `openid`, `of
 global:
   identity:
     auth:
-      issuer: https://login.microsoftonline.com/<Client ID from Step 1>/v2.0
+      issuer: https://login.microsoftonline.com/<Tenant ID>/v2.0
       # this is used for container to container communication
       issuerBackendUrl: https://login.microsoftonline.com/<Microsoft Entra tenant id>/v2.0
       tokenUrl: https://login.microsoftonline.com/<Microsoft Entra tenant id>/oauth2/v2.0/token
       jwksUrl: https://login.microsoftonline.com/<Microsoft Entra tenant id>/discovery/v2.0/keys
       type: "MICROSOFT"
-      publicIssuerUrl: https://login.microsoftonline.com/<Client ID from Step 1>/v2.0
+      publicIssuerUrl: https://login.microsoftonline.com/<Tenant ID>/v2.0
       identity:
         clientId: <Client ID from Step 2>
         existingSecret: <Client secret from Step 2>

From da731f26efd9df37df5151cf987f0edf86c77e3b Mon Sep 17 00:00:00 2001
From: Ben Sheppard <ben.sheppard@camunda.com>
Date: Tue, 23 Apr 2024 13:31:19 +0100
Subject: [PATCH 2/2] docs(identity): update confuding Identity steps

---
 .../setup/guides/connect-to-an-oidc-provider.md             | 6 +++---
 .../helm-kubernetes/guides/connect-to-an-oidc-provider.md   | 2 +-
 .../setup/guides/connect-to-an-oidc-provider.md             | 6 +++---
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/docs/self-managed/setup/guides/connect-to-an-oidc-provider.md b/docs/self-managed/setup/guides/connect-to-an-oidc-provider.md
index 7e93ffaa12..9e90a31e86 100644
--- a/docs/self-managed/setup/guides/connect-to-an-oidc-provider.md
+++ b/docs/self-managed/setup/guides/connect-to-an-oidc-provider.md
@@ -156,9 +156,9 @@ global:
       type: "MICROSOFT"
       publicIssuerUrl: https://login.microsoftonline.com/<Tenant ID>/v2.0
       identity:
-        clientId: <Client ID from Step 2>
-        existingSecret: <Client secret from Step 2>
-        audience: <Audience from Step 2>
+        clientId: <Client ID from Step 1>
+        existingSecret: <Client secret from Step 3>
+        audience: <Audience from Step 1>
         initialClaimName: <Initial claim name if not using the default "oid">
         initialClaimValue: <Initial claim value>
         redirectUrl: <See table below>
diff --git a/versioned_docs/version-8.4/self-managed/platform-deployment/helm-kubernetes/guides/connect-to-an-oidc-provider.md b/versioned_docs/version-8.4/self-managed/platform-deployment/helm-kubernetes/guides/connect-to-an-oidc-provider.md
index 618a271528..00efca4b7b 100644
--- a/versioned_docs/version-8.4/self-managed/platform-deployment/helm-kubernetes/guides/connect-to-an-oidc-provider.md
+++ b/versioned_docs/version-8.4/self-managed/platform-deployment/helm-kubernetes/guides/connect-to-an-oidc-provider.md
@@ -175,7 +175,7 @@ global:
         publicApiAudience: <Audience for using Web Modeler's API. For security reasons, use a different value than for clientApiAudience>
         redirectUrl: <See table below>
       connectors:
-        clientId: <Client ID from Step 2>
+        clientId: <Client ID from Step 1>
         existingSecret: <Client secret from Step 3>
 ```
 
diff --git a/versioned_docs/version-8.5/self-managed/setup/guides/connect-to-an-oidc-provider.md b/versioned_docs/version-8.5/self-managed/setup/guides/connect-to-an-oidc-provider.md
index 7e93ffaa12..9e90a31e86 100644
--- a/versioned_docs/version-8.5/self-managed/setup/guides/connect-to-an-oidc-provider.md
+++ b/versioned_docs/version-8.5/self-managed/setup/guides/connect-to-an-oidc-provider.md
@@ -156,9 +156,9 @@ global:
       type: "MICROSOFT"
       publicIssuerUrl: https://login.microsoftonline.com/<Tenant ID>/v2.0
       identity:
-        clientId: <Client ID from Step 2>
-        existingSecret: <Client secret from Step 2>
-        audience: <Audience from Step 2>
+        clientId: <Client ID from Step 1>
+        existingSecret: <Client secret from Step 3>
+        audience: <Audience from Step 1>
         initialClaimName: <Initial claim name if not using the default "oid">
         initialClaimValue: <Initial claim value>
         redirectUrl: <See table below>