What is the Azure AD v1.0 OpenID Metadata Document?

Azure AD v1.0 OpenID Metadata Document is an online JSON document that contains most of the information required for an app to perform sign-in. This includes information such as the URLs to use and the location of the service's public signing keys. The OpenID Connect metadata document can be found at: https://login.microsoftonline.com/common/.well-known/openid-configuration.

Here is a copy of the Metadata Document retrieved from the above address:

{
    "authorization_endpoint": 
       "https:\/\/login.microsoftonline.com\/common\/oauth2\/authorize",
    "token_endpoint": 
       "https:\/\/login.microsoftonline.com\/common\/oauth2\/token",
    "token_endpoint_auth_methods_supported": [
        "client_secret_post",
        "private_key_jwt",
        "client_secret_basic"
    ],
    "jwks_uri":
       "https:\/\/login.microsoftonline.com\/common\/discovery\/keys",
    "response_modes_supported": [
        "query",
        "fragment",
        "form_post"
    ],
    "subject_types_supported": [
        "pairwise"
    ],
    "id_token_signing_alg_values_supported": [
        "RS256"
    ],
    "http_logout_supported": true,
    "frontchannel_logout_supported": true,
    "end_session_endpoint":
       "https:\/\/login.microsoftonline.com\/common\/oauth2\/logout",
    "response_types_supported": [
        "code",
        "id_token",
        "code id_token",
        "token id_token",
        "token"
    ],
    "scopes_supported": [
        "openid"
    ],
    "issuer": "https:\/\/sts.windows.net\/{tenantid}\/",
    "claims_supported": [
        "sub",
        "iss",
        "cloud_instance_name",
        "cloud_instance_host_name",
        "cloud_graph_host_name",
        "msgraph_host",
        "aud",
        "exp",
        "iat",
        "auth_time",
        "acr",
        "amr",
        "nonce",
        "email",
        "given_name",
        "family_name",
        "nickname"
    ],
    "microsoft_multi_refresh_token": true,
    "check_session_iframe":
       "https:\/\/login.microsoftonline.com\/common\/oauth2\/checksession",
    "userinfo_endpoint":
       "https:\/\/login.microsoftonline.com\/common\/openid\/userinfo",
    "tenant_region_scope": null,
    "cloud_instance_name": "microsoftonline.com",
    "cloud_graph_host_name": "graph.windows.net",
    "msgraph_host": "graph.microsoft.com",
    "rbac_url": "https:\/\/pas.windows.net"
}

As you can see the metadata document helps you with some key information about the Azure AD service.

⇒ Azure AD v1 Sign-On Authentication Request

⇐ Authentication Flows with Azure AD v1

⇑ Azure AD Integration v1.0

⇑⇑ OpenID Tutorials