From 8b6896f64037848a4c130408db1f93fb18428b55 Mon Sep 17 00:00:00 2001
From: Andreas Jagiella <67098649+AndreasJagiella-EH@users.noreply.github.com>
Date: Mon, 17 Apr 2023 18:46:26 +0200
Subject: [PATCH] improved documentation for AzureADProvider

~ needed database entries
~ type of redirect uri
---
 docs/docs/providers/azure-ad.md | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/docs/docs/providers/azure-ad.md b/docs/docs/providers/azure-ad.md
index 6e0a1fb924..c6b4c8e5d4 100644
--- a/docs/docs/providers/azure-ad.md
+++ b/docs/docs/providers/azure-ad.md
@@ -3,6 +3,17 @@ id: azure-ad
 title: Azure Active Directory
 ---
 
+:::note
+Azure Active Directory returns the following fields on `Account`:
+
+- `token_type` (string)
+- `expires_in` (number)
+- `ext_expires_in` (number)
+- `access_token` (string).
+
+Remember to add these fields to your database schema, in case if you are using an [Adapter](https://authjs.dev/reference/adapters).
+:::
+
 ## Documentation
 
 https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
@@ -20,7 +31,7 @@ https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-regis
 - Pay close attention to "Who can use this application or access this API?"
   - This allows you to scope access to specific types of user accounts
   - Only your tenant, all azure tenants, or all azure tenants and public Microsoft accounts (Skype, Xbox, Outlook.com, etc.)
-- When asked for a redirection URL, use `https://yourapplication.com/api/auth/callback/azure-ad` or for development `http://localhost:3000/api/auth/callback/azure-ad`.
+- When asked for a redirection URL, select the platform type "Web" and use `https://yourapplication.com/api/auth/callback/azure-ad` or for development `http://localhost:3000/api/auth/callback/azure-ad`.
 - After your App Registration is created, under "Client Credential" create your Client secret.
 - Now copy your:
   - Application (client) ID