{"azureConfigured":false,"clientId":"(not set)","tenantId":"(not set)","hasSecret":false,"redirectUri":"http://localhost:4000/auth/callback","issuerUrls":["https://login.microsoftonline.com//v2.0","https://login.microsoftonline.com/common/v2.0"],"cachedIssuer":null,"nodeEnv":"production","protocol":"OIDC (OpenID Connect) — NOT SAML","instructions":["1. In Azure Portal go to App registrations (NOT Enterprise applications SAML)","2. Select your app → Authentication → Add platform → Web","3. Set Redirect URI to: http://localhost:4000/auth/callback","4. Under Certificates & secrets create a client secret","5. API permissions → Microsoft Graph → Delegated: openid, profile, email, User.Read","6. Grant admin consent","7. Do NOT configure SAML under Enterprise applications SSO — leave it as OIDC"]}