diff --git a/databricks-sdk-java/src/main/java/com/databricks/sdk/core/DatabricksConfig.java b/databricks-sdk-java/src/main/java/com/databricks/sdk/core/DatabricksConfig.java
index 23fd990b9..ff2d6c2f0 100644
--- a/databricks-sdk-java/src/main/java/com/databricks/sdk/core/DatabricksConfig.java
+++ b/databricks-sdk-java/src/main/java/com/databricks/sdk/core/DatabricksConfig.java
@@ -798,15 +798,18 @@ private OpenIDConnectEndpoints fetchDefaultOidcEndpoints() throws IOException {
     }
 
     if (isAzure() && getAzureClientId() != null) {
-      Request request = new Request("GET", getHost() + "/oidc/oauth2/v2.0/authorize");
-      request.setRedirectionBehavior(false);
-      Response resp = getHttpClient().execute(request);
-      String realAuthUrl = resp.getFirstHeader("location");
-      if (realAuthUrl == null) {
-        return null;
+          ApiClient apiClient =
+          new ApiClient.Builder()
+              .withHttpClient(getHttpClient())
+              .withGetHostFunc(v -> getHost())
+              .build();
+      try {
+        return apiClient.execute(
+            new Request("GET", "/oidc/.well-known/oauth-authorization-server"),
+            OpenIDConnectEndpoints.class);
+      } catch (IOException e) {
+        throw new DatabricksException("IO error: " + e.getMessage(), e);
       }
-      return new OpenIDConnectEndpoints(
-          realAuthUrl.replaceAll("/authorize", "/token"), realAuthUrl);
     }
     if (isAccountClient() && getAccountId() != null) {
       String prefix = getHost() + "/oidc/accounts/" + getAccountId();