Navigate to PLATFORM TOOLS | Apps | App Manager
Click "New Connected App"
Fill in App Name, API Name and Contact Email
Enable the option "Enable OAuth Settings"
Add “Access the identity URL service" and "Manage User data via APIs” in the selected OAuth Scopes section.
Click the Save button to create this new app
Once you’ve been redirected to the page for the App you just created take a copy of the Consumer Key and also Consumer Secret in the API section.
Relaxation for STS
To allow the STS server to communicate with Salesforce, you either need to set the IP relaxation to “Relax IP Restrictions” or add the IP range of the Azure servers to your security settings.
To change the IP Relaxation follow the directions below.
Navigate to PLATFORM TOOLS | Apps | Connected Apps | Manage Connect Apps
Click Edit against the STS app
You can select "Relax IP restrictions", or "Enforce IP restrictions"
If you select Enforce IP restrictions, then you must add the IP address range of Azure servers to the trusted IP list
Navigate to SETTINGS | Security | Network Access
Click New to create a new set of trusted IP ranges