The payload should include an Options object to which you can pass client_id and client_secret params as well as your domain. Below is a fully working payload example, just replace the values to your needs and adapt to the language you’re using.
payload = {
'name': 'test-ad-api',
'strategy': 'waad',
'options': {
'use_wsfed': False,
'useCommonEndpoint': False,
'basic_profile': False,
'ext_profile': False,
'ext_groups': False,
'ext_nested_groups': False,
'api_enable_users': False,
'waad_protocol': 'openid-connect',
'identity_api': 'microsoft-identity-platform-v2.0',
'should_trust_email_verified_connection': 'never_set_emails_as_verified',
'domain': 'myazuretestdomain.com',
'tenant_domain': 'myazuretestdomain.com',
'client_id': 'abc',
'client_secret': '123'
}
}