Azure Provisioning
Last updated
Last updated
Cymmetri.com
Cymmetri Identity Platform application catalogue allows for pre-configured provisioning settings for Azure Portal.
For Azure integration we need an azure enterprise account with its own domain configured in the Azure AD.
Refer following document to configure azure application
Azure Document https://connid.atlassian.net/wiki/spaces/BASE/pages/308674561/Azure [ConnID]
Create a new OAuth2 Application and provide the following configuration in Azure OAuth2 application.
Application will be created and now we will be able to configure.
Let us now click on Authentication tab on the left-hand side menu. We can choose account either in a single Organization Directory or multiple directory.
Click on Add a platform and we can add a new Redirect URI as “http://localhost”.
Further we can allow the Public Client flows.
Create a new Secret by first, clicking on Certificate and Secrets on the left-hand side menu, and then click on the “+ New Client secret” link, Enter Description and select the Expires option.
Provide the right permissions for the Connector to work by clicking on API Permissions tab on the left-hand side menu, then click on Add, then click on Microsoft Graph and then click on Application Permission and Delegated.
Search and select the following permissions/scopes in OpenID
APIConnectors.Read.All
Directory.ReadWrite.All
OpenID
PrivilegedAccess.Read.AzureAD
User.ReadWrite.All
We need to take consent from admin for getting access to Microsoft Graph API, Click on add permission, Click on “Grant Admin content for Unotech Software”, and finally Click on Yes.
Click on Expose an API and Click on Set to expose the API to be used by the Azure API client on the connector.
Configure the User Configurations
Copy the application authority from the User Configure.
Configure the Client ID.
Configure the Client Secret.
Configure the Redirect URI exposed from the Azure AD.
Graph API base endpoint (User Config Resource URI)
Add the Azure Tenant ID
Choose the base username.
Click on Save, and test the connection.
Configure Azure user and server config as follows
Configure the Domain from Azure Active Directory.