Azure Provisioning

Cymmetri Identity Platform application catalogue allows for pre-configured provisioning settings for Azure Portal.

For Azure integration we need an azure enterprise account with its own domain configured in the Azure AD.

Refer following document to configure azure application
Azure Document https://connid.atlassian.net/wiki/spaces/BASE/pages/308674561/Azure [ConnID]
Create a new OAuth2 Application and provide the following configuration in Azure OAuth2 application.
Application will be created and now we will be able to configure.
Let us now click on Authentication tab on the left-hand side menu. We can choose account either in a single Organization Directory or multiple directory.
Click on Add a platform and we can add a new Redirect URI as “http://localhost”.
Further we can allow the Public Client flows.
Create a new Secret by first, clicking on Certificate and Secrets on the left-hand side menu, and then click on the “+ New Client secret” link, Enter Description and select the Expires option.
Provide the right permissions for the Connector to work by clicking on API Permissions tab on the left-hand side menu, then click on Add, then click on Microsoft Graph and then click on Application Permission and Delegated.
Search and select the following permissions/scopes in OpenID
1. APIConnectors.Read.All
2. Directory.ReadWrite.All
3. OpenID
4. PrivilegedAccess.Read.AzureAD
5. User.ReadWrite.All
We need to take consent from admin for getting access to Microsoft Graph API, Click on add permission, Click on “Grant Admin content for Unotech Software”, and finally Click on Yes.
Click on Expose an API and Click on Set to expose the API to be used by the Azure API client on the connector.

Configuration on Cymmetri Identity Platform for Azure provisioning

Click on Save, and test the connection.

Last updated 1 year ago