Skip to main content

Microsoft Azure AD

About 1 min

Microsoft Azure AD Configuration

This session shows how to register an OIDC Web application on Microsoft Azure AD portal. When registering the application, we are getting the following three values that are needed for later configuration in Datawiza Cloud Management Console (DCMC):

  • Tenant ID
  • Application (client) ID
  • Client Secret

Get Tenant ID

  1. Find Tenant ID on your Azure AD's overview portal. Azure Directory Overview

App registration in Azure

  1. Choose App Registrations from the left side bar and create a new Registration by clicking New registration. Azure Directory Add New App 1

  2. Create an Application as follow:

    • Name: e.g.,Test App 1
    • Redirect Url: http://localhost:9772/datawiza/authorization-code/callback
    • You should choose different Supported Account Types based on whom you want to allow to use this application or access this API. You can click Help me choose... for more details. In this tutorial, we only allow all user and guest accounts in your directory to use your application or API, so we choose Accounts in this organizational directory only (datawiza only - Single tenant) as the example.
    • Click Register
    • Save the "Application ID" after you successfully registered the Application Azure Directory Add New App 2
  3. In the same application you just created, choose Certificates & secrets from the left side bar and create a New client secret by clicking + New client secret.

    • Specify the default 6 months
    • Save the "Client Secret Value" after you successfully created a new client secret Azure Directory Create New Client Secret
  4. (Optional) If you want the Access Proxy can extract group info, in the application you just created, choose API permissions from the left side bar. User.Read should already be configured by default. You can find Group.Read.All under: Add a Permission --> Microsoft Graph --> Delegated Permissions --> Group --> Group.Read.All. Please keep in mind, only administrator can grant this permission. Azure Directory Grant API Admin Consent

Summary

We have shown how to register a web application on azure AD. Please make sure to save following three values for later setting in Datawiza Cloud Management Console.

  • Tenant ID
  • Application (client) ID
  • Client Secret

Reference

Create a new tenant in Azure Active Directoryopen in new window
View your organization's groups and members in Azure Active Directoropen in new window