Microsoft Azure AD
Microsoft Azure AD Configuration
This session shows how to register an OIDC Web application on Microsoft Azure AD portal. When registering the application, we are getting the following three values that are needed for later configuration in Datawiza Cloud Management Console (DCMC):
- Tenant ID
- Application (client) ID
- Client Secret
Get Tenant ID
- Find
Tenant ID
on your Azure AD's overview portal.
App registration in Azure
Choose
App Registrations
from the left side bar and create a new Registration by clickingNew registration
.Create an Application as follow:
- Name: e.g.,Test App 1
- Redirect Url:
http://localhost:9772/datawiza/authorization-code/callback
- You should choose different
Supported Account Types
based on whom you want to allow to use this application or access this API. You can click Help me choose... for more details. In this tutorial, we only allow all user and guest accounts in your directory to use your application or API, so we choose Accounts in this organizational directory only (datawiza only - Single tenant) as the example. - Click
Register
- Save the "Application ID" after you successfully registered the Application
In the same application you just created, choose
Certificates & secrets
from the left side bar and create a New client secret by clicking+ New client secret
.- Specify the default 6 months
- Save the "Client Secret Value" after you successfully created a new client secret
(Optional) If you want the Access Proxy can extract group info, in the application you just created, choose
API permissions
from the left side bar.User.Read
should already be configured by default. You can findGroup.Read.All
under:Add a Permission
-->Microsoft Graph
-->Delegated Permissions
-->Group
-->Group.Read.All
. Please keep in mind, only administrator can grant this permission.
Summary
We have shown how to register a web
application on azure AD. Please make sure to save following three values for later setting in Datawiza Cloud Management Console.
- Tenant ID
- Application (client) ID
- Client Secret
Reference
Create a new tenant in Azure Active Directory
View your organization's groups and members in Azure Active Director