Skip to main content

Microsoft Entra ID (Azure AD)

About 2 min

Microsoft Entra ID (Azure AD) Configuration

This session shows how to register an OIDC Web application on Microsoft Entra ID (Azure AD) portal. When registering the application, we are getting the following three values that are needed for later configuration in Datawiza Cloud Management Console (DCMC):

  • Tenant ID
  • Application (client) ID
  • Client Secret

Get Tenant ID

  1. Find Tenant ID on your Microsoft Entra ID's overview portal. Microsoft Entra ID SSO | Overview

App registration in Azure

  1. Choose App Registrations from the left side bar and create a new Registration by clicking New registration. Microsoft Entra ID SSO | Add New App 1

  2. Create an Application as follow:

    • Name: e.g.,Test App 1
    • Redirect Url: http://localhost:9772/datawiza/authorization-code/callback
    • You should choose different Supported Account Types based on whom you want to allow to use this application or access this API. You can click Help me choose... for more details. In this tutorial, we only allow all user and guest accounts in your directory to use your application or API, so we choose Accounts in this organizational directory only (datawiza only - Single tenant) as the example.
    • Click Register
    • Save the "Application ID" after you successfully registered the Application Microsoft Entra ID SSO | Add New App 2

  3. In the same application you just created, choose Certificates & secrets from the left side bar and create a New client secret by clicking + New client secret.

    • Specify the default 6 months
    • Save the "Client Secret Value" after you successfully created a new client secret Microsoft Entra ID SSO | Create New Client Secret

  4. (Optional) If you want the Datawiza Access Proxy can extract group info, in the application you just created, choose API permissions from the left side bar. User.Read should already be configured by default. You can find Group.Read.All under: Add a Permission --> Microsoft Graph --> Delegated Permissions --> Group --> Group.Read.All. Please keep in mind, only administrator can grant this permission. Microsoft Entra ID SSO | Grant API Admin Consent

Summary

We have shown how to register a web application on Microsoft Entra ID. Please make sure to save following three values for later setting in Datawiza Cloud Management Console.

  • Tenant ID
  • Application (client) ID
  • Client Secret

Reference

Create a new tenant in Microsoft Entra IDopen in new window
View your organization's groups and members in Microsoft Entra IDopen in new window

Copyright © 2024 Datawiza Technologies Inc