Difference between revisions of "Azure App Registration Instructions"
| Line 1: | Line 1: | ||
Please find below OUR instructions to set up an Azure app - to be used for user imports. | Please find below OUR instructions to set up an Azure app - to be used for user imports. | ||
| + | |||
Please refer to Microsoft documentation and advice on permissions/settings and act accordingly. The method outlined below is merely a guideline, it is '''NOT''' mandated/definitive. | Please refer to Microsoft documentation and advice on permissions/settings and act accordingly. The method outlined below is merely a guideline, it is '''NOT''' mandated/definitive. | ||
| − | Select Azure Active Directory from within the Azure portal: | + | Select Azure Active Directory from within the Azure portal:<br clear=all> |
| − | |||
| − | + | [[File:Azure Setup - Step 1.png|left|Azure Active Directory]] | |
| − | [[File:Azure Setup - Step | + | <br clear=all> |
| − | Provide a Name for the application, select appropriate account type and Register. | + | Click on "New registration" within "App registrations"<br clear=all> |
| − | [[File:Azure Setup - Step 3.png| | + | |
| + | [[File:Azure Setup - Step 2.png|left|App Registration]] | ||
| + | <br clear=all> | ||
| + | |||
| + | Provide a Name for the application, select appropriate account type and Register.<br clear=all> | ||
| + | |||
| + | [[File:Azure Setup - Step 3.png|left|Register Application]] | ||
| + | <br clear=all> | ||
Once created, there are some API permission which first need to be given: | Once created, there are some API permission which first need to be given: | ||
| − | We have found that the following permissions need to be granted within Azure, though these could differ for yourselves, so please rely on your own expertise. '''Application permissions''' on: ''Group.Read.All, GroupMember.Read.All, Team.ReadBasic.All, TeamMember.Read.All, User.Read.All''. '''Delegated permission''' on ''User.Read''. | + | We have found that the following permissions need to be granted within Azure, though these could differ for yourselves, so please rely on your own expertise. |
| − | [[File:Azure Setup - Step 4.png| | + | |
| + | '''Application permissions''' on: ''Group.Read.All, GroupMember.Read.All, Team.ReadBasic.All, TeamMember.Read.All, User.Read.All''. | ||
| + | |||
| + | '''Delegated permission''' on ''User.Read''.<br clear=all> | ||
| + | |||
| + | [[File:Azure Setup - Step 4.png|left|API Permissions]] | ||
| + | <br clear=all> | ||
| + | |||
| + | The permission settings need confirming by "Granting admin consent"<br clear=all> | ||
| + | |||
| + | [[File:Azure Setup - Step 5.png|left|Granting Consent]] | ||
| + | <br clear=all> | ||
| − | The | + | The Client Secret is the VALUE of the newly created Secret<br clear=all> |
| − | [[File:Azure Setup - Step | + | [[File:Azure Setup - Step 6.png|left|New Client Secret]] |
| + | <br clear=all> | ||
| − | The Client | + | The Client ID can be found, alongside the Tenant ID within the Overview section (as "Application (client) ID" and "Directory (tenant) ID" respectively.<br clear=all> |
| − | |||
| − | + | [[File:Azure Setup - Step 7.png|left|Client ID & Tenant ID]] | |
| − | [[File:Azure Setup - Step 7.png| | ||
Revision as of 15:55, 2 August 2021
Please find below OUR instructions to set up an Azure app - to be used for user imports.
Please refer to Microsoft documentation and advice on permissions/settings and act accordingly. The method outlined below is merely a guideline, it is NOT mandated/definitive.
Select Azure Active Directory from within the Azure portal:
Click on "New registration" within "App registrations"
Provide a Name for the application, select appropriate account type and Register.
Once created, there are some API permission which first need to be given: We have found that the following permissions need to be granted within Azure, though these could differ for yourselves, so please rely on your own expertise.
Application permissions on: Group.Read.All, GroupMember.Read.All, Team.ReadBasic.All, TeamMember.Read.All, User.Read.All.
Delegated permission on User.Read.
The permission settings need confirming by "Granting admin consent"
The Client Secret is the VALUE of the newly created Secret
The Client ID can be found, alongside the Tenant ID within the Overview section (as "Application (client) ID" and "Directory (tenant) ID" respectively.
