Skip to main content
Skip table of contents

Microsoft Azure Active Directory

Introduction

This guide explains how to setup Microsoft Azure for use with Cyclr, as well as installing a Microsoft Azure Active Directory Connector.

Setup & Authentication

Overview

If you intend for your customers to use a single application with the same set of permissions when they authenticate the Microsoft Azure Active Directory Connector in Cyclr, you can register a single application and set it’s details in your Cyclr Partner console.

If you intend for your customers to use their own application when they authenticate the Microsoft Azure Active Directory connector in Cyclr, they can register a single application and set it’s details when installing a a relevant template in Cyclr.

Remote Setup in Microsoft Azure - performed by Cyclr Partner

Go to your Microsoft Azure account and follow Microsoft’s guide here to register an application. Make sure to follow the Register application settings and Set application permissions sections below.

Remote Setup in Microsoft Azure - performed by your customer

Your customer should go to their Microsoft Azure account and follow Microsoft’s guide here to register an application. Make sure your customer follows Register application settings and Set application permissions sections below.

Register application settings

Use the following setting when creating an application:

  • When setting the Supported account types, select Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant).

  • When setting the Redirect URI (optional), enter your Cyclr service domain call-back URL. For example, https://{{Your Cyclr service domain e.g. http://app-h.cyclr.com }}/connector/callback. Set Select a platform to Web.

Set application permissions

From the Azure portal:

  1. Select App registrations.

  2. Select your application.

  3. Select API permissions.

  4. Select + Add a permission.

  5. Select Microsoft Graph.

  6. Select Delegated permissions.

  7. Use the checkboxes to select the required permissions, the Microsoft Azure Active Directory requires the following permissions:

Category

Permissions

Delta Queries

Group.Read.All, User.Read.All

Groups

Group.Read.All, GroupMember.Read.All

Organization

Organization.Read.All

People

People.Read.All

Places

Place.Read.All

Users

User.Read.All

  1. In addition, select the following permissions: offline_access, Directory.Read.All.

  2. Select Add permissions.

  3. Select Grand admin consent for <application name>.

  4. Select Yes.

Partner Setup in Cyclr Console

Having created an application within Microsoft Azure, go to your Cyclr Partner Console:

  1. Select Connectors > Application Connector Library.

  2. Select the Installation User Experience pencil icon next to the Microsoft Azure Active Directory Connector.

  3. Select the Settings tab.

  4. Enter the below values:

Property

Description

Client ID

The Application (client) ID from your application.

Client Secret

The Client secret from your application.

  1. Select Save.

If you leave these values blank, they must be provided each time the Connector is installed.

Cyclr Connector Installation

When installing the Microsoft Azure Active Directory Connector, the following values are used:

Property

Description

Client ID

The Application (client) ID from your or your customer's application.

Client Secret

The Client secret from your or your customer's application.

Additional Information

Use Delta Query methods in Cycles

The Delta Query methods can be found under the Delta Queries method category. These methods make use of a $skiptoken to incrementally return changed records. Use the following process to implement these methods in a Cycle. From a template:

  1. Add the following methods and Utility Connectors to the Cycle:

    1. Tools > Delay

    2. Utility Connectors > Quick Connector > HTTP Request

    3. Utility Connectors > Event Triggers > Webhook

    4. Application Connectors > Microsoft Azure Active Directory > Delta Queries > List Changes for Users/Groups

  2. Connect them as follows:

    image-20240126-154559.png

  3. For the Webhook step, select Step setup:

    1. Paste the following JSON into the Paste JSON edit box:

      JSON 
      {
    "$deltatoken": "string"
}

    2. Copy the webhook URL.

    3. Select Save.

  4. For the List Changes For Users step, select Step setup:

    1. Next to Delta Token, select Webhook from the dropdown box. The Delta Token value should automatically populate.

    2. Next to Select, select Type a Value from the dropdown box.

    3. Next to the Select edit box, enter the fields to both track changes for and to return.

    4. Select Close.

  5. For the Delay step, select Step setup:

    1. Next to the Wait… edit box, enter the duration to wait between requests when no more records are returned from the API. The dropdown box can be used to change the unit of time.

    2. Select Close.

  6. For the HTTP Request step, select Step setup:

    1. Set Method Type to Post.

    2. In the Endpoint edit box, enter the webhook URL copied in step 3b.

    3. Select the Add Method tab.

    4. Paste the following JSON into the JSON Request edit box:

      JSON 
      {
    "$deltatoken": "string"
}

    5. Select Next.

    6. Select Field Mapping.

    7. Next to Deltatoken, select List Changes For Users from the dropdown box.

    8. From the dropdown box that appears, select Delta Token.

    9. Select the Authenticate/Finish tab.

    10. Select Create.

    11. Select Close.

  7. Select Run to start the Cycle.

  8. From the HTTP Request step, select Test Step.

  9. Select Run.

The Cycle will now being to make requests, the delay will be used any time no more records are returned from the API.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close