Authentication

The Microsoft Azure Active Directory connector is authenticated with the OAuth2.0 protocol. You will need to register an application and provide the connector with that application’s Client ID (Application ID) and Client Secret.

Please follow Microsoft’s official guide to registering an application in Azure Active Directory. That documentation can be found here.

  • For “Supported account types” you should select “Accounts in any organizational directory (Any Azure AD directory - Multitenant)”
  • Redirect URI should be https://{{Your Cyclr service domain e.g. app-h.cyclr.com}}/connector/callback
  • Client ID (Application ID) is displayed in the overview of your created app
  • Generate a Client Secret by following these steps

Permissions must be set for the application. The following table details the permissions required for each method category in the connector.

Category Permissions
Groups Group.Read.All, GroupMember.Read.All
Organization Organization.Read.All
People People.Read.All
Places Place.Read.All
Users User.Read.All

In addition to the category specific permissions, you should add permissions for offline_access and Directory.Read.All.

To add these permissions in Azure Active Directory:

  1. From App registrations in the Azure portal select your application
  2. Select API permissions from the menu on the left
  3. Click + Add a permission. This will open the permissions menu add permission button
  4. From Microsoft APIs select Microsoft Graph and then Delegated permissions permissions menu permissions menu 2
  5. You will be presented with a series of permissions categories
  6. Select the checkboxes for the appropriate permissions and click Add permissions checked permission
  7. You must then Grant admin consent for organization grant admin consent

Connector Setup

To allow your clients to access their own data through your Active Directory App, you must save the Client ID and Client Secret values in your Cyclr Console.

  1. Locate the Microsoft Azure Active Directory connector

    Cyclr Console > Connectors > Application Connector Library > Microsoft Azure Active Directory

  2. From the Edit Connector interface click ‘Setup’

  3. Enter your Client ID and Client Secret then click ‘Save Changes’

The Microsoft Azure Active Directory Connector can now be installed and the user will only be asked to authenticate your App.

Tags: connector
Edit me