Authentication

The Microsoft Azure Active Directory connector is authenticated with the OAuth2.0 protocol. You will need to register an application and provide the connector with that application’s Client ID (Application ID) and Client Secret.

Please follow Microsoft’s official guide to registering an applciation in Azure Active Directory. That documentation can be found here.

  • For “Supported account types” you should select “Accounts in any organizational directory (Any Azure AD directory - Multitenant)”
  • Redirect URI should be https://{{Your Cyclr service domain e.g. app-h.cyclr.com}}/connector/callback
  • Client ID (Application ID) is displayed in the overview of your created app
  • Generate a Client Secret by following these steps

Permissions must be set for the application. The following table details the permissions required for each method category in the connector.

Category Permissions
Groups Group.Read.All, GroupMember.Read.All
Organization Organization.Read.All
People People.Read.All
Places Place.Read.All
Users User.Read.All

In addition to the category specific permissions, you should add permissions for offline_access and Directory.Read.All.

To add these permissions in Azure Active Directory:

  1. From App registrations in the Azure portal select your application
  2. Select API permissions from the menu on the left
  3. Click + Add a permission. This will open the permissions menu add permission button
  4. From Microsoft APIs select Microsoft Graph and then Delegated permissions permissions menu permissions menu 2
  5. You will be presented with a series of permissions categories
  6. Select the checkboxes for the appropriate permissions and click Add permissions checked permission
  7. You must then Grant admin consent for orgnanization grant admin consent

Connector Setup

  1. Locate the Microsoft Azure Active Directory connector

    Cyclr Console > Connectors > Connector Library > Microsoft Azure Active Directory

  2. From the Edit Connector interface click ‘Setup’

  3. Enter your Client ID and Client Secret, click ‘Next’

  4. Click ‘Sign In’

  5. A new window will open prompting you to log in, select your Azure account and authorize access to the connector

The connector is now authenticated and ready to use.

Tags: connector
Edit me