Here, we want to show you the Steps to create an Azure App Registration as a prerequisite for using the au2mator Self-Service Portal with Entra ID Integration.
TABLE OF CONTENTS
- Step 1: Create Azure App Reg
- Step 2: Token Configuration
- Step 3: Secret
- Step 4: Expose an API
- Step 5: Permissions
- Step 6: Logo
- Step 7: Admin Consent
- Step 8:Redirect URIs
Step 1 to Step 6 can be done with a PowerShell Script we provide here: au2mator-PS-Templates/AppReg.ps1 at main · au2mator/au2mator-PS-Templates After you executed the Script, continue with Step 7 and 8
Step 1: Create Azure App Reg
- Log in to Azure Portal to create a new Azure App Reg: App registrations - Microsoft Azure.
- Please enter a Name and keep the other Settings as it is
- Accounts in this organizational directory only (au2mator GmbH only - Single tenant)
- Redirect URI: empty
Step 2: Token Configuration
- Navigate to "Token Configuration"
- Click "Add optional claim"
- Select "Access"
- choose "upn"
- Click "Add"
- Click "Add" and do not check "Turn on the Microsoft Graph profile permission (required for claims to appear in token"
- Click the "..." at the new Entry and select "Edit"
- Activate "Externally authenticated " and click "Save"
Step 3: Secret
- Navigate to "Certificates&secrets"
- Click "New client secret"
- Enter a Description and select an expiration Date
- Click "Add"
- Note the Secret Value and keep it for later
Step 4: Expose an API
- Navigate to "Expose an API"
- Click "Add a Scope"
- Click "Save"
- Enter "Access" in the "Scope Name"
- Select "Admins only" at "Who can consent? "
- Fill the Rest with meaningful Values.
Step 5: Permissions
- Navigate to "API Permissions"
- Click "Add a Permission"
- Choose "Microsoft Graph"
- Select "Application Permissions"
- Directory.Read.All
- Group.Read.All
- User.Read.All
- Select "Application Permissions"
- Click "Add Permission"
- One more time, click "Add a Permission"
- Select "APIs my organization uses"
- Enter the name of this App Reg and select your App Reg
- Select the "Access" Permission we created in Step 4
Step 6: Logo
- Navigate to "Branding & properties"
- upload a logo
- The au2mator Logo for App Reg can be downloaded here
Step 7: Admin Consent
- Navigate to "API Permissions"
- Click "Grant admin consent for au2mator GmbH"
- Click "Yes" at the Confirmation Screen
Step 8:Redirect URIs
- Navigate to "Authentication"
- Click "Add a platform"
- Select "Single-page application"
- Enter the Main full URL, your au2mator Portal is accessible, also localhost, example "https://au2matorserver.domain.local"
- Select "Access tokens (used for implicit flows)" and "ID tokens (used for implicit and hybrid flows)"
- Click "Configure"
- Add every possible URL under the "Single-page application"
- Click "Save" at the end
Now you have all the necessary settings to continue the Setup. For the Setup, you need
- Secret Value from Step 3
- Application (client) ID - Navigate to Overview
- Directory (tenant) ID - Navigate to Overview
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article