These are the steps for creating a custom application in the Azure directory:
1. Login to the Azure portal and navigate to: Azure Active Directory -> Enterprise Applications -> All applications.
2. Press New application button and then choose Application you’re developing.
3. Click the link: Ok, take me to App Registrations to register my new application.
4. Press the left top button: New registration.
5. The below screen is opened.
Name represents the name of the application.Supported account type Please select the option Accounts in any organizational directory (Any Azure AD directory – Multitenant).Redirect URI Please select from the left drop down Public client/native (mobile & desktop). The right text field value should match this pattern: https://[domain:port]/callback/azure.
The domain and the port should the same with the ones of SAFEQ Cloud Website URL.
For example, if the SAFEQ Cloud Web URL is https://myapp.ysoft.cloud:8443, then the value should be: https://myapp.ysoft.cloud:8443/callback/azure
After all the fields are filled in, click the Register button.
6. On the page below you can select the Application (client) ID.
7. Go to the SAFEQ Cloud Web UI and navigate to the Client Authentication provider edit page.
Custom application id field should have the value of the Application (client) ID from the new created application (see step 6).
For the Callback domain for custom application drop-down select the domain that matches the one from the Redirect URIs that is already added on Azure application. The pre-selected value represents the domain from the SAFEQ Cloud Web URL. For adding or updating the Azure Redirect URIs, you should go back to the Redirect URIs page in Azure portal (from step 6, click on the Redirect URIs)
8. Go to the SAFEQ Cloud Web UI and navigate to the Client Authentication provider view page.
After pressing the Sync Groups button, user should accept all the required permissions. After those were accepted, the sync groups operation is done. The accept permissions screen will not be visible and required each time the admin syncs groups for the same account/application.
9. Navigate to access control page.
Select the previous Client Authentication provider and press SEARCH button. Then, the default group Authenticated Users and the Azure groups are visible.
All these groups can be used in access controls to enable permissions for authenticated users.
Post your comment on this topic.