- 1 Minute to read
- Print
- DarkLight
- PDF
Azure AD integration with Anchor
- 1 Minute to read
- Print
- DarkLight
- PDF
In the current architecture, Anchor has the means to sync existing Windows Server Active Directory objects to an Azure Active Directory using Azure AD Connect. Once the objects are synced to your Azure AD, a simple Enterprise Application on Azure AD allows Anchor to Authenticate and Authorize users.
Setup:
This section will help you setup an Enterprise Application on Azure AD assuming you already have Azure AD connect setup. If you are looking to setup Azure AD connect please follow this guide.
Azure Enterprise Application:
1. Login to your Azure Portal with Admin Credentials or with a user who has permissions to create an Enterprise Application.
2. Navigate to Azure Active Directory Window.
3. In the Azure Active Directory page, select Enterprise Applications.
4. You should see all the applications that are currently setup on your domain. Select New Application as shown below.
5. Select Create your own application.
6. Input name and select register an app to integrate with azure ad (app your developing). Select Create when finished.
7. You will be directed to the Register an application page. Input the Redirect URI as https://anchormydata.us.auth0.com/login/callback and select Register.
8. Return to the App Registrations page and click on the Anchor app.
9. The app overview page will open. In this page make a note of the Client ID and Tenant ID to share with the Anchor team.
10. In the app overview page, select Certificates & Secrets and select New Client Secret. Assign an appropriate name and expiration period when prompted and select Add.
11. Please copy the client secret you created in the previous step and share it with support@datanchor.io along with Client ID, secret key, and Tenant ID.
12. Select API permissions followed by Add a permission.
13. Select Microsoft Graph.
14. Select Application Permissions and add In the following permissions:
- User -> User.Read.All
- Group->Group.Read.All
- Directory->Directory.Read.All
15. Permissions for the Application should look as shown below. Once you verify the permissions, select Grant Admin consent.
Application setup is now complete.