Configure Azure AD:
-
Login to portal.azure.com with an user account that has access to the Azure Active Directory
-
Go to the Azure Active Directory
- Create a new registration (click on 'App-Registrations')
- Select Name: amberSearch
- Leave URL empty
- Create a new registration (click on 'App-Registrations')
-
Add redirect URL (by clicking on 'Redirect URL's' button on the Overview Page)
- Go to Authentication
- Add a platform
- Choose Web
- Input
AUTHENTICATION_URL
- This will be provided by amberSearch. (If more than one is provided, they should all be added)
-
Create a client secret at the "Certificates & secrets" Page
- Go to "Certificates & secrets"
- Click on "New client secret"
- Set expiration period of 2 years
-
Provide the Value of the secret and its secret ID (optional) to amberSearch Team (see form below or sent it to us via IT@ambersearch.de)
-
Request Graph API Delegated Permissions for the following resource:
- Go to API permissions
- Add a permission
- Choose Microsoft Graph, then choose delegated permissions
- Request permission for the following resource(s):
- User.Read
- Note: If Azure pre-sets the permission, then you don't need to add it.
-
Request Graph API Application Permissions for the following resources:
- Go to API permissions
- Add a permission
- Choose Microsoft Graph and then Application permissions
- Request permission for the following resources:
- Group.Read.All
- GroupMember.Read.All
- User.Read.All
- Directory.Read.All
-
Grant admin consent for the required permissions
-
-
Expected outcome / what the amberSearch Team needs for a successful set up:
- tenant URL
- tenant ID
- client ID
- Value of the secret (also known as client Secret)
- secret ID (optional)
- Please enter the values in the form below. If the form doesn't load, you can also access it here. We will automatically be notified:
-
Note: For security reasons, we do not ask you for the value of the secret and the secret ID via the form. Instead, we kindly ask you to send it to us via message in Teams or via phone +49 176 6655 6358 (The mobile number of amberSearch's IT department). If you choose to send the information via phone please include your name/company name so we know who to link with that number.
Final Checklist
The following values must be provided to the amberSearch Team:
Tenant URL
Tenant ID
Client ID
Value of the secret (also known as Client Secret) is sent via SMS or Teams Message to amberSearch team
secret ID
User.Read -The Graph API delegated permission is granted
Group.Read.All - The Graph API application permission is granted
GroupMember.Read.All - The Graph API application permission is granted
User.Read.All - The Graph API application permission is granted
If you need assistance please reach out to us via IT@ambersearch.de
Comments
0 comments
Please sign in to leave a comment.