Create new Azure App Registration for Anywhere365 Authentication
The Anywhere365 Authentication protocol will hook into your Microsoft Entra ID Formerly known as Azure Active Directory (or Azure AD, or AAD), which then allows your users to login with their own Microsoft 365 credentials on various Anywhere365 products. This is accomplished using the following procedure.
Create a new App Registration
Login on the Microsoft Entra ID Formerly known as Azure Active Directory (or Azure AD, or AAD) portal and go to ‘App registrations’.
You can use the following URL:
Select ‘New registration’
- Provide a name
- Select ‘Accounts in this organizational directory only (<tenant name> only – Single tenant)
- Choose for a Web type Redirect URI and set the following URL:
Note: Replace <GUID GUID stands for Globally Unique Identifier (format is always like 2ed153b4-f632-4766-b846-5b2a769b36d1) and is a pseudo random number used in software applications that is assumed to be unique. The total number of unique keys (2<sup>128</sup> of 3.4028×10<sup>38</sup>) is very large and the probability of the creating the same GUID twice is very small, though not 100% guaranteed. The term GUID is generally used by developers working with Microsoft technologies, while UUID is used everywhere else.> with the "Anywhere365 Tenant ID A Unique GUID tied to your Anywhere365 subscription for your Tenant. This Tenant ID is created upon your registration with Anywhere365 and remains the same during your entire lifetime with Anywhere365." (a fixed value tied to your account) provided by your Anywhere365 contact
Create a secret
Note: The Expiration time of a Secret for Apps can be set to a maximum of 2 years. Learn More - Microsoft
Provide Anywhere365 with Value of the secret.
Change the Manifest
Go to the Manifest (within the Manage section of the App Registration) and change the value of the “groupMembershipClaims” to “SecurityGroup”
Grant App permissions
Now, grant the following permissions to the app. Please make sure a global tenant admin applies the ‘admin consent’ on the permissions.
Send the following information to Anywhere365:
- Secret (see step ‘Create a Secret”)
- Application ID of the created application (See picture below)
- Directory ID of the created application (See picture below)