Create new Azure App Registration for Anywhere365 Authentication

Introduction

The Anywhere365 authentication protocol will hook into your Azure AD, which allows your users to login with their own O365 credentials on various Anywhere365 products. To do so, some pre-requisites steps must be made.

 

Create a new App Registration

Login on the Azure Active Directory portal and go to ‘App registrations’.

You can use the following URL: https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps

Select ‘New registration’

 

• Provide a name

• Select ‘Accounts in this organizational directory only ((tenant name) only – Single tenant)

• Choose for a Web type Redirect URI and set the following URL: https://auth.anywhere365.cloud/auth/realms/<GUID GUID stands for Globally Unique Identifier and is a pseudo random number used in software applications that is assumed to be unique. The total number of unique keys (2¹²⁸ of 3.4028×10³⁸) is very large and the probability of the creating the same GUID twice is very small, though not 100% guaranteed.>/broker/oidc/endpoint

  Note: Replace <GUID> with the tenant ID provided by Anywhere365

 

Create a secret

Provide Anywhere365 with the ID and Value of the secret.

 

Change the Manifest

Go to the Manifest (within the Manage section) and change the value of the “groupMembershipClaims” with “SecurityGroup”

 

Grant App permissions

Now, grant the following permissions to the app. Please make sure a global tenant admin applies the ‘admin consent’ on the permissions.

 

Send the following information to Anywhere365:

• Client ID and Secret (see step ‘Create a Secret”)

• Application ID of the created application (See picture below)

• Directory ID of the created application (See picture below)

• OpenID Connect metadata document endpoint URL (See picture below)

 

Application ID and Directory ID

 

Open ID

 

---

Did you find this page helpful?

Yes No