Create new Azure App Registration for Anywhere365 Authentication
The Anywhere365 authentication protocol will hook into your Azure AD, which allows your users to login with their own O365 credentials on various Anywhere365 products. To do so, some pre-requisites steps must be made.
Create a new App Registration
Login on the Azure Active Directory portal and go to ‘App registrations’.
You can use the following URL: https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps
Select ‘New registration’
-
Provide a name
-
Select ‘Accounts in this organizational directory only ((tenant name) only – Single tenant)
-
Choose for a Web type Redirect URI and set the following URL: https://auth.anywhere365.cloud/auth/realms/<GUID GUID stands for Globally Unique Identifier and is a pseudo random number used in software applications that is assumed to be unique. The total number of unique keys (2<sup>128</sup> of 3.4028×10<sup>38</sup>) is very large and the probability of the creating the same GUID twice is very small, though not 100% guaranteed.>/broker/oidc/endpoint
Note: Replace <GUID> with the CRM Customer Relationship Management, or CRM, is (usually) a software-based, data management method to deal with interactions with customers and potential customers. ID provided by Anywhere365
Create a secret
Provide Anywhere365 with the ID and Value of the secret.
Change the Manifest
Go to the Manifest (within the Manage section) and change the value of the “groupMembershipClaims” with “SecurityGroup”
Grant App permissions
Now, grant the following permissions to the app. Please make sure a global tenant admin applies the ‘admin consent’ on the permissions.
Send the following information to Anywhere365:
-
Client ID and Secret (see step ‘Create a Secret”)
-
Application ID of the created application (See picture below)
-
Directory ID of the created application (See picture below)
-
OpenID Connect metadata document endpoint URL (See picture below)
Application ID and Directory ID
Open ID