Create new Azure App Registration for Anywhere365 Authentication

The Anywhere365 authentication protocol will hook into your Azure AD, which allows your users to login with their own O365 credentials on various Anywhere365 products. To do so, some pre-requisites steps must be made.

Create a new App Registration

You can use the following URL: https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps

Select ‘New registration’

Provide a name
Select ‘Accounts in this organizational directory only ((tenant name) only – Single tenant)
Choose for a Web type Redirect URI and set the following URL: https://auth.anywhere365.cloud/auth/realms/<GUID GUID stands for Globally Unique Identifier and is a pseudo random number used in software applications that is assumed to be unique. The total number of unique keys (2<sup>128</sup> of 3.4028×10<sup>38</sup>) is very large and the probability of the creating the same GUID twice is very small, though not 100% guaranteed.>/broker/oidc/endpoint

Note: Replace <GUID> with the CRM Customer Relationship Management, or CRM, is (usually) a software-based, data management method to deal with interactions with customers and potential customers. ID provided by Anywhere365

Create a secret

Provide Anywhere365 with the ID and Value of the secret.

Change the Manifest

Go to the Manifest (within the Manage section) and change the value of the “groupMembershipClaims” with “SecurityGroup”

Grant App permissions

Now, grant the following permissions to the app. Please make sure a global tenant admin applies the ‘admin consent’ on the permissions.

Send the following information to Anywhere365:

Client ID and Secret (see step ‘Create a Secret”)
Application ID of the created application (See picture below)
Directory ID of the created application (See picture below)
OpenID Connect metadata document endpoint URL (See picture below)