Tip |
---|
This article only applies if you are not using EmpowerID SaaS. |
If you are self-hosting not using EmpowerID SaaS and want EmpowerID to manage one or more of your SharePoint tenants, in addition to deploying the SharePoint Online microservice in each SharePoint tenant, you need to follow the process outlined configure one of those tenants as described in this article and configure an Azure tenant with the below components for EmpowerID to inventory your SharePoint Online (SPO) data.
...
SharePoint Online Azure Component | Purpose |
---|---|
Key Vault |
|
Cosmo DB |
|
Az General Service App Service with Managed Identity |
|
Storage Account |
|
Service Bus |
|
Web Jobs App Service with Managed Identity |
|
SPO Functions Function App with Managed Identity |
|
...
Create a Linux app service plan.
Add an app service for the Az General Services AzGeneralServices microservice to the Linux app service plan with the following general settings:
Stack – .NET
Major version – .NET Core 3
FTP state – All allowed
HTTP version – 1.1
Web sockets – Off
Always on – Off
ARR affinity – Off
Debugging – Off
Client certificate mode – Ignore
Turn on system managed identity for the app service and download the publish profile from the overview blade.
In EmpowerID, publish the Az General Services AzGeneralServices microservice to Azure.
Create a service principal in Azure active directory with the following settings:
Secret – Create a secret for the service principal and copy the value for later use.
Configure the service principal for Azure AD authentication.
Return to the Cosmos DB account created earlier and create a new container and DB for the AZ General Services microservice with the below settings. The DB will be used by the service to persist data whenever EmpowerID makes a call to the service.
Database Id – AzureGeneralService
Container Id – AzureGeneralService
Partition key – id
...