Versions Compared

Old Version 1

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version 2

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The SCIM microservice uses Azure AD authentication to call the Azure API. For this to occur, you need register a new application (service principal) for EmpowerID in your Azure Active Directory.

How to register an application for the SCIM Microservice in Azure AD

...

Log in to your Azure portal as a user with the necessary permissions to create an application in Azure AD.

...

Register a service principal

  1. n Azure, navigate to your Azure Active Directory.

  2. On the Azure Active Directory navbar, select click App registrations.

    Image Removed

  3. On the App registrations page, select click New registration.

    Image RemovedImage Added

  4. Name the application, select the scope for the application (single or multitenant) and click Register.

    Image Removed

  5. Once the application is registered, copy the Application (client) ID , and Directory (tenant) ID and Object ID from the application Overview page. These values are used later to to configure the SCIM App service.

    Image RemovedThe next step is to upload a base-64 encoded certificate to authenticate to the application.
    Insert excerptIL:Azure Cert RequirementsIL:Azure Cert Requirementsnopaneltrue

  6. Under Manage, select Certificates & secrets.

  7. Select Upload certificate .

  8. Navigate to the Certificates & secrets blade for the application and upload the base-64 encoded certificate .

    Image Removed

  9. Under Client secrets, select New client secret. The secret is used by the application to prove its identity when requesting a token.

    Image Removed

  10. Enter a Description for the client secret, select when the secret Expires and then click Add.

    Image Removed

  11. Copy the secret value. You will use it to configure Azure Active Directory Authentication.

    Image Removed

    you are using to secure HTTP traffic between EmpowerID and the microservice. The public key certificate that you upload to Azure must have a corresponding private key in the EmpowerID certificate store; otherwise, an error will occur when calling Azure’s API.

  12. Add a client secret and copy the value. You need this when setting up authentication.

...

Next Steps

Create an App Service for the SCIM microservice

Configure SCIM App Service Authentication

Publish the SCIM Microservice to Azure

Set Permissions for the SCIM Managed Identity

...