Versions Compared

Old Version 4

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version 5

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The To manage Exchange, the EmpowerID Exchange Online PowerShell microservice uses Azure AD authentication to call the Azure API. For this to occur, you need register a new application (service principal) for EmpowerID in your Azure Active Directory. This topic takes you through the steps.

How to register an application for the Exchange Online Microservice in Azure AD

...

microservice requires a service principal application to be registered in the Exchange tenant to provide Azure AD authentication to the app service that hosts the Exchange microservice.

Register a service principal for app service auth

  1. In Azure, navigate to your Azure Active Directory.

  2. On the Azure Active Directory navbar, click App registrations.

    Image Removed

  3. On the App registrations page, click New registration.

    Image RemovedImage Added

  4. Name the application, select the scope for the application (single or multitenant), and click Register.

    Image RemovedImage Added

  5. Once the application is registered, click Overview and copy the Application (client) ID , and Directory (tenant) ID and Object ID from the application Overview page. These values are used later to to configure AD authentication for the Exchange Online App service.

    Image Removed

    The next step is to upload .

    Image Added

  6. Navigate to the Certificates & secrets blade for the application, select Certificates and then click Upload certificate.

    Image Added

  7. Upload the base-64 encoded certificate that you have selected to authenticate to the application.
    Insert excerptIL:Azure Cert RequirementsIL:Azure Cert Requirementsnopaneltrue

  8. Under Manage, click Certificates & secrets.

  9. Under Certificates, click Upload certificate and upload the base-64 encoded certificate.

    Image Removed

    Under Client secrets, click New client secret. The secret is used by the application to prove its identity when requesting a token. are using to secure HTTP traffic between EmpowerID and the microservice. The public key certificate that you upload to Azure must have a corresponding private key in the EmpowerID certificate store; otherwise, an error will occur when calling Azure’s API.

    Image Added

  10. Select Client secrets and click New client secret.

    Image Added

  11. Enter a Description for the client secret, select when the secret Expires and then click Add.

  12. Copy the value for the secret. You will use it to configure Azure Active Directory Authentication.

    Image Removed

    add this value to the Key Vault in your EmpowerID tenant.

Insert excerpt
IL:External Stylesheet
IL:External Stylesheet
nopaneltrue

...

Next Steps