Versions Compared

Old Version 1

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version 2

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

As an Azure application owner, you can create client certificates in Azure for the application from Resource Adminfor your applications in Resource Admin. EmpowerID fulfills the request by uploading the certificate to Azure on your behalf.

Note

As a prerequisite to assigning a certificate to an Azure application, the private key for the certificate needs to be uploaded to the EmpowerID certificate store. This is necessary for EmpowerID to call the Graph API on your behalf.

...

  1. Log in to Resource Admin.

  2. Select Applications from the Resource Type menu and search for the Azure application you want to manage.

  3. Click the Friendly Name link for the application.

    Image RemovedImage Added

    This directs you to the Overview page for the application.

    Image RemovedImage Added

     

  4. Click Client Certificates and then expand the Actions accordion.

  5. Click the Create Azure Application Certificate action.

    Image RemovedImage Added


    This opens the Create Azure Application Client Certificate wizard to the Client Certificate Details form.

    Image RemovedImage Added

  6. Enter the following information in the form:

    • Certificate Name – Name of the certificate

    • Certificate Description – Description of the certificate

    • Secret Expiration – Select an expiration date for the secret

    • Certificate Base64 Encoded String – Paste in the base64 encoded string for the certificate

    • Select Location – Select a location for the certificate in EmpowerID. Default Organization is selected by default; if you wish to change this, click the Default Organization link and then search for and choose the desired location from the Location tree.

    • Vault this certificate – Select this option to store the certificate in EmpowerID

    • Enable sharing – Select this option to allow others to request access to the certificate; if this option is not selected, users cannot view or perform any actions against the certificate in EmpowerID

    • Client Secret Owner – Search for and select an EmpowerID Person to be the owner of the certificate. This is internal to EmpowerID and has no meaning in Azure; however, the field is bound to people who have accounts in the specified Azure tenant.

    • Pre-approve access for owner – Select this option to allow the owner access to the certificate without requiring further human approval.

  7. Click Next.

  8. Review the summary and click Submit when ready.

  9. Click Submit to close the fulfillment status message.

...