You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.

Skip to end of banner
Go to start of banner

Connect Azure License Manager to Azure AD

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

In order to bring the user, group and license data in your Azure AD into Azure License Manager, you need to create a tenant for for your Azure AD in ALM.

To create an Azure AD tenant in ALM

  1. On the navbar, expand Azure License Manager and click Configuration.

  2. Select the Tenants tab and then click the Add New Tenant button above the grid.

  3. In the Tenant form that appears, fill in the following information:

    1. Account Store Name — Enter a name for the Azure AD tenant you are creating.

    2. App Service Url — Enter the URL for the Azure App Service. This is the base URL on the App service on the portal. EmpowerID uses this URL to make all calls to the EmpowerID SCIM microservice.

    3. Application ID — Enter the Application ID for the EmpowerID application you registered for EmpowerID in Azure AD.

    4. Tenant ID — Enter the ID of your Tenant. EmpowerID uses this to get the context for the submitting the access token that is used to inventory the resources in Azure and perform authorized CRUD operations against those resources.

    5. Auth Certificate Thumbprint — Enter the thumbprint of the certificate you uploaded for the application you registered for EmpowerID in Azure AD and added to the EmpowerID Identity Warehouse. The thumbprint ensures that whenever the SCIM microservice calls are made for the account store, the handshake with Azure completes and an access token is granted.

  4. When ready, click Save to create the tenant.


    You should see the tenant in the grid.

Now that the tenant has been created, the next steps include configuring the account store and enabling EmpowerID to inventory it.

To configure account store settings

  1. From the Account Stores tab of the Account Stores and Systems page, search for the account store you just created and click the Account Store link for it.

  2. On the Account Store and Resource System page, click the Account Store tab and then click the pencil icon to put the account store in edit mode.


    This opens the edit page for the account store. This page allows you to specify the account proxy used to connect EmpowerID to your Azure AD as well as how you want EmpowerID to handle the user information it discovers during inventory. Settings that can be edited are described in the table below the image.

IN THIS ARTICLE

  • No labels