You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.
Skip to end of banner
Go to start of banner

Register a service principal for the Azure AD SCIM Microservice in Azure AD

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

The SCIM microservice uses Azure AD authentication to call the Azure API. For this to occur, you need to register a new application (service principal) for EmpowerID in your Azure Active Directory.

Register a service principal

  1. n Azure, navigate to your Azure Active Directory.

  2. On the Azure Active Directory navbar, click App registrations.

  3. On the App registrations page, click New registration.

  4. Name the application, select the scope (single or multitenant), and click Register.

  5. Once the application is registered, copy the Application (client) ID and Directory (tenant) ID from the Overview page. These values are used later.

  6. Navigate to the Certificates & secrets blade for the application and upload the base-64 encoded certificate you are using to secure HTTP traffic between EmpowerID and the microservice. The public key certificate that you upload to Azure must have a corresponding private key in the EmpowerID certificate store; otherwise, an error will occur when calling Azure’s API.

  7. Under Client secrets, click New client secret.

  8. Enter a description for the secret, select the desired expiration time and click Add.

  9. Copy the Secret Value and Secret ID. You need these when setting up authentication.

Next Steps

Create an App Service for the SCIM microservice

Configure SCIM App Service Authentication

Publish the SCIM Microservice to Azure

Set Permissions for the SCIM Managed Identity

Connect EmpowerID to Azure Active Directory

  • No labels