You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.
Skip to end of banner
Go to start of banner

Create a key vault

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

The SharePoint Online microservice requires a key vault with a certificate for certificate-based authentication between the microservice and the service principal registered for it. Additionally, the key vault needs to configured with an access policy that grants key, secret and certificate permissions to assigned applications. These permissions will be granted to the SharePoint Online app service hosting the microservice.

Create the key vault and certificate

  1. In Azure, create a key vault.

  2. Navigate to the Certificate page for the key vault and generate a self-signed certificate for it.

  3. Download the certificate in CER format. You will add this to the service principal you created for the SharePoint Online microservice.

Add access policy to the key vault

  1. Add an access policy to the key vault with the below Key, Secret and Certificate permissions.

    • Key Permissions

      • Get

      • Decrypt

      • Unwrap Key

      • Verify

    • Secret Permissions

      • Get

      • List

      • Set

      • Delete

      • Purge

    • Certificate Permissions

      • Get

  2. Select the SharePoint Online app service you created earlier as the service principal.

Upload the certificate to the service principal

  1. Navigate to the Certificates & Secrets blade for the service principal you registered for the SharePoint Online microservice.

  2. Upload the certificate you downloaded from the key vault.

IN THIS ARTICLE

  • No labels