Skip to main content

Connect to Azure AD

Connect and integrate your Azure AD user store into your AdminX tenant. Once integrated, all your Azure AD users can be managed from AdminX.

Prerequisites for Azure

AdminX and BlockID integrate with Azure AD natively using Microsoft Graph. To set up this integration, we need to create a few things in Azure.

tip

Please ensure that your Azure environment has permission to perform the following steps

Creating the Application Registration

Navigate to https://portal.azure.com/ and log in using your Azure credentials. Once you are logged in, scroll down to Azure services.

Click Azure Active Directory

From the application Overview page, click the App registrations link, located partway down on the left-hand menu, under the section titled Manage

From the App registrations page, click New registration

You should now be on the page titled Register an application.

Enter a user-facing display name for your application. For this example, we are using the name Test Demo Wiki.

Under Supported account types, leave the first option selected - Accounts in this organizational directory only (application name only - Single-tenant)

Leave the Redirect URI blank.

Review your selections and then click Register

Once the app is registered, you will be redirected to the page listing various details. Make a note of or copy the Application (client) ID as we will need this to configure AdminX for Azure AD.

Creating the Application Secret

From the same application overview page, click the Certificates & secrets link located on the left-hand menu, under Manage.

From Certificates & secrets click New client secret. Enter a name in the Description box, and select how soon the secret should expire.

Click Add.

You will now see your secret listed under Client secrets. Make a note of, or copy the Value parameter. We will need this secret to configure AdminX for Azure AD.

Creating the Application Permissions

Next, we need to ensure the Allow public client flows option is enabled. Click the Authentication link located on the left-hand menu under Manage.

Scroll down to Advance settings, and toggle the Allow public client flows option to Yes.

Double-check that Yes is highlighted as shown, and click Save.

danger

The Allow public client flows option must be set to Yes to use Azure AD in AdminX

To continue, click the API permissions link located on the left-hand menu under Manage.

Once on the API permissions page, click Add a permission. A window titled Request API permissions will pop up. Select Microsoft graph, the largest of the available icons.

Click Application permissions

Under Select permissions, there is a search box. Search for the following permissions in the search box by entering the first word - such as Directory - and by then expanding the Directory result to see the full list of permissions:

If you wish to enable reading and writing to the user directory - being able to add or delete users - enable the following permissions:

  • Directory.Read.all
  • Directory.ReadWrite.all
  • User.Read
  • User.ReadWrite.all

If you only wish to read from the user directory and to not be able to add new users, instead enable the following permissions:

  • Directory.Read.all
  • User.Read
  • User.Read.all

When you are finished, click Add permissions.

The permission will need to be approved by an administrator before it can be used. To grant consent, click Grand admin consent for [your application].

After approving consent, the status will change to Granted.

Gather Information Needed for AdminX

The following items are needed to configure Azure AD in AdminX.

  • Application (client) ID: The application (client) ID can be found on the App registrations page. Azure Home -> Azure Active Directory -> App registrations
  • Tenant ID: Found on the Azure Active Directory Overview page. Azure Home -> Azure Active Directory.

The tenant ID can also be found on [your application name] Overview, at Azure Home -> Azure Active Directory -> App registrations -> [your application name]

  • (Tenant) Name: Your Azure tenant Name, Found on the Azure Active Directory Overview page. Azure Home -> Azure Active Directory.
  • Client Secret: Secret for your app registration. Located on the application Certificates and secrets page. Azure Home -> Azure Active Directory -> App registrations -> [your application name] -> Certificates and secrets

You can only view the certificate at the time it is created. If you lost your secret, you can create a new one by clicking New client secret

  • Login URL: Your login URL defaults to https://login.microsoftonline.com

  • Graph API URL: Your Graph API URL defaults to https://graph.microsoft.com

Setup Azure AD in AdminX

Now that all the necessary prerequisites have been completed, the final step is to connect to Azure AD using AdminX.

Navigate to your AdminX panel and log in as a tenant or community administrator. From the Administrator Dashboard, click on the Directory icon located on the left-hand menu.

From the Directory Integrations page, click Add new directory.

Select Azure AD

Review the information displayed, and click Setup Azure AD

Next, enter all the information you copied from Azure (please see the picture for reference).

Finally, we need to configure attributes mapping for the BlockID data store used internally by AdminX. This mapping links the Azure directory attributes - such as name, number, etc. - to the attributes used by BlockID.

The following attributes need to be mapped:

Azure Directory AttributeBlockID Attribute Name
givenNamefirstname
surnamelastname
userPrincipalNameemail
mobilePhonephone
userPrincipalNameusername

First, click Add new mapping

Enter the Azure attribute in the top box labeled Directory attribute. Use the drop-down menu to select the corresponding BlockID attribute from the table above, and click Create.

Repeat this process until all the attributes from the table above are mapped, and click Next.

Once the attributes are mapped, you are done! You can click the View Users button to preview your Azure AD users.

Click Complete to finish adding your Azure AD directory into Adminx.

You can verify that the Azure AD directory has been added by checking the Directory Integrations page in AdminX. Your Azure directory should now be available and show as connected