Azure in China is a service operated by 21 Vianet.
To configure the integration you must have Azure AD administrative access in order to create and configure a new App Registration
- Create credentials in Azure.cn (an 'app')
- Connect Trelica to your Azure.cn tenant using these credentials.
Register the app
- Login to Azure.cn and find App registrations:
- Click New registration.
- Enter a name (e.g.
Trelica
) - Choose Accounts in this organizational directory only (Single tenant)
- You do not need to enter a Redirect URI - just click Register to continue.
Configuring API permissions
- On the API permissions tab, click Add a permission
- Under the Microsoft APIs tab choose Microsoft Graph:
-
Choose Application permissions search for each of the scopes in the table below and tick them, depending on the features you require:
Core scopes AuditLog.Read.All
Read audit log data Directory.Read.All
Read directory data Group.Read.All
Read all groups GroupMember.Read.All
Read group memberships Reports.Read.All
Read all usage reports User.Read.All
Read all users' full profiles Deprovisioning User.ReadWrite.All
Update the profile of every user in the organization GroupMember.ReadWrite.All
Read and write group memberships UserAuthenticationMethod.ReadWrite.All
Read and write users' authentication methods Provisioning RoleManagement.ReadWrite.Directory
Read and write directory RBAC settings - Click Add permissions
- Finally, click Grant admin consent:
Create a new secret
- Go to Certificates & secrets
- Click New client secret
- Give the secret a name (e.g.
Trelica
) and chose the Expiry duration that you are comfortable with (we recommend 12 or 24 months). - Click Add
Collecting the IDs you need
You need three IDs which you can copy from Azure.cn:
- From the Certificates & secrets tab copy the Client Secret Value (not the Secret ID)
The Client secret value will only be available for you to copy for a short period of time. If you are unable to view or copy it, then just create new one.
- From the Overview tab copy the Application (client ID) and the Directory (tenant) ID
Connect from Trelica
- In Trelica, go to Admin > Integrations > Azure.cn
- Click Connect and enter the IDs that you gathered earlier:
- Click Connect again.
- The integration will run in the background.
Comments
0 comments
Please sign in to leave a comment.