Connect Azure Active Directory

In this article, we outline the steps to connect Azure Active Directory (Azure AD) to Cloud Control Center.

  • Login into portal.azure.com and click on Azure Active Directory (figure 1)

azure-ad-figure-1
Figure 1 (click image to enlarge)

  • Select on App Registration (figure 2)

azure-ad-figure-2
Figure 2 (click image to enlarge)

  • Select New Registration and fill in the Application name and click ‘Register’ (figure 3)

azure-ad-figure-3
Figure 3 (click image to enlarge)

  • Select Newly registered App (figure 4)

azure-ad-figure-4
Figure 4 (click image to enlarge)

  • Note down the Client ID and the Tenant ID (figure 5)

azure-ad-figure-5

Figure 5 (click image to enlarge)

  • Click on Certificates and Secrets and then on ‘New client secret’ (figure 6)

azure-ad-figure-6
Figure 6 (click image to enlarge)

  • Fill in the description and Expiry and Submit. Copy down the ‘Value of the client Secret’ (figure 7)

azure-ad-figure-7-1

Figure 7 (click image to enlarge)

  • Click on API Permission and “Add new Permission” then select (figure 9)
    Microsoft Graph (figure 8) > Application Permission > Directory.  Add the following permissions:
    Directory.AccessAsUser.all
    Directory.Read.All
    Group.Read.All
    GroupMember.Read.All
    User.Read 

azure-ad-figure-8

Figure 8 (click image to enlarge)


azure-ad-figure-9

Figure 9 (click image to enlarge)

  • After adding the permissions you need to Grant Admin Consent (figure 10-11)

azure-ad-figure-10f

Figure 10 (click image to enlarge)
azure-ad-figure-10g

Figure 11 (click image to enlarge)

  • Set the redirect URLs: Click on Redirect URLs (figure 12)

azure-ad-figure-10b
Figure 12-15 (click image to enlarge)
azure-ad-figure-10c
Figure 13 (click image to enlarge)
azure-ad-figure-10d
Figure 14 (click image to enlarge)
azure-ad-figure-10e
Figure 15 (click image to enlarge)

  • Add the following URIs and Save (figure 16)
    https://<DomainName>/eeasvc/login/oauth2/code/CR_<ClientID(Replace '-' with '_')>
    https://<DomainName>/eeasvc/oauth2/authorization/CR_<ClientID(Replace '-' with '_')>

azure-ad-figure-11
Figure 16 (click image to enlarge)

  • If the domain name  -- callahanauto.elisity.net
    client id. -- 193942d6-c29d-42cb-89a5-80075913a530
  • The Redirects would be
    https://callahanauto.elisity.net/eeasvc/login/oauth2/code/CR_193942d6_c29d_42cb_89a5_80075913a530
    https://callahanauto.elisity.net/eeasvc/oauth2/authorization/CR_193942d6_c29d_42cb_89a5_80075913a530
  • Register Azure AD in Cloud Control Center
  • Log in to Cloud Control Center and select “Connectors” on the far left menu bar.
  • Click “+IDP Connectors” on the top right of the screen (figure 17)

connecting-azure-ad-13
Figure 17 (click image to enlarge)

  • Select “Azure Identity Provider” (figure 18)

connecting-azure-ad-14

Figure 18 (click image to enlarge)

  • Enter in the Tenant ID, Client ID, and Client Secret information from steps 5 and 7 above.  Then click “Review” (figure 19)

connecting-azure-ad-15
Figure 19 (click image to enlarge)

  • Review the settings and click “Submit” (figure 20)

connecting-azure-ad-16
Figure 20 (click image to enlarge)

  • Azure Identity Provider should now show up as Active in Cloud Control Center (figure 21)

connecting-azure-ad-17
Figure 21 (click image to enlarge)