To integrate the Thereforeā¢ Server into Azure Active Directory from the backend, a custom client application needs to be registered manually in the Azure Active Directory, and the application should be configured to share 'secret' with Thereforeā¢. Application secrets can be set to "Never expire", which will assure backend access to Thereforeā¢ from the users' Azure Active Directory.
For setup:
1.Select New Registration on the Azure Active Directory.
![SD_T_AuthMeth_AdminTasks_AAD_014](./images/sd_t_authmeth_admintasks_aad_014.png)
2.Create a new client application in Azure Active Directory.
![SD_T_AuthMeth_AdminTasks_AAD_015](./images/sd_t_authmeth_admintasks_aad_015.png)
![Info](./images/info.png)
|
It is imperative to remember the clientID.
|
3.Request "Directory.Read.All" permissions and grant consent (by clicking the button indicated by the arrow).
![SD_T_AuthMeth_AdminTasks_AAD_016](./images/sd_t_authmeth_admintasks_aad_016.png)
4.Create a new client 'secret'; this needs to be shared with Thereforeā¢.
![SD_T_AuthMeth_AdminTasks_AAD_017](./images/sd_t_authmeth_admintasks_aad_017.png)
![SD_T_AuthMeth_AdminTasks_AAD_018](./images/sd_t_authmeth_admintasks_aad_018.png)
![Info](./images/info.png)
|
It is imperative to remember the client 'secret'.
|
5.These values will then need to be added to the Thereforeā¢ Azure Dialog.
![SD_T_AuthMeth_AdminTasks_AAD_019](./images/sd_t_authmeth_admintasks_aad_019.png)
|