Show/Hide Toolbars

Thereforeā„¢ Help

Tutorials > Solution Designer > Access > Authentication > External User Directories > Microsoft Entra ID

Configure Thereforeā„¢ Server Login

Scroll

To integrate the Thereforeā„¢ Server into Microsoft Entra ID from the backend, a second custom application needs to be registered manually in the Microsoft Entra ID.

 

The application should be configured to share a 'secret' with Thereforeā„¢.

 

1.In the Azure portal, go to 'App registrations' and create a new application with the default settings. In this example, it is named 'Thereforeā„¢ Server Login'. The steps to create an application are detailed in the previous tutorial:

 Tutorial: Configure Thereforeā„¢ Client Login

SD_T_AuthMeth_AdminTasks_AAD_001

2.Go to API permissions, and click 'Add a permission':

sd_t_authmeth_admintasks_aad2_001

3.Select 'Microsoft Graph'.

sd_t_authmeth_admintasks_aad2_002

4.Select 'Application permissions'.

sd_t_authmeth_admintasks_aad2_003

5.Search for and add the following application permissions:

 

Domain.Read.All

Group.Read.All

User.Read.All

sd_t_authmeth_admintasks_aad2_005

6.After adding the permission click 'Grant admin consent for <Organization>'. Click 'Yes' on the confirmation message. Please note that an Admin Account is a prerequisite for this step.

sd_t_authmeth_admintasks_aad2_006

 

8.The status column should show 'Granted for <Organization>'.

sd_t_authmeth_admintasks_aad2_007

9.Go to 'Certificates & secrets' and click 'New client secret'.

sd_t_authmeth_admintasks_aad2_008

Please chose the expiration date that is the best fit for your security policy. We recommend using 24 months so you donā€™t need to update the secret too often. If the secret expires users will no longer be able to login to Thereforeā„¢ so make sure you update the secret before it expires.

sd_t_authmeth_admintasks_aad2_009

 

10.  Go to the 'Overview' section and make a note of the 'Application (client) ID'. It is required for configuring the Thereforeā„¢ settings. Copy the 'Value' of the client secret. This value is also needed to configure Thereforeā„¢.

sd_t_authmeth_admintasks_aad2_010

11.  Proceed by configuring Thereforeā„¢.

 Tutorial: Configure AAD in Thereforeā„¢