How to connect Azure Active Directory to Employee Directory

Microsoft Azure Active Directory is a service to provide identity and access capabilities for applications running in Microsoft Azure cloud and for self-hosted applications.

Azure Active Directory Addon is used to sync employee records with Employee records when these records are created, modified or deleted in Azure Active Directory. To be able to sync with Azure Active Directory, you need to:

1. Create and register an Azure Active Directory application.
2. Get application ID and authentication key.
3. Assign role to application.
4. Get your tenant ID.
5. Test your connection.

To be able to programmatically connect to Azure AD, you need to have tenant (directory) ID, application ID and authentication key. Follow the steps below to complete all connection requirements.

Creating an Microsoft Azure Active Directory application

1. Log in to your Azure Account through the Azure portal.
2. Click on "Azure Active Directory" main menu link.
3. Click "Enterprise Applications" link under "Manage".
4. Click on "+New application" button.
5. Select "Non-gallery" application under "Add your own app".
6. Enter your "Name" such as Employee Directory under "Add your own application" page.
7. Click Add button and wait until your app is created successfully.

Getting application ID and authentication key

1. Click on "Azure Active Directory" main menu link.
2. Click on "App Registrations" link under "Manage".
3. Click on "View All Applications" button to see your new application and click on it.
4. Click on "Settings" link.
5. Click on "Keys" link under "API ACCESS".
6. Fill in "Key Description" and set "Duration" fields.
7. Click on Save button and wait until your authentication key is created.
8. Copy the key value. You won't be able to retrieve it once you leave that page.
9. Paste the authentication key in "Authentication Key" field under "Connection" tab of Azure Active Directory Addon settings.
10. Back in the Azure "Settings" page. Copy "Application ID".
11. Paste your application id in "Application ID" field under "Connection" tab of Azure Active Directory Addon settings.

Assigning role to application

1. Back in the Azure "Settings" page. Click on "Required Permissions" under "API ACCESS".
2. Click on "Add" link.
3. Click on "Add an API" and select "Microsoft Graph" under "Select an API" blade.
4. Click on "Select" button at the bottom left.
5. Select "Read directory data" under "APPLICATION PERMISSIONS".
6. Click on "Select" and then "Done" buttons. It will set the permission(s) to your application.
7. Click on "Grant Permissions" link right next to "Add" button under "Required permissions" blade.

Getting your tenant ID

1. Click on "Azure Active Directory" main menu link.
2. Click on "Properties" link.
3. Copy the value under "Directory ID" field. That's your tenant ID.
4. Paste it in "Tenant ID" field under "Connection" tab of Azure Active Directory Addon settings.

Testing your connection to Azure Active Directory

If you followed the steps above to get your tenant id, application id and authentication key, you should be ready connect to Azure Active Directory.

1. Go to "Connection" tab of Azure Active Directory Addon settings
2. Make sure all required fields are filled in.
3. Click on "Save Connection" button and wait until the connection is saved.
4. Click on "Test Connection" button.
5. If the connection is successful. You will see your connection date and status as "Connected" under "Connection Log" field.
6. If the connection is not successful. You will see an error message detailing the reason under "Connection Log" field. Correct the error and try again.