Configure Azure Active Directory

Some of AccessBot features require an Azure Active Directory app and here you’ll learn how to properly configure it.

Set Up Azure Active Directory App

1. Go to Azure Portal, click on the top search bar and type “Azure Active Directory”, and then click on the resource:

1. On the left side menu, click on “App registrations”:

1. Then click on “New registration”:

1. Define the name of the application, select the “Single Tenant” option for supported account types and under the “Redirect URL” select the “Web” option and paste https://<directoryname>.onmicrosoft.com/MicrosoftGraphClient, replacing <directoryname> with your Azure Directory name. Then click on “Register”:

1. After creating the resource, define the following environment variables using the specified values on the screenshot:
   • AZURE_AD_APP_ID - Application (client) ID
   • AZURE_AD_TENANT_ID - Directory (tenant) ID

1. Now, go to “Certificates & secrets”, click on the “Client secrets” tab and click on “New client secret”:

1. Type the description, select the wanted expiry time and then click on “Add”:

1. Then, copy the secret and define it in the AZURE_AD_APP_SECRET environment variable:

1. Now click on “API permissions”:

1. Click on “Add a permission”:

1. On the side modal, click on “Microsoft Graph”:

1. Click on “Application permissions”, type “User.Read.All” in the search bar, expand the User permissions, click on the permission checkbox and click on “Add permissions”:

1. Then click on “Grant admin consent for <directoryname>” and click on “Yes”:

That concludes the Azure Active Directory App configuration.