Obtaining an Application ID and Secret key for the Azure Active Directory Adapter

Edit online

Before you create an Azure Active Directory service, you must obtain an Application Id and Secret key for the Azure Active Directory Adapter.

About this task

The Azure Active Directory Adapter authenticates to the Azure Active Directory domain through the Windows Azure Active Directory Graph API using OAuth 2.0 Client credentials.

Procedure

Register the Azure Active Directory Adapter as an application using the Azure Active Directory management Portal. For details of the application registration process, see the https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app

Delegated permission - Microsoft Graph

Directory.AccessAsUser.All
Directory.Read.All
Directory.ReadWrite.All
GroupMember.Read.All
Group.Read.All
Group.ReadWrite.All
User.Read
User.Read.All
User.ReadBasic.All
User.ReadWrite.

All Application permission - Microsoft Graph

Directory.Read.All
Directory.ReadWrite.All
User.Read.All
User.ReadWrite.All

Least Permissions required to perform Basic Read Operations on the adapter are below:

Delegated permissions- Microsoft Graph

User.ReadBasic.All
User.Read.All
Directory.Read.All

Application permissions- Microsoft Graph

User.Read.All
Directory.Read.All

Other respective permissions are required to perform the operations associated with information like Groups, Roles, Licenses, and so on.

Note: To know about the permissions required during Operations, kindly follow the Microsoft Graph API Document.

Respective Write permissions are required as mentioned in Microsoft Graph API Document to perform modification Operations on Target through Adapter.