Skip to main content

Setting up your Azure App

Alex Mead
Updated

AD Connector

Step-by-step guide

 

This guide will show you how to register an app in your Azure tenant so the AD Connector service can update objects in your tenant.

Contents

Introduction

Where there is a requirement to connect your AD Connector directly to Azure (Entra ID, photo sync or licence assignment), you will need to ensure an app is setup to grant permissions over the Microsoft Graph API.

Setting up the App

  • Open https://portal.azure.com/
  • Login as an Office 365 administrator for the domain you are working on.
  • Register a new app. Navigate to the Azure Active Directory > App Registrations page then click New Registration

  • Register the App:
    • Enter "CIPHR AD Connector" as the application name
    • Select ‘Accounts in any organisational directory
    • Redirect URI : Set as Web, https://yourportal.myciphr247.com/CiphrAdConnector/ (This is your HR self-service portal with /CiphrADConnector/ appended)
    • Click Register

  • You will then be taken to the overview page for the application. You will see an “Application (client) ID" as well as a “Directory (tenant) ID”. Make a note of these as this are the values you will need to enter into the installation dialog of the CIPHR AD Connector Service Installer

  • Create a new client secret. Navigate to the Certificates & Secrets page then click "New Client Secret".

  •  Create client secret 

    • Give the secret a brief description
    • Set it to never expire
    • Click Add

     

    Important: Copy the secret value that is shown after this step as this is the ONLY time that you will be able to see the actual value. The generated password is the value set in the "Secret" field of the "Office 365 Access" dialog of the Installer.

Creating a new Secret

Azure secrets have a max lifespan of 2 years, this means there will be a requirement every two years where the service will need to be reinstalled. Create a new secret for the app using the relevant step above.

It is recommended the expiry for this is noted and a reminder setup by customer IT to ensure no loss in service.

Once this is done, you will need to reinstall the service on the AD Connector server. Guidance for this can be found in the associated KB article.

 

Footer

Related to

Related articles

Comments

0 comments

Article is closed for comments.