Azure Active Directory Configuration

Last Updated On
Print
You are here:

This document outlines the necessary configuration to synchronize the contacts in your Assetas instance to your Azure Active Directory (AAD) users. 

The simplest way to synchronize the contact information and enable OAuth integration is through Microsoft Graph. Our data adaptor requires access to these permissions:

  • Directory.Read.All
  • User.Read
  • User.Read.All

The only action for our clients is to log into our application as an Account Administrator and authorize these permissions to your Azure Active Directory. You would only need to authorize these once for your organization and you could revoke them at any time through your Azure Portal.

Once granted access, our application will synchronize the contact information and be ready for the users to access our application.

Step 1: Determine your AAD Tenant ID 

  1. Sign into your AAD portal at https://aad.portal.azure.com. 
  2. From the main menu, choose Azure Active Directory and copy the Tenant ID in the Tenant information for your organization. You will need this value in Step 3: Grant the AAD Permissions to Assetas.

Step 2: Create the Assetas Scheduled Job 

  1. Sign into your Assetas account with an account that has the Account Administrator security role. 
  2. From the sidebar navigation, expand Configuration to select Scheduled Jobs. 
  3. Click the Add button. 
  4. Set the type as Microsoft Graph: Directory Synchronization and values for name and frequency
    • Assetas recommends Daily frequency. 
  5. Click the Save button. 

Step 3: Grant the AAD Permissions to Assetas 

  1. Click on the Edit button in the Microsoft Graph Directory Synchronization Properties section. 
  2. Enter your Tenant ID (from Step 1) and optionally configure other items. 
  3. Click the Save button.
  4. Press the Grant Permissions button. This will prompt you to log into your Microsoft Account. Please use an account that has the proper security to grant AAD permissions. 
  5. Next, you will see the permissions screen. Please click the Accept button to grant Assetas read-only access to your tenant’s contact information 

Step 4: Test the Connection

  1. Click on the Test Connection button in the Microsoft Graph Directory Synchronization Properties section. 
  2. The status code will appear below the button with a snippet of the returned information. The Status Code should return a status of OK. 

Step 5: Additional Configuration

The basic configuration is now complete. If you wish to further customize the specific AAD data that is synchronized, please contact Assetas. 

Downloadable PDF

Azure Active Directory Configuration

Table of Contents