Skip to main content

Azure Application Registration

Applicable to: On-Premises (Single-tenant) environment

To link the Security365 product with a Microsoft account, the customer's Azure account must beRequired Permissions and Redirection URIYou need to create this registered Azure Application.

1. Create Azure Application

1.1 Application Creation

To sign up for a Microsoft account in an On-Premises (Single-tenant) environment, the customer must directly create an Azure application with the necessary permissions in their Azure account.

  1. With a Microsoft admin accountMicrosoft Azure Integrated ConsoleAccess the page.
  2. 앱 등록Moving to the service page.
  3. 새 등록Click the button to go to the application registration page. After entering the application name,등록Click the button.

img

1.2 API Permission Settings

Configure the permissions required for the application for SP login and account synchronization.

  1. 앱 등록Find and click on the application created on the service page.
  2. 관리 > API 사용 권한Go to page.
  3. 권한 추가Click the button andMicrosoft GraphSelect to add permissions to the application.

img

The additional permission information is as follows.

Microsoft API TypestypePermissionsDescriptionPurpose
Microsoft GraphDelegated AuthorityemailView users' email addressSP Login
Microsoft GraphDelegated AuthorityopenidSign users inSP Login
Microsoft GraphDelegated AuthorityprofileView users' basic profileSP Login
Microsoft GraphDelegated AuthorityRoleManagement.Read.AllRead role management data for all RBAC providersChecking Permissions During Registration
Microsoft GraphDelegated AuthorityRoleManagement.Read.DirectoryRead directory RBAC settingsPermission Check on Sign-Up
Microsoft GraphDelegated AuthorityUser.ReadSign in and read user porfileAccount Synchronization
Microsoft GraphApplication PermissionsDirectory.Read.AllRead directory dataAccount Synchronization
  1. After adding permissions,관리자 동의 허용Click the button to approve the permissions requested by all accounts within the tenant.

img

1.3 Authentication Settings

You need to register a URI that can send authentication results when the user has completed logging in or logging out.

  1. 관리 > 인증Go to page.
  2. 플랫폼 추가Click the buttonplatform and단일 페이지 애플리케이션Adding a platform.

img

The redirect URIs that need to be added for each platform are as follows.

img

typeURIDescription
Web Redirect URIhttps://login.xxx.yyy/SCCloudOAuthService/openid/v2/callback/codeSP Login
https://login.xxx.yyy/SCCloudOAuthService/openIdCallbackSP Login
Single Page Application Redirect URIhttps://login.xxx.yyy/callbackSP Login
https://portal.xxx.yyy/signupSign Up
https://portal.xxx.yyy/setting/inboundAzure Account Integration

※ xxx.yyy must be changed to the domain address for each environment.

  1. Allows issuing ID tokens to request tokens from the authorization endpoint.

img

  1. 저장Press the button to save the settings.

1.4 Certificate and Password Settings

To use the created Azure application, you need to obtain a client secret.

  1. 관리 > 인증서 및 암호Go to page.
  2. 새 클라이언트 암호Click the button to issue a client password.

img

  • This password is needed later when setting up app information (Security365 Portal App Secret) on the Security365 master admin page, so please keep it safe separately.

img

2. Setting Azure Application Information in the Master Admin Page

Before completing the environment setup and signing up, you need to enter the Azure application information on the master admin page of the management center.

  1. Log in to the management center with the master administrator account.
  2. 설정 > Azure 애플리케이션 설정Moving to the tab.

img

  1. Enter the following configuration values.

    SettingsDescription
    Security365 Portal App IDCreated Azure Application ID
    Security365 Portal App SecretGenerated Azure application client secret
    Azure Tenant IDAzure Directory (Tenant) ID

  2. 수동 생성 앱 사용 여부checks.

  3. 저장Click the button to save the settings.

  4. Once the setup is complete, proceed with the registration.

* Client Password Renewal Method

  1. Microsoft Azure Integrated ConsoleAccess.
  2. You will receive a new client secret for the existing application.
  3. Log in to the Security365 management center with the master administrator account.
  4. 설정 > Azure 애플리케이션 설정Moving to the tab.
  5. SECRET 갱신After clicking the button, enter the existing password and the newly issued password.저장Click the button.

© SOFTCAMP Co., LTD. All rights reserved.