This article covers configuration required in Azure AD to allow an external application to make web service calls to Adams Web. This article assumes Connect Foray ADAMS to Azure Active Directory has already been completed.
Azure Portal > Azure Active Directory > App registrations > Foray Adams Web* > App roles
* This name could vary based on earlier configuration
Create app role
Display name - External App API Access
Allowed member types - Applications
Value - ExternalAppAccess
Description - Allow external systems to access the Update Folder Status API with the application's credentials
Do you want to enable this app role? - checked
Apply
Azure Portal > Azure Active Directory > App registrations
New registration
Name - Adams External System
You may use a different name if you choose.
Who can use this application or access this API? - Accounts in this organizational directory only (Foray DevTest only - Single tenant)
Register
Azure Portal > Azure Active Directory > App registrations > Adams External System* > API permissions
* Name may vary based on earlier configuration
Add a permission
APIs my organization uses
Search for the Foray Adams Web app registration name or client id and select it
Application permissions
ExternalAppAccess - Check
Add permissions
Click Grant admin consent
Select Yes
Azure Portal > Azure Active Directory > App registrations > Adams External System* > Certificates & secrets
* Name may vary based on earlier configuration
New client secret
Description - Adams Update Folder Status
Expires - Choose a time frame and set yourself a reminder to renew. The application integrating with Foray Adams Web will need a new secret before this secret expires.
Add
Copy the secret value
This value must be provided to the technical person responsible for the integration with Foray Adams Web.
The secret value must be copied before signing out. Once you sign out it will no longer be accessible. |
The following information must be provided to the technical individual responsible for the integration with Foray Adams Web.
Azure Portal > Azure Active Directory > App registrations > Foray Adams Web* > Overview
* Name may vary based on earlier configuration
Endpoint (in the top toolbar for Overview)
OAuth 2.0 token endpoint (v2)
Copy the value
Azure Portal > Azure Active Directory > App registrations > Foray Adams Web* > Overview
* Name may vary based on earlier configuration
Copy the Application ID URI
Append “./default" to the end
Azure Portal > Azure Active Directory > App registrations > Adams External System* > Overview
* Name may vary based on earlier configuration
Application (client) ID
Copy the value
This came from the previous “Add a Client Secret to the External App Registration” step.
Send the Token Endpoint, Scope, Client ID, and Client Secret to the technical individual responsible for integration with Foray Adams Web.
Be sure to send these values, particularly the secret, securely NOT IN EMAIL. |
The integration with Foray Adams Web can now proceed.