Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

General

There are three separate synchronization options to synchronize user data from Azure Active Directory to BeneCloud systems.

  1. User data synchronization

  2. Directory synchronization of users

  3. Directory synchronization of directory entries

Synchronization is done as a daily batch job by default.

Reading AzureAD information is done via Azure Graph API. This requires that new application must be registered to Azure Active Directory in Azure portal and rights to read directory data must be granted.

Registering Directory Synchronization on Azure Portal

1. Log in https://portal.azure.com as an administrator

  1. Log in https://portal.azure.com as an administrator


2. Select Azure Active Directory -> App registrations -> New application registration

3. Enter describing name for the application, and click Register. Redirect URI is not needed

4. Select API Permissions.

  1. Add Microsoft Graph -> Application permissions

  2. Add following permissions

    1. Group/ Group.Read.All

    2. User/ User.Read.All

  3. Click Grant admin consent and then Yes for confirmation pop-up

4. Make sure that Admin consent status is granted for all permissions

5. Select Certificates & secrets.

  1. Add new client secret

  2. Enter a proper description, select Expires = Never and click Add

  3. Copy value of new secret to be sent to Benemen

6. Go to overview tab and copy value of Application (client) ID

  • Send Application ID and Secret to Benemen

  • No labels

© Enreach, Mannerheimintie 117, 00280 Helsinki, Finland
+358 40 450 3000, www.enreach.fi