Registering an application in Azure
Registering an application
This article guides you through registering an Enterprise Service Management application in the portal.
Information about required permissions to create and manage a Registered App in Azure is available here (external link).
- On the Microsoft Azure Portal home page, go to the Azure services and click App registrations.
- On the opened page, run the New registration action.
- Configure your application:
- Provide a name for the application integration.
- Choose Supported account types.
- Add a Redirect URI: select Web and enter Redirect URI (in the following format: https://{your_domain_name}/wm/externalAuth/redirect.html).
- Click Register.
Assigning permissions
Permissions of two types can be granted in Azure for data access:
- Delegated permissions (access on behalf of a user)
- Application permissions (access independent from a user)
Please make sure you understood the impact of each permission type. Specific information provided by Microsoft is available here (external link).
For all "delegated" permissions you have granted to the registered App, it is required that the user who authenticates the created Service Connection in Enterprise Service Management needs to have the corresponding access rights in Azure.
For all "application" permissions you have granted to the registered App, the access rights of the authenticating user are not effective.
- After the application is created, go to the API permissions section of the new application.
- Use the Add a permission action to add a permission.
- First add the Azure Service Management > user_impersonation permission.
- Then add Microsoft Graph > User.Read for the delegated type or Microsoft Graph > User.Read.All for the application type.
- If you have chosen the application type, run the Grant admin consent action.
Creating a secret key
- Go to the Certificates & secrets section of the new application.
- Run the New client secret action to create a secret key.
- Provide the description and expiration date for the key and click Add.
- After a new key is displayed, copy its value immediately. Later it will be hidden.
Save the secret key value. It will be used to create a service connection in Matrix42 Enterprise Service Management.
Retrieving the client ID and tenant ID
Client ID and tenant ID of your registered application are required for creating a service connection. You can find these values in the Overview section of the registered application.
Save these values. They will be used to create a service connection in Matrix42 Enterprise Service Management.