Skip to main content
Matrix42 Self-Service Help Center

Creating the service connection for Azure Hybrid Benefit data provider

Overview

A service connection allows you to establish access to Microsoft Azure portal and obtain data from it without sharing the credentials. A service connection is configured once by an administrator and then it can automatically use a service for obtaining data.

The Azure Hybrid Benefit add-on contains an Azure Hybrid Benefit service. This service is needed for creating a service connection to Microsoft Azure portal.

To create a service connection, take the following steps:

  1. Configure the authentication and authorization settings for integration on Microsoft Azure portal.
  2. Create a tenant in Enterprise Service Management.
  3. Create a service connection in Enterprise Service Management.

A DWP subsciption is required to be able to use the Azure Hybrid Benefit add-on. 

Configuring the authentication and authorization on Microsoft Azure portal

To configure the integration settings on Microsoft Azure portal, you will need to register your Enterprise Service Management application on the portal.

Registering an application

  1. On the Microsoft Azure Portal home page, go to the Azure services and click App registrations.
  2. On the opened page, run the New registration action.
  3. Configure your application:
  • Provide a name for the application.
  • Choose Supported account types.
  • Add a Redirect URI: select Web and enter Redirect URI, for instance, https://{your_domain_name}/wm/externalAuth/redirect.html.
  1. Click Register.

AzureRegisterNewApp.png

Assigning permissions

  1. After the application is created, go to the API permissions section of the new application.
  2. Use the Add a  permission action to add a permission. Click Azure Service Management, choose user_impersonation, click Add permissions.
  3. Then run the Grant admin consent action.

AzureAppPermissions.png

Creating a secret key

  1. Got to the Certificates & secrets section of the new application.
  2. Run the New client secret action to create a secret key.
  3. Provide the description and expiration date for the key and click Add.
  4. After a new key is displayed, copy its value immediately. Later it will be hidden.

Save the secret key value. It will be used to create a service connection in Matrix42 Enterprise Service Management.

AzureAppSecretKey.png

Retrieving the client ID and tenant ID

Client ID and tenant ID of your registered application are required for creating a service connection. You can find these value in the Overview section of the registered application.

AzureClientTenantIDs.png

Creating a tenant

In Matrix42 Enterprise Service Management, you need to create a tenant for the service connection.

  1. Go to the Administration application and open the Integration > Service Connections > Tenants navigation item.
  2. Run the Add Tenant action. A new tenant dialog opens.
  3. Provide an appropriate name for your tenant from the Microsoft Azure portal.
  4. Select Azure Hybrid Benefit in the Service field.
  5. Fill in the Client IDTenant and Client Secret fields with the data from Microsoft Azure.
  6. Save the dialog.

Creating a service connection

Next, create a service connection to your company's Microsoft Azure portal.

  1. In the Administration application, go to Integration > Service Connections > Connections.
  2. Run the Add Service Connection action. A new connection dialog opens.
  3. Select Azure Hybrid Benefit - Azure Active Directory (Application) in the Service field.
  4. In the Tenant field, select the tenant record that you have created earlier.
  5. Click Setup authentication.
  6. Provide the credentials for your company's Microsoft Azure portal and save the dialog.

Now you can use this service connection in the configuration of the Azure Hybrid Benefit data provider.

For more information on creating and using service connections, please refer to this article

  • Was this article helpful?