🥌Entra ID App

Entra ID Application

Inforiver will use multiple Office 365 APIs to fetch relevant information like Power BI Report metadata, User emails and groups, SharePoint and OneDrive integration. For this Azure AD application, steps needs to be created in your tenant by following the steps mentioned below. The details would be needed from app while we deploy our application.

Steps to Create

Following are the steps to create Azure AD application and collect the required details to continue the Inforiver deployment.

APP Registration

As a first step you have to register a new app in your Azure AD.

Login into your Azure Portal
Click on Manage Azure Active Directory from the menu tab
Click App registrations in the left sub menu
Click the New Registration tab in the top menu bar as shown in the blow screenshot.

Enter an Application Name to be displayed to the users - In the section Who can use this application, select Accounts in this organizational directory only - In the section Redirect URI, please leave it for now. We have to come back once we get the URL of the application. - Click Register to register the application.

Configuration

Please follow the steps to continue the configuration of the Azure AD application.

Permissions Configuration

The Azure AD app needs to have certain permissions enabled for Inforiver to work properly. Please follow the steps below to enable those permissions.

To view the complete list of required and optional permissions and why Inforiver requires these permissions, please read through the below page.

O365 Permissions

Go to the API Permissions menu of the Azure AD App that you created in the previous step.
Click Add a Permission, then select Microsoft Graph -> Delegated Permissions and select the following permissions:
- email
- openid
- profile
- User.Read
- User.ReadBasic.All
- Group.Read.All
- GroupMember.Read.All
After selecting all the above permissions, click the Add Permissions button at the bottom.
Now, click Add a Permission once again, then go to Power BI Service -> Delegated Permissions. Select the following permissions:
- Dataset.Read.All
- Report.Read.All
- Workspace.Read.All
- App.Read.All
- Dashboard.Read.All
After selecting all the above permissions, click the Add Permissions button at the bottom.
Similarly, click Add a Permission, then select Azure Storage -> Delegated Permissions. Select the permission:
- user_impersonation
Click the Add Permissions button at the bottom.
Grant admin consent for the entire organization to authorize this application for your users.

If your organization have a policy which disallows users to provide consent to the application on their own, then make sure that you have provided admin consent for the entire organization.

Credentials Collection

As the final step, you have to generate a client secret and collect the necessary details for the deployment.

Go to the Overview menu of the application, copy, and save the Application (Client) ID from the top details.
Copy and save the Directory (Tenant) ID from the top details section of the Overview menu.

Go to Certificates and Secrets menu, then create the New Client Secret. Select the appropriate validity based on your organization policy and press Add button. You will be shown a secret value and make sure to copy and save it for the deployment. Secret Value won't shown to you once again. You have to recreate it once again.

PreviousBasic Requirements NextSMTP Service

Last updated 3 months ago