Azure Active Directory

introduction this guide tells you how to authenticate the azure active directory connector in swimlane using oauth 2 0 client credentials you will create an azure application, assign microsoft graph api permissions, collect required identifiers, and configure the connector in swimlane prerequisites azure access requirements you must have azure permissions to register applications under azure active directory assign microsoft graph api permissions grant admin consent create client secrets view azure tenant information required credentials during setup, you will collect credential description client id azure application (client) id client secret azure application secret tenant id azure directory (tenant) id token url oauth token endpoint url microsoft graph api url scope microsoft graph permission scopes token url action type token url all actions https //login microsoftonline com//oauth2/v2 0/token https //login microsoftonline com/%7btenant id%7d/oauth2/v2 0/token host url action type host url all actions https //graph microsoft com azure setup take the following steps to register the application navigate to azure portal → azure active directory → app registrations click new registration enter an application name choose accounts in this organizational directory only click register take the following steps to assign api permissions open the api permissions tab click add a permission select microsoft graph select application permissions add the required permissions recommended permissions permission user readwrite all directory readwrite all directory accessasuser all user readbasic all directory read all user manageidentities all user enabledisableaccount all click add permissions click grant admin consent for your organization take the following steps to generate a client secret navigate to certificates & secrets click new client secret add description and expiration click add copy and save the secret value this saved value is the client secret take the following steps to collect required identifiers from app registration → overview , copy client id tenant id record the following values value example url https //graph microsoft com token url https //login microsoftonline com//oauth2/v2 0/token https //login microsoftonline com/%7btenant id%7d/oauth2/v2 0/token connector configuration in swimlane log in to turbine from the left hand navigation pane, click orchestration and click assets asset homepage opens click the plus icon to open the configure your connector asset window select azure active directory from the asset type list fill in the asset settings and asset input as shown field description required/optional url microsoft graph api url required token url azure oauth token url required client id azure application client id required client secret azure application client secret required scope microsoft graph permission scopes required verify ssl enable/disable ssl verification optional http proxy optional proxy configuration optional fields with marks are required scope configuration the connector supports microsoft graph scopes example scope https //graph microsoft com/ default this scope allows the connector to use all microsoft graph api permissions granted to the application troubleshooting authentication failed verify client id is correct client secret is correct tenant id is correct token url includes the correct tenant id admin consent has been granted insufficient privileges error ensure required microsoft graph permissions are assigned admin consent has been granted the azure application has application permissions, not delegated permissions ssl errors if ssl verification fails verify the certificate chain confirm proxy/firewall inspection settings temporarily disable verify ssl for testing if permitted by your organisation you have successfully authenticated the azure active directory connector in swimlane sources microsoft graph api documentation https //learn microsoft com/en us/graph/api/overview https //learn microsoft com/en us/graph/api/overview microsoft graph permissions reference https //learn microsoft com/en us/graph/permissions reference https //learn microsoft com/en us/graph/permissions reference microsoft oauth 2 0 client credentials flow https //learn microsoft com/en us/azure/active directory/develop/v2 oauth2 client creds grant flow https //learn microsoft com/en us/azure/active directory/develop/v2 oauth2 client creds grant flow