Registering IQ4docs as an App in Azure
In order to import user data from an Azure AD, IQ4docs must be entered as an app in Azure and the necessary rights assigned and login data generated.
Proceed as follows:
Invoke Azure Active Directory
-
Log in to the Azure Portal https://portal.azure.com
-
Under Manage Azure Active Directory, select Displays.
Register App
-
In the menu on the left, under Manage, select App Registrations.
-
Select New Registration.
-
Enter a name for the application registration (e.g. IQ4docs).
-
Under Supported Account Types, select Only Accounts In This Organization Directory (Single Client) (default setting).
-
Select Register.
-
In the summary, the client ID is displayed in the Application ID (Client) field. This must be entered in the Client ID field of the Azure AD settings during the Azure import, see Import from Azure AD.
Set Permissions
-
In the menu to the left in the app registration, go to Manage and select API Permissions.
-
Select Add Permission.
-
Select Microsoft Graph.
-
Select Application Permissions.
-
Under Users, select the User.Read.All permission.
-
Under Group, select the Group.Read.All permission.
-
Select Add Permissions.
-
These permissions require an administrator approval which this can be set by clicking Grant Administrator Approval.
Create Access Credentials
-
In the menu to the left in the app registration, go to Manage and select Certificates & Secrets.
-
Under Secret Client Keys, select New Secret Client Key.
-
Enter a description for the client key.
-
Enter the desired validity period for the key. After expiration, no user import is any longer possible - an error appears during the import run.
-
Select Add.
-
The client secret is now displayed in the table under Value. Now copy this and enter it in the Client Secret field of the Azure AD settings in WebAdmin, see Import from Azure AD.
Caution: The client secret is only displayed in the Azure portal immediately after it has been created, so it should be transferred to WebAdmin immediately.