Registering an application to integrate Miradore with Microsoft Entra ID

To enable the integration between your Miradore site and Microsoft Entra ID, an application must be registered in Azure first.

See Connecting Miradore to Microsoft Entra ID for general information on creating the connection.

Requirements

• Admin account on Azure
• Miradore Premium+ subscription

Steps

1. Register an application in Azure to integrate Miradore with Microsoft Entra ID.
2. When the registration is ready, copy the Client ID and Tenant information from the Overview pane, as you will need them to set up the connection in Miradore.
   For more information, see Registering an application in Azure.
3. Set the application permissions.
   For more information, see Defining permissions for an application in Azure.
4. Generate a client secret for the application and copy its value, as you will need it to set up the connection in Miradore.
   For more information, see Generating a client secret in Azure.

Registering an application in Azure

1. Log in to Azure at https://portal.azure.com/ as an admin.
2. Navigate to Microsoft Entra ID.
   To open Microsoft Entra ID, you can select View on the Manage Microsoft Entra ID tile.
3. Select Manage > App registrations on the left.
4. Select New registration.
5. Define a name for your application. This will be the user-facing name for your app.
6. In Supported account types, select Accounts in this organizational directory only.
7. Select Register.
   Note: The Overview page contains the details of your registered application. Copy the Application (client) ID and the Directory (tenant) ID, as you will need them to create the connection in Miradore.

Learn more about registering an application from Microsoft's documentation.

Defining permissions for an application in Azure

Before defining the permissions, you must register an application in Microsoft Azure.

1. In Azure, navigate to Manage > App registrations on the left.
2. Open the All applications tab and select the application for which you want to give permissions.
   Result: The application's page opens.
3. In the left navigation menu, select Manage > API permissions.
4. Select Add a permission.
5. To open the permission interface, select Microsoft Graph.
6. Select Application permissions.
7. Under User, select User.Read.All.
8. Under Group, select Group.Read.All for group filtering.
9. Select Add permissions.
   Note: You need admin permissions to grant the User.Read.All and Group.Read.All permissions to your application.
10. Select Grant admin consent for Default Directory.
    Note: You need admin permissions to perform this step.

Result: The status of the user permission is modified to Granted for Default Directory.

Generating a client secret in Azure

1. In Azure, navigate to Manage > App registrations on the left.
2. Open the All applications tab and select the application for which you want to give permissions.
   Result: The application's page opens.
3. In the left navigation menu, select Manage > Certificates & secrets.
4. On the Client secrets tab, select New client secret.
5. Fill in the following fields:
   • Description: the name of the client secret
   • Expires: the expiration date of the client secret
6. Using the clipboard icon, copy the value of the secret, as you will need it to create the connection in Miradore.
   Important: Make sure you copy the value of the secret, not the ID of the secret.

Learn more about creating a client secret from Microsoft's documentation.