The Azure web app is a web application that is used to connect Genetec ClearID™ One Identity Synchronization Tool to the Azure AD data so that the Active Directory user information can be accessed and synchronized.
Connection information for Azure web app
To connect the Azure web app to the ClearID One Identity Synchronization Tool, you need the
following information:
- Tenant name (Directory ID for account)
- Client ID (Application ID)
- App key (Client secret value)
Tip: The Tenant name, Client ID, and App
key can be obtained from your Azure Active Directory application registration.
Azure AD API permissions
Before you can synchronize data with ClearID, an external system attributes administrator (IT or security personnel) must set up and configure the following API read permission privileges in Azure AD.
Microsoft Graph (minimum requirements):
-
Application.Read.All - Used to get extensions attributes.
- Allows the app to read applications and service principals without a signed-in user.
For more information, see List extensionProperties (directory extensions)
-
User.Read.All - Used to get user information.
- Allows the app to read identity user risk information for all users in your organization without a signed-in user.
-
Group.Read.All - Used to get group information.
- Allows the app to read group properties and memberships, and read conversations for all groups, without a signed-in user.
For more information, see Microsoft Graph permissions reference.