The steps below detail how to configure Microsoft Office 365 as a user verification source in SecurityGateway.
In Azure Active Directory:
- Navigate to the App Registrations page in Azure AD
- Select New Registration
- Enter an application name in the name field (Eg. SecurityGateway)
- Select Register
- Make note of the Application ID
- Select API Permissions
- Select + Add a permission
- Select Microsoft Graph
- Select Application Permissions
- Select Group.Read.All and User.Read.All
- Select Add permissions
- Click the Grand admin consent for… button
- Click Yes
- Select Certificates & Secrets
- Click + New Client Secret
- Enter a description in the description field
- Select the radio button to determine how long the password will be valid for
Note: Since this password will be stored in SecurityGateway, it’s important to note that if it expires in Office 365, SecurityGateway can no longer verify users
- Make note of the generated password
- Login to SecurityGateway as a global admin account
- Select Setup/Users
- Select Accounts
- Select User Verification Sources
- Click New
- Select Office 365
- Enter a description
- Enter the Office 365 domain name in the Domain Name field.
- Select the Type
- For most configurations, the option will be Global.
- Enter the Application ID from Azure AD in the Service Principle field.
- This can be found on the Overview page of the app registration in Azure AD
- Enter the password generated in Azure AD above in the Password field.