Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revisionLast revisionBoth sides next revision | ||
| externalcredentials [2023/03/04 02:06] – Justin Willey | externalcredentials [2023/03/04 02:31] – Justin Willey | ||
|---|---|---|---|
| Line 3: | Line 3: | ||
| More sensitive items are stored in the database using AES256 encryption. Once saved, only the last four characters are shown, preceded by %%****%%. The number of asterisks is unrelated to the length of the underlying data. | More sensitive items are stored in the database using AES256 encryption. Once saved, only the last four characters are shown, preceded by %%****%%. The number of asterisks is unrelated to the length of the underlying data. | ||
| + | |||
| + | When you click on New, you will be asked for the Name, the Type and a Description of the credential record you want to create. The type and description can be edited later, but the name cannot be changed subsequently, | ||
| ==== SMTP ==== | ==== SMTP ==== | ||
| Line 12: | Line 14: | ||
| ==== Microsoft Graph API ==== | ==== Microsoft Graph API ==== | ||
| + | === Registering IQX as an application in Azure === | ||
| To use the Microsoft Graph API with IQX, you must first set up IQX as an Application in **your** Azure Active Directory using the Create Azure Active Directory application. To do this, log into **your** Microsoft Azure Portal as an **admin** user. Then select __Azure Active Directory__ followed by __App registrations__. | To use the Microsoft Graph API with IQX, you must first set up IQX as an Application in **your** Azure Active Directory using the Create Azure Active Directory application. To do this, log into **your** Microsoft Azure Portal as an **admin** user. Then select __Azure Active Directory__ followed by __App registrations__. | ||
| Next complete the __Name__ field as, for example, //IQX//, set __Supported account types__ to //Accounts in this organizational directory only// and set __Redirect URI__ to //Web// with http:// | Next complete the __Name__ field as, for example, //IQX//, set __Supported account types__ to //Accounts in this organizational directory only// and set __Redirect URI__ to //Web// with http:// | ||
| + | === Granting permissions to IQX === | ||
| Now go back to __App registrations__ and select __All apps__. Select the App record you have just created and then select __API Permissions__. Select __+ Add a permission__ and in __Request API permissions__ select //Microsoft Graph//. Then configure __Application permissions__ and grant // | Now go back to __App registrations__ and select __All apps__. Select the App record you have just created and then select __API Permissions__. Select __+ Add a permission__ and in __Request API permissions__ select //Microsoft Graph//. Then configure __Application permissions__ and grant // | ||
| {{: | {{: | ||
| + | === Setting up authentication for IQX === | ||
| + | |||
| + | Choose __Certificates and secrets__ from the right hand menu. Choose __Add a client secret__, give it a description and choose //Never// under __Expires__. Select __Add__ and copy the displayed Secret into the **Client Secret** field in IQX and then click on **Save & Refresh**. | ||
| + | |||
| + | Then back in Azure, choose __Authentication__ from the right hand menu. The screen should look something like this: | ||
| + | |||
| + | {{: | ||
| + | Now select and copy the __Application (client) ID__ into **Client ID** in IQX, and __Directory (tenant) ID__ into **Tenant ID** in IQX. Then click on **Save & Refresh** | ||
Justin Willey