Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
externalcredentials [2023/03/04 02:06] – Justin Willey | externalcredentials [2023/03/04 02:39] (current) – [Microsoft Graph API] Justin Willey | ||
---|---|---|---|
Line 3: | Line 3: | ||
More sensitive items are stored in the database using AES256 encryption. Once saved, only the last four characters are shown, preceded by %%****%%. The number of asterisks is unrelated to the length of the underlying data. | More sensitive items are stored in the database using AES256 encryption. Once saved, only the last four characters are shown, preceded by %%****%%. The number of asterisks is unrelated to the length of the underlying data. | ||
+ | |||
+ | When you click on New, you will be asked for the Name, the Type and a Description of the credential record you want to create. The type and description can be edited later, but the name cannot be changed subsequently, | ||
==== SMTP ==== | ==== SMTP ==== | ||
Line 12: | Line 14: | ||
==== Microsoft Graph API ==== | ==== Microsoft Graph API ==== | ||
+ | === Registering IQX as an application in Azure === | ||
To use the Microsoft Graph API with IQX, you must first set up IQX as an Application in **your** Azure Active Directory using the Create Azure Active Directory application. To do this, log into **your** Microsoft Azure Portal as an **admin** user. Then select __Azure Active Directory__ followed by __App registrations__. | To use the Microsoft Graph API with IQX, you must first set up IQX as an Application in **your** Azure Active Directory using the Create Azure Active Directory application. To do this, log into **your** Microsoft Azure Portal as an **admin** user. Then select __Azure Active Directory__ followed by __App registrations__. | ||
Next complete the __Name__ field as, for example, //IQX//, set __Supported account types__ to //Accounts in this organizational directory only// and set __Redirect URI__ to //Web// with http:// | Next complete the __Name__ field as, for example, //IQX//, set __Supported account types__ to //Accounts in this organizational directory only// and set __Redirect URI__ to //Web// with http:// | ||
- | Now go back to __App registrations__ and select __All apps__. Select the App record you have just created and then select __API Permissions__. Select __+ Add a permission__ and in __Request API permissions__ select //Microsoft Graph//. Then configure __Application permissions__ and grant // | + | === Granting permissions to IQX === |
+ | Now go back to __App registrations__ and select __All apps__. Select the App record you have just created and then select __API Permissions__. Select __+ Add a permission__ and in __Request API permissions__ select //Microsoft Graph//. Then configure __Application permissions__ and grant // | ||
{{: | {{: | ||
+ | === Setting up authentication for IQX === | ||
+ | |||
+ | Choose __Certificates and secrets__ from the right hand menu. Choose __Add a client secret__, give it a description and choose //Never// under __Expires__. Select __Add__ and copy the displayed Secret into the **Client Secret** field in IQX and then click on **Save & Refresh**. | ||
+ | |||
+ | Then back in Azure, choose __Authentication__ from the right hand menu. The screen should look something like this: | ||
+ | |||
+ | {{: | ||
+ | Now select and copy the __Application (client) ID__ into **Client ID** in IQX, and __Directory (tenant) ID__ into **Tenant ID** in IQX. Then click on **Save & Refresh** | ||