How to: Generate an OAuth2.0 Authorization Token in Azure

Azure OAuth2.0 Integration in Oomnitza

Oomnitza uses Azure OAuth2.0 to connect to a variety of Microsoft Services, however, generating these credentials can be difficult for those unfamiliar with the Microsoft Azure landscape. To assist with this, the instructions below should allow you to generate the proper credentials in order to set up Azure, Intune, and other Microsoft Integrations.

PLEASE NOTE: That these instructions are for an external system, and that system is subject to change without warning. If you have any questions or need any assistance with this process, please contact your Oomnitza customer success manager or email support@oomnitza.com.

Generating an OAuth2.0 Application in Azure

  1. Login to Azure and navigate App Registrations
    1. Select New Registration
      1. Enter a Name for your OAuth2 application.
      2. In the "Redirect URI (optional)" field, enter the following Redirect URI:
        https://generic-oauth2-proxy.oomnitza.com/oauth2/redirect_url 
      3. Click Register. This will create your app registration. 

  2. Now that your app is created, navigate to  API permissions
    1. Select + Add a Permission
    2. Select Microsoft Graph
      1. Select Delegated permissions
      2. Select the desired permissions:
        1. For Intune Devices, select DeviceManagementManagedDevices
          1. Select DeviceManagementManagedDevices.Read.All
          2. Click Add permissions
        2. For Azure Active Directory, select User
          1. Select User.Read.All
          2. Click Add permissions

  3. Next, you’ll need to grant admin consent to Oomnitza. (Note: This should be available in API permissions if you have administrator access rights in Azure)

  4. Finally, to generate the Client ID, Tenant ID, and Client Secret:
    1. Navigate to Azure > Certificates & secrets (found under the Manage section on the left)
      1. Select New client secret
      2. Click Add
      3. Copy the "Value" field from the secret created.
    2. Client ID, Tenant ID, and Client Secret are now available, and can be entered into the Credential Vault in Oomnitza.

In some Azure configurations, you won't be prompted to select application type when creating the App Registration. If this occurs.

  1. Navigate to Azure > Authentication
    1. Select Add a platform
      1. Select Web
      2. Enter the Redirect URI:
        https://generic-oauth2-proxy.oomnitza.com/oauth2/redirect_url
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk