Skip to main content
Sign in

Adding Microsoft credentials to the vault in Oomnitza

Caroline Maguire
  • June 16, 2022 10:27
  • Updated

Prerequisites 

Authentication for all Microsoft products (Azure AD accounts and Microsoft accounts, such as 365 and Intune) is based on OAuth2.0 authentication flow and validated against the Microsoft Identity Platform. Please follow the steps in Generating an OAuth2.0 Authorization Token in Azure to create an OAuth2.0 app and keep your details to be used later when Adding your OAuth credentials to the Oomnitza vault.

Adding your OAuth credentials to the Oomnitza vault

One you have obtained your OAuth details, add them to the vault in Oomnitza by completing the following steps:

  1. In Oomnitza, click Configuration > Security > Credentials, and then click Add new credential (+).
  2. On the INFORMATION tab, complete these actions:
    1. Add the name of the credential.
    2. Add the name of the owner. 
  3. On the AUTHORIZATION tab, select OAuth 2.0 as the authorization type.
  4. From the SaaS list, select from one of the options listed in the table below.
  5. Click Authenticate. You are prompted to log into Microsoft to authorize your request.
  6. Click CREATE.
SaaS Name Requirements Comment
Microsoft

Client ID, Client Secret, Scope, Tenant

 Uses OAuth consent. The Scope has to be manually added and must match what is set in the Microsoft instance. For information on obtaining your Client ID, Tenant ID, and Client Secret refer to Generating an OAuth2.0 Authorization Token in Azure.
Microsoft Resource Owner Grant

Client ID, Client Secret, Tenant Id, Resource

Uses Bearer Token authentication. This process bypasses the need for OAuth consent.

For information on obtaining your Client ID, Tenant ID, and Client Secret refer to Generating an OAuth2.0 Authorization Token in Azure.

An Azure AD resource ID indicates the audience for which a token that is issued can be used to provide access to an Azure resource. In the case of Azure Storage, the resource ID may be specific to a single storage account, or it may apply to any storage account. For further information, refer to Microsoft Azure Storage resource ID. 
Microsoft Client Credentials Grant

Client ID, Client Secret, Tenant Id

 Similar to the Microsoft OAuth 2.0 credentials, except the scope is set to .default This tells the OAuth flow to request the statically configured list of permissions. For further information, refer to Permissions and consent in the Microsoft identity platform
Microsoft Visual Studio Client ID, Client Secret, Scope

Azure DevOps provides developer services for allowing teams to plan work, collaborate on code development, and build and deploy applications.

You can select use these credentials when Creating an extended integration for Microsoft Visual Studio users.

Related Links

small_blue_link.svg Generating an OAuth2.0 Authorization Token in Azure

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk