Azure Active Directory

Setup

In order for this integration to work, you must first make some setting changes in our instance of AAD.

1. Sign in to your instance of AAD using this link: https://aad.portal.azure.com/. You must be an “Application Administrator” or a “Global Administrator” to configure the “App registration” in AAD.
2. Click "All Services" on the left panel and then click Azure Active Directory.

The Company Overview window will display.

3. Click "App registrations" under Manage.

4. Click "New registration":

5. Enter a name, DTOOLSSI is a fine name. Leave the "Accounts in this organizational directory only...." option selected and click the Register button.

6. Click "Authentications" under Manage.

7. Click "Add a platform":

8. Click "Mobile and desktop applications":

9. In the "Configure Desktop + devices" window, select the first option and then click the Configure button:

10. Scroll down and click Yes to "Allow public client flows" and then click the Save button:

11. Click "API permissions" under Manage:

12. Click "Add a permission":

13. Click "Microsoft Graph":

14. Click "Delegated permissions":

15. Search for User.Read.All, click on it to select the permission. then click the Add Permissions button:

16. Click "Grant admin consent for DTOOLSSI" (or whatever you decided to name the integration in step 5):

17. Click "Overview" and make a note of the Application (client) ID and Directory (tenant) ID values:

18. Open System Integrator and click Start->Setup->Control Panel.
19. Double-click the "Azure Active Directory" icon.

20. Tick the "Enable integration" checkbox and then enter your Client ID and Tenant ID from AAD and then click Save:

21. You will be prompted to sign in to your instance of AAD:

Once you sign in you will get a confirmation the integration is enabled:

You can now import Users into SI from AAD or link existing SI user's to AAD. Click here for details.