About the Azure web app

2024-08-26Last updated

The Azure web app is a web application that is used to connect Genetec ClearID™ One Identity Synchronization Tool to the Azure AD data so that the Active Directory user information can be accessed and synchronized.

Connection information for Azure web app

To connect the Azure web app to the ClearID One Identity Synchronization Tool, you need the following information:
Data source configuration dialog in the ClearID One Identity Synchronization Tool showing configuration information including Tenant name, Client ID, and App key.
  • Tenant name (Directory ID for account)
  • Client ID (Application ID)
  • App key (Client secret value)
Tip: The Tenant name, Client ID, and App key can be obtained from your Azure Active Directory (Microsoft Entra ID) application registration.
Overview page in Microsoft Azure showing the One Identity application with the Application ID and Directory ID highlighted.
Certificates & secrets page in Microsoft Azure showing the One Identity application with the Client secret value highlighted.

Azure AD API permissions

Before you can synchronize data with Genetec ClearID™, an external system attributes administrator (IT or security personnel) must set up and configure the following API read permission privileges in Azure AD.

Microsoft Graph (minimum requirements):
  • Application.Read.All - Used to get extensions attributes.
    • Allows the app to read applications and service principals without a signed-in user.

    For more information, see List extensionProperties (directory extensions)

  • User.Read.All - Used to get user information.
    • Allows the app to read identity user risk information for all users in your organization without a signed-in user.
  • Group.Read.All - Used to get group information.
    • Allows the app to read group properties and memberships, and read conversations for all groups, without a signed-in user.
API permissions page in Microsoft Azure showing the One Identity application with the API permissions highlighted.

For more information, see Microsoft Graph permissions reference.