In this article
...
Snaps in this Snap Pack use the Azure Active Directory OAuth2 account to access the Azure Active Directory (AAD). For the OAuth2 account to function without any issue, ensure to (create and) configure an application corresponding to the account as explained in the steps below. These steps also contain the information required to create/define a new OAuth2 account for use with this Snap Pack.
Create/Access your Azure Portal Application
| Insert excerpt | ||||||||
|---|---|---|---|---|---|---|---|---|
|
Locate/Define Information Required to Create your Snap Account
- Specify the values required to create a successful Snap account connection.
- Enter the application (Client) ID for the new account.
- Click Endpoints to locate the OAuth 2.0 authorization endpoint (v2) and OAuth 2.0 token endpoint (v2).
- Under Manage, click Authentication → Add a platform → Web to define the trusted redirect/callback/reply URLs from your SnapLogic platform that connect/transact with the Azure Active Directory application.
- Under Redirect URIs, enter the new Redirect URI and click Configure.
- Configure the Logout URL to: https://elastic.snaplogic.com/
- Click Certificates & secrets → New client secret to add the client secret description that can be used for the new account.
- Under Add a client secret, enter the description of the client secret and click Add.
- Copy the value of the generated Client Secret. You will need this Client Secret to configure the Azure Active Directory in SnapLogic.
Under Manage, click API permissions to grant permissions to the application for the endpoint in context.
Click Add permissions to add permissions.
13. Click Microsoft Graph, select Delegated permissions and choose the following permissions from the respective category.
OpenId permissions > offline_access
Files > Files.ReadWrite.All
14. Click API permissions to grant permissions to the application for the endpoint in context
...
Account
- Under Essentials, make a note of Application (client) ID and Tenant ID.
- Under Manage, click Certificates and Secrets.
- On Certificates and Secrets page, click +New client secret
- On the Add a client secret page, enter the Description and Expires and click Add.
The client secret value is generated.
- Under Manage, click API Permissions → Add a Permission
- On the Request API permissions page, select Microsoft Graph → Delegated Permissions for the OAuth2 User account and Application Permissions for the OAuth2 application Account.
- You can select the permissions from Files, Users, and Sites. Choose all the required API permissions for Exchange Online listed below:
- Click Add Permissions. You can see all the permissions added under Configured Permissions.
- Click Grant admin consent for SnapLogic Inc and select Yes.
- Click Overview and Add a Redirect URls.
- Under Platform Configurations, click Add a platform.
- Select Web and enter a valid redirecting URI and click Configure
- Under Implicit grant and hybrid flows, select Access tokens (used for implicit flows) and ID tokens (used for implicit and hybrid flows) checkbox and click Save.
Scopes and Permissions Required for Azure Active Directory
- Navigate to the Snap of your choice and set up the account with the following details noted in the previous steps.:
- Client ID
...
- Tenant
...
- ID
- Client secret
- OAuth2 Endpoint: https://login.microsoftonline.com/
...
...
...
- To get the OAuth2 Endpoint and OAuth2 Token, click Overview → Endpoints and copy the (V2) endpoints
- Token Endpoint Config:
- Token endpoint parameter:
...
- response-type
...
- Token endpoint parameter value: code
- Auth Endpoint configuration:
- Authentication parameter: scope
- Authentication parameter value
...
- : https://graph.microsoft.com/.default
- Click Authorize.
...
- You will be redirected to the login page of Microsoft
...
- Azure Portal.
- Login and accept the permissions.
...
- The Access token and the Refresh Token will be generated.
- Check
...
- the Auto-refresh
...
- token checkbox
...
- in the account settings and click Apply.
- See Also