Versions Compared

Version Old Version 30 New Version 31
Changes made by

Leena Gopal

Leena Gopal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

In this article

Table of Contents

Overview

The Snaps in this Snap Pack use the the Azure Active Directory Snap Pack require an OAuth2 account to access the resources in Azure Active Directory (AAD). For the OAuth2 account to function without any issue, ensure to (create and) authorize successfully, create, and configure an application corresponding to the account as explained in shown in the steps below. These steps also contain the information required to create/define a new OAuth2 account for use with this Snap Pack.

Create/Access your Azure Portal Application

...

Image Removed

...

workflow.

...

Info

Steps one to three are done in the Azure Portal and the remaining steps are done in the Snap account (SnapLogic Platform).

Prerequisites

An Azure account with a free subscription to create the application.

Key Steps in the Workflow

Create an Application in the Azure Portal

  1. Log in to the Microsoft Azure Portal.

  2. Navigate to Azure services > Azure Active Directory.

  3. Navigate to Add > App registration.

  4. On the Register an application page, specify the name for registering the application and click Register. Learn more about creating an application at https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app.

Info

To use an existing application, navigate to Portal Home > Azure Active Directory >App registrations > All applications. In the search box, specify the application name you want to use. Details on registered application is display in the search list.

Define Permissions

  1. On the left navigation panel, navigate to Manage,select API permissions > Add a permission.

    Image Added

  2. On the Request API permissions window, select Microsoft Graph > Delegated permissions for the OAuth2 User account and Application permissions for the OAuth2 Application Account.

    Image Added

  3. Select the permissions from Files, Users, and

...

  1. Teams. Choose

...

  1. the

...

  1. minimum API permissions listed

...

  1. under Scopes and Permissions Required for Azure Active Directory.

  2. Click

...

  1. Add Permissions.

...

  1. View all the permissions added under

...

  1. Configured

...

  1. permissions.

...

  1. Image Added

  2. Click Grant admin consent

...

  1. confirmation and select Yes.

...


...

  1. Image Added

  2. Click Overview 

...

  1. and select Add a Redirect

...

  1. URI. You will be redirected to the Platform configurations page.

    Image Added

     

    1. Under Platform

...

    1. configurationsclick Add a platform.

    2. Select Web

...

    1. and

...

    1. specify a valid

...

    1. Redirect URI https://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/azureactivedirectory and click Configure. A popup message displays indicating that the application is successfully updated.

      Image Added

  2. On the Platform configurations page, click Save.

    Image Added

Locate the Application Credentials in the Azure Portal

To authorize your account in SnapLogic, you must have the following application credentials:

  • Application (Client) ID

  • Directory (Tenant) ID

  • Client secret value

  1. On the application page, under Essentials, note the Application (client) ID and Directory (tenant) ID needed for the Snap account.

    Image Added

  2. In the left navigation panel, select Manage > Certificates & secrets.

  3. On the Certificates & secrets page, click + New client secret.

  4. In the Add a client secret window, enter the Description, select an option for Expires from the dropdown list, and click Add. 

    The Client secret value and ID are generated. This value and the ID are required to configure the OAuth2 account.

    Image Added

You can copy the Client secret value only after it is generated.

Scopes and Permissions Required for Azure Active Directory

Application permissions

Permission

Display String

Description

Admin Consent Required?

Directory.Read.All

Directory.Read.All

Allows the app to read and write data in your organization's directory, such as users, and groups, without a signed-in user. Does not allow user or group deletion.

Yes

Directory.ReadWrite.All

Directory.ReadWrite.All

Allows the app to read and write data in your organization's directory, such as users, and groups, without a signed-in user. Does not allow user or group deletion.

Yes

Specify the Credentials And Validate the Snap account

  1. Navigate to the Snap of your choice and configure the OAuth2 account with the

...

...

  1. details located from the registered application in the Azure portal. Refer to /wiki/spaces/DRWIP/pages/2661875797

  2. Select the Auto-refresh token checkbox in the account settings and click Apply.

  3. Click Authorize. The Access and Refresh tokens are generated. You will be redirected to the sign-in page of the Azure Portal.

  4. Sign in to Azure Portal with valid credentials to redirect to the Snap Edit account settings dialog. The Access and Refresh tokens are autopopulated but encrypted in the Account settings.

  5. Validate the Snap Account.

If you select the Auto-refresh token checkbox, then you must provide offline_access as the Scope in the Token end point configuration.

Troubleshooting

Common Errors

Reason

Response

Error 401

Token is invalid

Provide a valid token and reauthorize the account.

The redirect URI specified does not match the reply URI configured for the application.

Incorrect redirect URI specified by user.

Add the following redirect_uri:
https://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/azureactivedirectory.

URL error when invoking the operation

Ensure the tenant domain name is correct.

Ensure that Directory (tenant) ID noted from the application is in the correct format.

Example: 2060aafa-89d9-423d-9514-eac46338ec05

Frequently Asked Questions

Expand
titleCan we use an existing registered application for adding account to the Snap?

https://learn.microsoft.com/en-us/azure/healthcare-apis/register-application

Expand
titleWe are trying to get the Account setup in SnapLogic and need examples of how the values of Application ID, Tenant ID, Secret key would look like. Is there any document referring to this information?

Azure Active Directory OAuth2 Account

Expand
titleWhere do I find more support for account-related information and other issues?

For any support, contact the support team. The help icon in the Snap provides referential information with the selected Snap from the application.

Expand
titleWhat type of permission does the registered application need?

https://learn.microsoft.com/en-us/graph/permissions-reference

Expand
titleHow many accounts does an Azure Active Direcrtory Snap Pack have?

Configuring Azure Active Directory Accounts

Related Content

Azure Active Directory Snap Pack

Azure Active Directory OAuth2 Account