In this article

Snaps in this Snap Pack use the Azure Active Directory OAuth2 account to access the Azure Active Directory (AAD). For the OAuth2 account to function without any issue, ensure to (create and) configure an application corresponding to the account as explained in the steps below. These steps also contain the information required to create/define a new OAuth2 account for use with this Snap Pack.

Create/Access your Azure Portal Application

1. Log into the Microsoft Azure Portal.
2. To create a new application, click Azure Active Directory under Azure Services.
   
3. Click Add → App Registrations
   
4. On the Register an Application page, enter the Name and Redirect URL Name and Redirect URL for the new app registration. Redirect URL is the URL of your SnapLogic server that uses this account.
   OR 
   To use an existing application, select the application from the list in the App Registrations to select the application.
   
   
   
5. Click Register.

Locate/Define Information Required to Create your Snap Account

1. Specify the values required to create a successful Snap account connection.
2. Enter the application (Client) ID  for the new account.
   
   
3. Click Endpoints to locate the OAuth 2.0 authorization endpoint (v1) and OAuth 2.0 token endpoint (v1).
   
4. Under Manage, click Authentication to define the trusted redirect/callback/reply URLs from your SnapLogic platform that connect/transact with the Azure Active Directory application. 
5. Click Add URL to define a new Redirect URI and save it.
   
6. Configure the Logout URL to: https://elastic.snaplogic.com.
7. Click Certificates & secrets to view the Client secrets that can be used for the new account.
8. Click Add.
9. Copy the value of the generated Client Secret. You will need this Client Secret to configure the Azure Active Directory in SnapLogic.
   

10. Under Manage, click API permissions to grant permissions to the application for the endpoint in context.

11. Click Add permissions to add permissions. 
    

13. Under Microsoft Graph, select Delegated permissions and choose the following permissions from the respective category. 

1. OpenId permissions > offline_access

2. Files > Files.ReadWrite.All

14. Click API permissions to grant permissions to the application for the endpoint in context

You can assign admin access to yourself and proceed with account configuration in SnapLogic.

Scopes and Permissions Required for Azure Active Directory

1. Navigate to the Snap of your choice and set up the account with the following details noted in the previous steps.
   • Client ID
   • Client Secret
   • OAuth2 Endpoint and OAuth2 Token:
     • OAuth2 Endpoint:https://login.microsoftonline.com/%3Ctenantname%3E.onmicrosoft.com/oauth2/v2.0/authorize
     • OAuth2 Token: https://login.microsoftonline.com/<tenantname>.onmicrosoft.com/oauth2/v2.0/token
     Replace <tenantname> with your Azure Active Directory tenant name. 
   • Token Endpoint Config:
     • Token endpoint parameter: response_type
     • The token endpoint parameter value: code
     • Auth Endpoint configuration:
       • Authentication parameter: scope
       • Authentication parameter value: offline_access Files.ReadWrite.All
2. Click Authorize. 
   You will be redirected to the login page of Microsoft office.
3. Login and accept the permissions.
   The Access token and the Refresh Token will be generated.
4. Check the Auto-refresh token checkbox and save the account.

See Also

• Azure Active Directory Snap Pack