Microsoft Entra ID OAuth2 Account

In this article

Overview

You can use this account type to connect Azure Active Directory Snaps with data sources that use Azure Active Directory OAuth2 account.

azure-entra-id-oauth2-account-overview.png

Prerequisites

Limitations and Known Issues

None.

Account Settings

AzureAD_OAuth2AccountSettings.jpg
  • Asterisk ( * ): Indicates a mandatory field.

  • Suggestion icon ( ): Indicates a list that is dynamically populated based on the configuration.

  • Expression icon ( ): Indicates whether the value is an expression (if enabled) or a static value (if disabled). Learn more about Using Expressions in SnapLogic.

  • Add icon ( ): Indicates that you can add fields in the field set.

  • Remove icon ( ): Indicates that you can remove fields from the field set.

Field Name

Field Type

Description

Field Name

Field Type

Description

Label*

 

Default value: None
Example: Azure Active Directory OAuth2 Account

String

Specify a unique label for the account instance.

 

Tenant domain name*

 

Default value: accountingsnaplogic.onmicrosoft.com
Example: accountingsnaplogic.onmicrosoft.com

String

Specify your "onmicrosoft.com" domain name. You can also use custom domain names. Learn more: Add Custom Domain. 

 

Client ID*

 

Default value: N/A
Example: 222b0666b2bbb22222b22b2b2b222bb

String

Specify the client ID that you obtain after creating an app in Azure Directory portal.

Client secret

 

Default value: N/A
Example: 66b2bbb22222b22b2b2b222bb

String

Specify the Application Secret that was created for the Application ID in the portal. The client secret can be created by following the steps of the application provider.

Access token*

 

Default value: N/A
Example: <Value is encrypted>

String

 

Auto-generated after authorization.

The access token is retrieved when setting up the account for the endpoint. There, the OAuth2 flow will be executed and the resulting access token will be stored in this property. The access token might be refreshable, in which case an optional refresh token can be stored. The user must get a new access token if the access token has expired and no refresh token was defined or both the access and the refresh token have expired.

Refresh token

 

Default value: N/A
Example: <Value is encrypted>

String

Auto-generated after authorization.

The refresh token is retrieved when setting up the account for the endpoint. The OAuth2 flow is executed and the resulting refresh token is stored in this field. If the refresh token is stored, then the access token can be refreshed automatically before it expires.

Access token expiration

 

Default value: N/A
Example: 1648822115

String

Auto-generated after authorization.

The time until which the access token is active.

OAuth2 Endpoint*

Default value: https://login.microsoftonline.com/<tenant-id*>/oauth2/v2.0/authorize
Example: https://login.microsoftonline.com/3164f/oauth2/v2.0/authorize

String

Specify the tenant ID in the designated position in the URL to authorize the application.

https://login.microsoftonline.com/<tenant-id*>/oauth2/v2.0/authorize

OAuth2 Token*

 

Default value: https://login.microsoftonline.com/<tenant-id*>/oauth2/v2.0/token

Example: https://login.microsoftonline.com/3164f/oauth2/v2.0/token

String

 

Specify the tenant ID in the following format to get the access token.

https://login.microsoftonline.com/<tenant-id*>/oauth2/v2.0/token

 

Grant type

 

Default Value: authorization_code
Example: client_credentials

Dropdown list

Select one of the following Grant types for authorization:

  • authorization_code: Authentication using credentials (username and password), which return to the client through a redirect URL. The application then receives the authorization code from the URL and uses it to request an access token.

  • client_credentials: Obtains an access token for the client ID and client secret through the token endpoint URL.

Token endpoint config

Use this field set to configure custom properties for the OAuth2 token endpoint.

Token endpoint parameter

 

Default Value: N/A 

String

Define custom properties for the OAuth2 token endpoint.

Token endpoint parameter value

 

Default Value: N/A 

String

Define custom properties for the OAuth2 auth endpoint.

Auth endpoint config

Use this field set to configure custom properties for the OAuth2 endpoint.

Authentication endpoint parameter

 

Default Value: Scope
Example: Scope

String

Define optional authentication parameters.

Authentication parameter value

 

Default Value: https://graph.microsoft.com/.default offline_access
Example: https://graph.microsoft.com/.default offline_access

String

Define optional authentication parameter values.

  • To use Microsoft Graph API, you must set the scope as https://graph.microsoft.com/.default.

  • To get a refresh token, you must set the scope as offline_access.

  • You can provide multiple scopes by separating them with spaces.

Auto-refresh token

 

Default Value: Deselected

Checkbox

Select this checkbox to refresh the token automatically. Otherwise, the token might expire and will not be automatically refreshed.

Snap Pack History


Related Content