Microsoft Azure Active Directory (Azure AD) is a cloud-based identity and access management (IAM) solution that provides single sign-on and multi-factor authentication that helps to protect from cybersecurity attacks. The Microsoft Azure AD connector is available in containerized environments.
Using Microsoft Azure AD with IBM® App Connect
You can use App Connect to perform actions on the following objects:
- Administrative units
- Devices
- Domains
- Groups
- Organizations
- Users
Building a flow in App Connect with Microsoft Azure AD
You can now use IBM App Connect to build flows that integrate with Microsoft Azure AD and other applications.
The connector is displayed as “Microsoft Azure Active Directory” on the IBM App Connect User Interface (UI).
You can opt to log in by using the basic, or OAuth 2.0 password authentication mode. The required information to connect App Connect to your Microsoft Azure AD account differs based on the authentication mode.
For App Connect deployments in containerized environments, the following properties are required for your Microsoft Azure AD account connection.
|
Required credentials
|
Description
|
|
Client ID
|
The unique identifier generated after the Microsoft Azure app registration gets mapped to the specific project requests.
Note: Only required for OAuth 2.0 password and basic authentication mode.
|
|
Client secret
|
The application client secret for a project-specific unique application client ID.
Note: Only required for OAuth 2.0 password and basic authentication mode.
|
|
Access token
|
The access token generated from the application client ID and client secret.
Note: Only required for basic authentication mode.
|
|
Refresh token
|
The refresh token generated from the application client ID and client secret.
Note: Only required for basic authentication mode.
|
|
Username
|
The username to log in to your Microsoft Azure Active Directory account.
Note: Only required for OAuth 2.0 password authentication mode.
|
|
Password
|
The password for the specified username.
Note: Only required for OAuth 2.0 password authentication mode.
|
Now, let’s look at the Microsoft Azure Active Directory use cases that are run in a containerized environment.
Scenario 1: Sync Microsoft Active Directory devices or computers to Microsoft Azure Active Directory
Consider this scenario where you use App Connect that schedules an hourly synchronization scheduler-based flow between the Microsoft Active Directory (AD) and Azure Active Directory (AD) devices in a containerized environment.
The flow creates or updates the device in Microsoft Azure AD whenever a new computer is created or updated in Microsoft AD, helping you keep your devices information in sync.
For this scenario:
1. You run a scheduler-based flow that retrieves computers from Microsoft Active Directory (AD) through a batch process.
2. The Microsoft AD retrieve computers operation fetches the computer details based on the base-distinguished name.
For example:
3. A Set variable node is added to a ‘For each’ loop to map the retrieved computer with a common name string.
For each Microsoft AD computer is mapped with a common name string.
For example:
This setting generates random data with the common name, making it a unique entry for Azure AD.
4. The Microsoft Azure AD update or create device operation either updates or creates the device details based on the device registration ID mapped to the retrieved computer common name.
For example:
If the device is not found, the device details are created, or for an existing device, the details are updated accordingly in Microsoft Azure AD.
Scenario 2: Sync Microsoft Active Directory users to Microsoft Azure Active Directory
#AppConnect
#microsoftazuread#containers#Integration