App Connect

 View Only

Using IBM® App Connect to interact with Microsoft© Azure Active Directory

By Shahmini Arumugam posted Fri April 01, 2022 01:22 AM

  

Microsoft Azure Active Directory (Azure AD) is a cloud-based identity and access management (IAM) solution that provides single sign-on and multi-factor authentication that helps to protect from cybersecurity attacks. The Microsoft Azure AD connector is available in containerized environments.



Using Microsoft Azure AD with IBM® App Connect

You can use App Connect to perform actions on the following objects:

  • Administrative units
  • Devices
  • Domains
  • Groups
  • Organizations
  • Users

Building a flow in App Connect with Microsoft Azure AD

You can now use IBM App Connect to build flows that integrate with Microsoft Azure AD and other applications.

The connector is displayed as “Microsoft Azure Active Directory” on the IBM App Connect User Interface (UI). 

You can opt to log in by using the basic, or OAuth 2.0 password authentication mode. The required information to connect App Connect to your Microsoft Azure AD account differs based on the authentication mode.

For App Connect deployments in containerized environments, the following properties are required for your Microsoft Azure AD account connection.

Required credentials

Description

Client ID

The unique identifier generated after the Microsoft Azure app registration gets mapped to the specific project requests.

 

Note: Only required for OAuth 2.0 password and basic authentication mode.

Client secret

The application client secret for a project-specific unique application client ID.

 

Note: Only required for OAuth 2.0 password and basic authentication mode.

 

Access token

The access token generated from the application client ID and client secret.

 

Note: Only required for basic authentication mode.

 

Refresh token

The refresh token generated from the application client ID and client secret.

 

Note: Only required for basic authentication mode.

 

Username

The username to log in to your Microsoft Azure Active Directory account.

 

Note: Only required for OAuth 2.0 password authentication mode.

Password

The password for the specified username.

 

Note: Only required for OAuth 2.0 password authentication mode.


Now, let’s look at the Microsoft Azure Active Directory use cases that are run in a containerized environment.

Scenario: Sync Microsoft Active Directory devices or computers to Microsoft Azure Active Directory

Consider this scenario where you use App Connect that schedules an hourly synchronization scheduler-based flow between the Microsoft Active Directory (AD) and Azure Active Directory (AD) devices in a containerized environment.

The flow creates or updates the device in Microsoft Azure AD whenever a new computer is created or updated in Microsoft AD, helping you keep your devices information in sync.

complete flow

For this scenario:

1. You run a scheduler-based flow that retrieves computers from Microsoft Active Directory (AD) through a batch process.
2. The Microsoft AD retrieve computers operation fetches the computer details based on the base-distinguished name.

     For example:    retrieve computers
3. A Set variable node is added to a ‘For each’ loop to map the retrieved computer with a common name string.
For each Microsoft AD computer is mapped with a common name string.
For example:   retrieve computers


This setting generates random data with the common name, making it a unique entry for Azure AD.

4. The Microsoft Azure AD update or create device operation either updates or creates the device details based on the device registration ID mapped to the retrieved computer common name.

For example:
update or create device


 If the device is not found, the device details are created, or for an existing device, the details are updated accordingly in Microsoft Azure AD.

Scenario: Sync Microsoft Active Directory users to Microsoft Azure Active Directory

Similarly, consider the following scenario that schedules an hourly synchronization scheduler-based flow in a containerized environment, which creates or updates the user in Microsoft Azure AD whenever a new user is created or updated in Microsoft AD, helping you keep your user information in sync


For this scenario:

1. You run a scheduler-based flow that retrieves users from Microsoft Active Directory (AD) through based on the base-distinguished name.
2. A Set variable node is added to a ‘For each’ loop to map the retrieved user with the ‘User principal name’ string.

For each Microsoft AD user is mapped with the ‘User principal name’ string.

       
For example:

Set variable
3. The Microsoft Azure AD update or create user operation either updates or creates the user details based on the username. If the user is not found, the user and its details are created, or for an existing user, the details are updated accordingly in Microsoft Azure AD.
Scenario 2 Retrieve users

IBM® App Connect supports a wide range of data formats, application infrastructures, and integration styles. For more information, see
IBM® App Connect connectors.


#AppConnect


#microsoftazuread
#containers
#Integration

Permalink