Add Application to Azure Active Directory (v 1.10)

Owned by Andi Muka
Nov 08, 2023
4 min read



 Display Name and Application ID

This step is required for the Confluence add-on to be able to send authenticated requests towards SharePoint Online.

To access SharePoint Online, the SharePoint Connector must be registered as an application in Azure Active Directory (Azure AD). This registration process involves giving Azure AD details about SharePoint Connector, such as the address to send replies to, after a user is authenticated.  

The actual look of the Azure portal might differ from the screenshots in this guide as the user interface is updated frequently by Microsoft.

Choose the Right Directory

Choosing the right Azure AD is only necessary if your account has access to multiple directories.

On the Azure portal home page, select Directory switcher on the top bar of the page. A panel will open on the right that might show you a list of accessible Azure AD tenants. Choose the one connected to your Office 365 tenant.

Here is an example for an account having access to multiple directories:

                    

If the Switch Directory section in the panel doesn't show, you can proceed as you only have access to one directory.

                     

Register Application in Azure AD

1. In the left-hand menu choose Azure Active Directory. Then choose App registrations.

                   

2. Select New registration.

                  

3. In the Register an application view, enter the Name, choose Supported account types and click Register.

               

You successfully registered a new application.

Configure Application in Azure AD

Select the application you created in the previous step.

If you are unable to find your application make sure you have selected the "All applications" tab.


Note: the Display Name and Application ID might be different for you.

The application's Overview page will open.

Make note of the Application (client) ID. You'll need it later.

Add Redirect URIs

1. Go to the Authentication tab and click on Add a platform

2. On Configure platforms select Single-page application

3. Next add the SharePoint Connector Redirect URIs and click on Configure

Samples for Redirect URIs:

  • https://localhost:8090/confluence/plugins/servlet/csi/auth-helper
  • https://confluence.communardo.de/plugins/servlet/csi/auth-helper

4. Click on Save to save the changes.

Set API Permissions

1. Go on the application's API Permissions page.

Request API permissions

 

Note: The Microsoft Graph API permission: "User.Read" should already be present.

2. Select Add Permission. The Request API permissions panel will open on the right.

            

3. In Microsoft APIs tab, find and select the SharePoint box. Choose Delegated Permissions as the type of permissions your application requires.

Delegated means the permission needs a signed-in user and actions are performed in the context of this user. The user will just be able to access data which he is already allowed to access in SharePoint directly. Especially our app is not able to access any data without a user.

4. Expand AllSites and select the foIlowing permissions:

  • AllSites.Manage

              

5. Confirm by clicking Add permissions button on the bottom of the panel.

The permissions are now listed in the application's API Permissions table.

            

6. In the Grant consent section of API Permissions page, click "Grant admin consent for ..." button.

           

7. Confirm by selecting Yes on the confirmation dialog that shows up on top of the page.

Granting consent means a user is granting authorization to an application to access protected resources on their behalf. Granting admin consent for all users makes sure every user can use the SharePoint macros in Confluence.



Make Note of Information Needed to Configure Confluence

Note the Application ID

You'll need the application ID that you got in step Configure Application in Azure AD.

Sample Application ID: d33d7c4b-8e9c-437a-9b12-61ae3f0d14a4

Note the Directory ID

On the Azure portal home page, hover over your account picture in the top-right corner of the page.

Make note of the Directory ID:

                 

Note: Hovering sometimes fails in certain browsers. Use another browser if this happens.

You can avoid typing this ID by navigating to Azure Active Directory -> Properties where you can copy the Directory ID to the clipboard:

Sample Directory ID: d4b5cc62-72c9-4f0c-bc01-0d1e852b8ce0

After following above steps you should now have the following information noted and available for upcoming configuration steps:

  • Application ID (for example d33d7c4b-8e9c-437a-9b12-61ae3f0d14a4)
  • Azure Active Directory ID (for example d4b5cc62-72c9-4f0c-bc01-0d1e852b8ce0)


9014616

Page Content

All Versions