Knowledge: Office365 API setup for Sysero Application calls to read AzureAD groups and other API REST calls (Microsoft Graph)
Back
Knowledge
Title*Office365 API setup for Sysero Application calls to read AzureAD groups and other API REST calls (Microsoft Graph)
ManualAdministration
Manual Level TwoIntegrations
Manual Level ThreeOffice365
Created08/07/2021
DetailThese calls are made at system level so a seperate App Registration is required in AzureAD.
Office365 (Azure Active Directory) Settings
- Go to Azure Portal > Azure Active Directory.
- Click on App Registrations.
- Click on New Application Registration.
- Enter the name e.g. Sysero (Application)
- Leave Supported Account Types as Single Tenant
- Note the Application (client) ID.
- Note the Directory (tenant) ID.
- In API Permissions check that the following is set Micrsoft Graph Application (not User Delegated) Permission:
- Directory.Read.All
- Group.Read.All
- GroupMember.Read.All
- User.Read.All
- Grant Admin Consent.
- In Certificates and Secrets add a Secret called Sysero and make a note of it.
Sysero
Set the following values in Sysero > Admin System > OAuth Settings:
- OAuth ClientID Office365 (Application).
- OAuth DirectoryID Office365 (Application).
- OAuth Secret Office365 (Application).
Once complete Sysero at application level has access to use RESTOAuth type Data Actions to lookup groups or system jobs to sync via AzureAD groups via REST Microsoft Graph API.
Additional Manual Locations