This section explains how to set up Azure AD to use with EcoSys Connect. After completing these steps, the following values can be used in your EcoSys/Connect environments.
-
Token URL
-
Client ID
-
Client Secret
-
Scope
-
JWKS URL
-
Login to the Azure Portal.
-
Go to the ‘Azure Active Directory’ Service
-
In the left-hand navigation panel, select ‘App Registrations’
-
Click the ‘New registration’ button
-
Enter in an Application name. For example, ‘EcoSys-Connect’
All other options can be left at the default settings.
-
Click the ‘Register’ button.
-
Click the ‘Endpoints’ button.
-
The value from ‘OAuth 2.0 token endpoint (v2)’ is the Token URL that will be used later during the setup.
-
Copy the URL from the ‘OpenID Connect metadata document’ and open it in a browser.
-
Find the value for the attribute ‘jwks_uri’, the value is the JWKS URL that will be user later during the setup.
-
-
Close the ‘Endpoint’ dialog.
-
In the left-hand navigation select ‘Overview’.
-
Copy the ‘Application (Client) ID’. This is the Client ID.
-
The Scope is the Client ID with /.default added to the end of the string.
-
Example, if the Client ID is ‘abfe7a2a-73a3-4b34-8bf0-881d71018d4e’ the Scope is ‘abfe7a2a-73a3-4b34-8bf0-881d71018d4e/.default’
-
-
On the left-hand navigation panel select ‘Certificates & secrets’.
-
Click on the ‘Client secrets’ tab.
-
Click the ‘New client Secret’ button.
-
Enter a ‘Description’ and an expiration.
-
Click Add.
-
-
Copy the ‘Value’ field, this is the Client Secret.
-
When configuring the ‘Trusted App’ in EcoSys, set the client secret to this value.
-
-
When editing the values.yaml during the Connect Installation, leave the ‘dispatcher.security.tokenScope’ blank.