This guide explains how to configure Azure to integrate Microsoft Entra ID with Portal 360.
Once you have completed the configurations described below, you will have made the necessary adjustments in the Azure portal and will have the information needed to register the Microsoft Entra ID domain in NDD Print Portal Portal 360.
The permissions requested in this guide are required for the subsequent assignment of attributes as suggested on the domain creation screen integrated with MS Entra in Portal 360.
Access the Azure dashboard
-
Sign in to the Azure Portal and go to the home page.
-
In the search bar, type ‘entra’ and select the Microsoft Entra ID option.
The account used to sign in to Azure must have administrative permissions for the domain that will be integrated.
-
Go to the Users tab to verify that you are managing the correct domain.
Creating the application
-
In the settings for the domain you want to integrate, in the side menu, locate and select ‘App Registrations’.
-
On the next screen, click ‘New Record’.
-
On the creation screen, enter a suggested name for the app.
-
For supported account types, select the appropriate option based on your environment.
At this point, we will not configure the redirect URLs.
-
Click ‘Register’ to finish the setup.
-
The newly created application will appear in the application list, as shown below:
Defining Application Permissions
NDD Print Portal 360 will perform a data synchronization with the MS Entra ID domain using the newly created application. To do this, you will need to configure the appropriate permissions.
How to add new permissions:
-
Open the app from the list.
-
In the side menu, select ‘API Permissions’.
-
Click the ‘Add a permission’ button.
-
In the drop-down menu that appears, select the ‘Microsoft Graph’ option.
Select the permission type:
-
The drop-down menu will display two categories:
-
Delegated permissions
-
Application permissions
-
The selection depends on the permission you are configuring:
-
If it is delegated, select Delegated Permissions
-
If it is application-related, select Application Permissions
-
After selecting the category, enter the permission name, check the corresponding checkbox, and click ‘Add Permissions’.
Administrator consent:
-
Some permissions require the administrator's consent for the domain. These permissions will be highlighted in the list.
-
If your account has administrative privileges, the following button will appear: ‘Grant administrator consent for [Domain Name]’. Click it to complete the process:
Collecting Information for Portal 360
To complete the integration, you will need to collect the following information:
-
Application ID (Client)
-
Application domain
-
Directory ID (tenant)
-
Client secret
Obtaining the information
Application ID (Client):
-
Go to the ‘Overview’ tab for the application.
Application domain:
-
Look for this information in the path shown in the application panel.
Tip: It is usually located next to the tenant ID and other basic information.
Next:
Directory ID (tenant):
-
This can also be found on the ‘Overview’ tab of the application.
Client secret:
-
In the side menu, go to the ‘Certificates and secrets’ tab.
-
Click ‘New Client Secret’.
-
Add an enticing description, select the latest expiration date available, and click ‘Add’
-
The secret will be displayed in the list.
Copy the value using the button next to the secret.
The confidential information must be stored in a secure location and shared only with those who need to know.
If you need more information about application registrations in environments that use Azure AD, follow the official link:
https://learn.microsoft.com/pt-br/entra/identity-platform/howto-create-service-principal-portal