This guide provides step-by-step instructions for obtaining API credentials (Client ID, Tenant ID and Client Secret Value) from Microsoft Entra ID (formerly Azure AD) and configuring them in Logsign USO for seamless integration.
Register an Application in Microsoft Entra ID
To enable API access, you must create an application in Microsoft Entra ID and obtain the necessary credentials.
Access Microsoft Entra ID
1. Open a web browser and navigate to Microsoft Entra Admin Center.
2. Log in using a Microsoft account with administrative privileges.
3. Select Microsoft Entra ID from the left-hand navigation panel.
Register a New Application
- Go to Enterprise Applications and click + New registration.
- Click Create your own application section and select "Integrate any other application you don't find in the gallery (Non-gallery)".
- Enter an appropriate Name for the application (e.g., “Logsign USO Integration”).
- Click Create to the application.
- After that click App registirations > All applications and click your new application.
Retrieve the Client ID and Tenant ID
After registration, go to the Overview page.
Copy and securely store the following:
Client ID (Application ID)
Tenant ID (Directory ID)
Configure Authentication and API Permissions
Create a Client Secret
1. Navigate to Certificates & secrets.
2. Under Client secrets, click + New client secret.
3. Provide a Description and set an expiration period.
4. Click Add.
5. Copy and securely store the Client Secret, as it cannot be retrieved once the window is closed.
Configure API Permissions
Go to API Permissions and click + Add a permission.
Select Microsoft Graph.
Under Delegated Permissions, add:
- User.Read
- Directory.AccessAsUser.All
- Directory.Read.All
Under Application Permissions, add:
- Directory.Read.All
Click Add permissions.
Click Grant admin consent to approve the requested permissions.
Add Redirect URIs
When you access the application you created, you will see the Redirect URIs section under Overview. Go there and enter the URL of your Logsign USO server under the web category.
An image has been added above for illustrative purposes.
Configure Microsoft Entra ID in Logsign USO
Once you have obtained the Client ID, Tenant ID and Client Secret Value follow these steps to configure Logsign USO:
Open Logsign USO
Log in to your Logsign USO platform.
Navigate to Settings
Go to Settings > Response.
Select Microsoft Entra ID as the provider.
Enter API Credentials
Fill in the required fields:
- Client ID → Enter the Client ID obtained from Microsoft Entra ID.
- Tenant ID → Enter the Tenant ID obtained from Microsoft Entra ID.
- Client Secret Value → Enter the Client Secret Value securely stored earlier.
Settings > Enrichment > Identities
Once the response has been added, log in to the specified area and click the sync tab in the upper right corner.
On the next screen, select the Entra ID we just added and sync. In the list that appears, select the user you want to add to LDAP and click the Apply Role Select area. After specifying the user's role, the process is complete.
You can now log in with the user you added to LDAP on the login screen. This will redirect you to the Microsoft site via SSO and ask you to log in to your account.