Setting up an Office 365 Authentication Source

Creating a New App Registration

  1. Sign in to Office 365 at https://login.microsoftonline.com
  2. If prompted, select Work or School account
  3. o365auth2

  4. Choose the Admin app.
  5. Click on Admin centers (from the left-side menu) then click on Azure Active Directory.
  6. Click Azure Active Directory (from the left menu, below favorites) or select your domain from the dashboard.
  7. Note: Ensure that the correct domain/district is displayed on the overview panel.
  8. Select the App registrations tab then click New application registration.
  9. Enter an application a name, select Web application/ API as the type, then enter your Sign-on URL. The sign-on URL should use the format http://yourrocket.com/auth/azure_oauth2/callback where yourrocket.com is the FQDN or IP address for your Rocket server.
  10. Click Create. Your application has now been added.
  11. Select Settings button.
  12. Click Required Permissions from the settings menu (below API Access).
  13. Click Windows Azure Active Directory from the API list.
  14. Scroll through the list of Application and Delecated Permissions and select the following permissions:

    Application:

    Delegated:

  15. Click the Save button.
  16. Click Keys from the settings menu (below API Access).
  17. Enter a Key description and choose in 2 years from the Duration drop-menu.
  18. Click Save to generate a key for the app.
  19. Copy the key value (you will not be able to access the key after you leave this page).
  20. Navigate back to this new app’s properties page by clicking Enterprise applications > All applications > [new app’s name] > Properties.
  21. Take note of your Application ID. Click the copy icon next to the Application ID.

Setting up the Office 365 Authentication Source on the Rocket

  1. Log in to the Rocket and click Settings
  2. r3-00185

  3. In the Authentication Sources section, click Add Authentication Source
  4. Choose Office 365 as the type
  5. o365auth16

  6. Enter a name, description, friendly name, and email domain (everything after the @ sign)
  7. Paste the Application ID (copied in steps above) in the Client ID field.
  8. Paste the key value (copied in steps above) in the Client Secret field.
  9. Select the checkbox Available to End Users and click Save