Setting up an Office 365 Authentication Source

Creating a New App Registration

  1. Sign in to Office 365 at https://login.microsoftonline.com
  2. If prompted, select Work or School account
  3. o365auth2

  4. Choose the Admin app.
  5. Click on Admin centers (from the left-side menu) then click on Azure Active Directory.
  6. Click Azure Active Directory (from the left menu, below favorites) or select your domain from the dashboard.
  7. Note: Ensure that the correct domain/district is displayed on the overview panel.
  8. Select the App registrations tab then click New application registration.
  9. Enter an application a name, select Web application/ API as the type, then enter your Sign-on URL. The sign-on URL should use the format http://yourrocket.com/auth/azure_oauth2/callback where yourrocket.com is the FQDN or IP address for your Rocket server.
  10. Click Create. Your application has now been added.
  11. Select Settings button.
  12. Click Required Permissions from the settings menu (below API Access).
  13. Click Windows Azure Active Directory from the API list.
  14. Scroll through the list of Application and Delecated Permissions and select the following permissions:

    Application:

    Delegated:

  15. Click the Save button.
  16. Click Keys from the settings menu (below API Access).
  17. Enter a Key description and choose in 2 years from the Duration drop-menu.
  18. Click Save to generate a key for the app.
  19. Copy the key value (you will not be able to access the key after you leave this page).
  20. Navigate back to this new app’s properties page by clicking Enterprise applications > All applications > [new app’s name] > Properties.
  21. Take note of your Application ID. Click the copy icon next to the Application ID.
  22. Click All Services (far-left navigation menu).

  23. Click App registrations (below Manage).

  24. Select the app you created in the steps above, then click Settings.

  25. Click Reply URLs.

  26. Enter your host name followed by /auth/azure_oauth2/callback for every Rocket in your cluster. Include an http and https version for every URL entered.

  27. Click Save.

Rocket Authentication Source Settings

Refer to our documentation Adding an Authentication Source for steps to open the Authentication Source window.

Field Name Description
Name Name of the Authentication Source for use in the Web Filter UI.
Description Description of the Authentication Source for use in the Web Filter UI.
Friendly Name Name visible to end users when used with web authentications, overrides, and web – zone administrator login.
Domain The optional top-level domain name.
Client ID The Application ID provided by the 365 web application (or copied in the steps above).
Client Secret The Client Secret provided by the 365 web application.
Available to End Users Select (check) this checkbox to use this source for web authentication.