Setting up an Office 365 Authentication Source
Creating a New App Registration
- Sign in to Office 365 at https://login.microsoftonline.com
- If prompted, select Work or School account
- Choose the Admin app.
- Click on Admin centers (from the left-side menu) then click on Azure Active Directory.
- Click Azure Active Directory (from the left menu, below favorites) or select your domain from the dashboard.
- Select the App registrations tab then click New application registration.
- Enter an application a name, select Web application/ API as the type, then enter your Sign-on URL. The sign-on URL should use the format http://yourrocket.com/auth/azure_oauth2/callback where yourrocket.com is the FQDN or IP address for your Rocket server.
- Click Create. Your application has now been added.
- Select Settings button.
- Click Required Permissions from the settings menu (below API Access).
- Click Windows Azure Active Directory from the API list.
- Scroll through the list of Application and Delecated Permissions and select the following permissions:
- Click the Save button.
- Click Keys from the settings menu (below API Access).
- Enter a Key description and choose in 2 years from the Duration drop-menu.
- Click Save to generate a key for the app.
- Copy the key value (you will not be able to access the key after you leave this page).
- Navigate back to this new app’s properties page by clicking Enterprise applications > All applications > [new app’s name] > Properties.
- Take note of your Application ID. Click the copy icon next to the Application ID.
- Click All Services (far-left navigation menu).
- Click App registrations (below Manage).
- Select the app you created in the steps above, then click Settings.
- Click Reply URLs.
- Enter your host name followed by /auth/azure_oauth2/callback for every Rocket in your cluster. Include an http and https version for every URL entered.
- Click Save.
Rocket Authentication Source Settings
Refer to our documentation Adding an Authentication Source for steps to open the Authentication Source window.
|Name||Name of the Authentication Source for use in the Web Filter UI.|
|Description||Description of the Authentication Source for use in the Web Filter UI.|
|Friendly Name||Name visible to end users when used with web authentications, overrides, and web – zone administrator login.|
|Domain||The optional top-level domain name.|
|Client ID||The Application ID provided by the 365 web application (or copied in the steps above).|
|Client Secret||The Client Secret provided by the 365 web application.|
|Available to End Users||Select (check) this checkbox to use this source for web authentication.|