Entra ID (formerly Azure AD)

Owned by Girish Reddy
Last updated: Nov 15, 2024
2 min read

The Entra ID (formerly Azure AD) connector lets you connect to an Azure AD instance and perform these three functions: Create User, Deactivate User, Provision Apps for User.

Configuring the connections

Following details are required to establish the workday connection

  1. Directory (tenant) ID

  2. Client ID

  3. Client Secret

Follow below instructions to create the above (reference)

Step - 1: Application Registration

  1. Go to Azure portal and log in.

  2. Click on Azure Active Directory on the left-hand side navigation.

  3. Navigate to App registrations

  4. Click on New registration at the top

  5. Give your application registration a Name e.g. OnLink Connection

  6. Select the default option for supported account types.

Step - 2: Setting Permissions

Now your application registration has been created, we need to configure the permissions for Graph API. To do that follow these steps:

  1. Click on API permissions on the left

  2. Click Add a permission

  3. Select Microsoft Graph

  4. Then choose application permissions (not delegated).

  5. In the Select permissions section, search for and select the permissions mentioned below:

    • User.ReadWrite.All

    • Group.ReadWrite.All

    • Organization.Read.All

    • Application.ReadWrite.All

    • Directory.ReadWrite.All 

    • DeviceManagementApps.ReadWrite.All (For Microsoft Intune)

    • DeviceManagementApps.ManagedDevices.All (For Microsoft Intune)

  6. Finalize the permission settings by clicking Add permissions and then Grant admin consent (if you selected permissions that require admin consent). Note that if you are not an admin, you won’t be able to complete the last step yourself, but need to ask your admin to click on the button for you.

Step - 3: Creating the Client Secret

The last thing we need to set up is the client secret.

  1. On the left, click on Certificates & secrets

  2. Click on New client secret

  3. Fill in the Description. It can be anything you like but I recommend you mention OnLink where the secret is going to be used.

  4. Set an Expiration date.

  5. Press Add and copy the Value. Copying the key value now is important because after you close the view, you won’t be able to see the key value again. If you lose the secret, you have to create a new one.

Information required to setup OnLink connection

  • Directory (tenant) ID. This can be seen on the Overview tab.

  • Application ID, referred to as Client ID on OnLink. This can be seen on the Overview tab.

  • And finally, you need the client secret. You should have already copied it earlier right after you created it in Step 3 above, but if you didn’t, create a new one.