Search

Entra ID App Configuration

Anders Adolfsson - Versasec
Anders Adolfsson - Versasec
  • Updated

Introduction

We will walk through the steps of setting up an Entra ID application to integrate with vSEC:CMS. This integration allows you to leverage Entra ID for user management during credential issuance and to enable FIDO2 passkey creation and management. This is intended as a practical example, and assumes familiarity with Entra ID administration.

Register New App

From Entra ID Menu select App Registrations (1)  - New Registration (2) 

Untitled.png

Enter a name for the App and select same as in below example for the account type.

Untitled.png

The Overview of the application gives information about the ClientID (1) and TenantID (2).
From this page you can also create a new Client Secret by clicking on Add a certificate or secret (3).

Untitled.png

Create the client secret and make sure to save a copy of the secret into a password vault to be used later when configuring the connection from vSEC:CMS to this App.

Untitled.png

Untitled.png

Setting API Permissions for the App

Depending on how you will use Entra ID different API permissions need to be configured. We will describe each of these below. 

User Directory

If you are using Entra ID for provisioning users when managing credentials in vSEC:CMS then these permissions need to be set.

Select your application from Entra ID Menu App Registrations - All Applications 

Untitled.png

Passkey-FIDO2

Before configuring the API permissions below, ensure that FIDO2 security keys are enabled as an authentication method within your Entra ID tenant. This is a prerequisite for vSEC:CMS to successfully manage and provision passkeys.

If you are using Entra ID for provisioning users with passkey/FIDO2 credentials when managing credentials in vSEC:CMS then these permissions need to be set.

Select your application from Entra ID Menu App Registrations - All Applications 

Untitled.png

OAuth / OIDC

If you are using OAuth / OIDC as a secondary authentication method and leveraging on this from Entra ID when managing credentials in vSEC:CMS then these permissions need to be set.

Select your application from Entra ID Menu App Registrations - All Applications 

Untitled.png

EntraID Groups

If you are using Entra ID groups membership to leverage permission checks when managing credentials in vSEC:CMS then these permissions need to be set.

Select your application from Entra ID Menu App Registrations - All Applications 

Untitled.png