Create An Azure AD App & Service Account

Application Registration in Active Directory:

  1. On Azure Portal -> Azure Active directory -> App Registration:

Create a "New Registration" which will be use as a Service Account for Akeyless Application.

  1. Once the resource is created, navigate to Overview and note the Application (client) ID and Directory (tenant) ID.

Configure permission for Microsoft Graph:

  1. On the left pane, select API Permission , select Microsoft Graph:
  1. On the Request API Permissions select Application permission :
  1. Scroll down to User and check the User.ReadWrite.All:

The following permissions required:

Action:

Permissions:

Create/Delete user

User.ReadWrite.All, Directory.ReadWrite.All

Add user to group

GroupMember.ReadWrite.All, Group.ReadWrite.All and Directory.ReadWrite.All

Add user role

RoleManagement.ReadWrite.Directory

Create\Delete Application secret

Application.ReadWrite.OwnedBy, Application.ReadWrite.All

  1. After Updating the permissions, an admin must grant consent:

Certificate & Secrets:

  1. Navigate to Certificate & Secrets on the left pane, create a New Client Secret.
  1. Save the client secret, as it will not be retrievable once you move to other page/resource:

Did this page help you?