One moment please...
 
Exact Synergy Enterprise   
 

How-to: Retrieving information for Windows Azure Active Directory and Auth0

Introduction

This document describes the steps to retrieve the information for Windows Azure Active Directory, and Auth0.

Note:

  • This document is only relevant to the controlled release participants. 
  • This is not available for Exact Cloud customers.

Scope

This document describes the following:

  • Retrieving the information for Windows Azure Active Directory.
  • Retrieving the information for Auth0

Retrieving the information for Windows Azure Active Directory

This section describes where and how you can retrieve the necessary information when using Windows Azure Active Directory. Firstly, go to https://manage.windowsazure.com.

Authority

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3.  Click App registrations.
  4.  Click Endpoints.
  5.  Check the value displayed at WS-FEDERATION SIGN-ON ENDPOINT.
  6.  The Authority value is the WS-FEDERATION SIGN-ON ENDPOINT value without the “wsfed” part, but including the trailing slash. For example, the WS-FEDERATION SIGN-ON ENDPOINT value is “https://login.microsoftonline.com/99a15be7-1abe-4bed-a8d0-e3521bcb4cfe/wsfed”, and the Authority value is “https://login.microsoftonline.com/99a15be7-1abe-4bed-a8d0-e3521bcb4cfe/”.

Keep in mind: The Authority value does not include “wsfed” but it requires the trailing slash.

Authorization Endpoint

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3.  Click App registrations.
  4.  Click Endpoints.
  5.  Copy the value at OAUTH 2.0 AUTHORIZATION ENDPOINT.

Token Endpoint

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3.  Click App registrations.
  4.  Click Endpoints.
  5.  Copy the value at OAUTH 2.0 TOKEN ENDPOINT.

Resource / APP URI ID / Allowed Audience / Audience URI / Realm

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3.  Click App registrations.
  4.  Click the application to open it.
  5.  Click Expose an API.
  6.  The value at Application ID URI is the Resource, APP URI ID, Allowed Audience, Audience URI, or the Realm value.

Client ID (Native)

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3.  Click App registrations.
  4.  Click the Native application to open it.
  5.  The value at Application (client) ID is the Client ID.

Client ID (Web)

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3.  Click App registrations.
  4.  Click the Web app / API application to open it.
  5.  The value at Application (client) ID is the Client ID..

Client secret

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3.  Click App registrations.
  4.  Click the Web app / API application to open it.
  5.  Click Certificates & secrets.
  6.  Click New client secret.
  7.  Type “ClientSecret” at Description.
  8.  Select Never at Expires.
  9. Click Add.
  10.  Copy the value at Value. The value will be your client secret.

Note:

  •  The value is available only after Add is clicked. Remember to copy the value. If you have lost the value, delete the existing key, and create the key again.
  •  Client secret is only needed when using the OAuth 2.0 protocol. When using SAML, this is not needed.

Thumbprint

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3.  Click App registrations.
  4.  Click Endpoints.
  5.  Copy the value at FEDERATION METADATA DOCUMENT and open it in a new browser window.
  6. Locate the first <X509Data><X509Certificate> element, and copy the value.
  7. Paste it in Notepad or Notepad++. Ensure that you do not paste extra characters, such as spaces.    
  8. Save the file with the *.cer extension, for example, “key1.cer”.
  9. Double click the file with the .cer extension saved in step 8.
  10. Open the Details tab.    
  11. Scroll down and select the Thumbprint row.
  12. Copy the value and remove all spaces.
  13.  Convert the value to uppercase. This can be done in Microsoft Word via the Change case function in the Home tab.
  14.  You do not have to install the certificate and can close the certificate screen and delete the file with the .cer extension.

Keep in mind: If you highlight and copy the value, you may be copying some hidden characters. Remove the hidden characters by deleting the value from the beginning, and retyping the value.

Metadata

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3.  Click App registrations.
  4.  Click Endpoints.
  5.  The value at FEDERATION METADATA DOCUMENT is the Metadata value.

WS Fed Issuer

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3.  Click App registrations.
  4.  Click Endpoints
  5.  Check the value displayed at WS-FEDERATION SIGN-ON ENDPOINT.
  6.  The WS-Fed issuer value is the WS-FEDERATION SIGN-ON ENDPOINT value. For example, “https://login.microsoftonline.com/99a15be7-1abe-4bed-a8d0-e3521bcb4cfe/wsfed”.

SAML Issuer Name

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3.  Click App registrations.
  4.  Click Endpoints
  5.  Check the value displayed at WS-FEDERATION SIGN-ON ENDPOINT.
  6.  The SAML Issuer Name value is the WS-FEDERATION SIGN-ON ENDPOINT value without the “wsfed” part, but including the trailing slash and a different first part of the URL. For example, the WS-FEDERATION SIGN-ON ENDPOINT value is “https://login.microsoftonline.com/99a15be7-1abe-4bed-a8d0-e3521bcb4cfe/wsfed”, and the SAML Issuer Name value is “https://sts.windows.net/99a15be7-1abe-4bed-a8d0-e3521bcb4cfe/”.

Keep in mind: The SAML Issuer Name value does not include “wsfed” but it requires the trailing slash and a different first part of the URL.

Reply

  1.  Go to Azure Active Directory.
  2.  Click the active directory.
  3. Click App registrations.
  4.  Click the application to open it.
  5.  Click Authentication.
  6.  This is your Reply value.

Note: The value should be in the lowercase and should include the trailing slash, for example “http://domain/synergy/”.

Retrieving the information for Auth0

This section describes where and how you can retrieve all the necessary values when using Auth0. Firstly, go to https://manage.auth0.com/.

Authority

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Settings tab.
  3. Refer to the Domain field, which is the Authority value.

Authorization Endpoint

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Settings tab.
  3. Click Show Advanced Settings.
  4. Click the Endpoints tab.
  5. Copy the value at OAuth Authorization URL.

Client ID

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Settings tab.
  3. Refer to the Client ID field.

Client Secret

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Settings tab.
  3. Copy the value at Client Secret.

Auth0 connection

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Connections tab.
  3. Refer to the connection that is being used. The name of the connection is the value of Auth0 Connection.

SAML Issuer Name

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Addons tab.
  3. Click WS-FED WEB APP.
  4. On the Addon: WS-Fed (WIF) Web App page, click the Usage tab.
  5. The value displayed at Issuer is the SAML issuer Name value.

Thumbprint

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Addons tab.
  3. Click WS-FED WEB APP.
  4. On the Addon: WS-Fed (WIF) Web App page, click the Usage tab.
  5. The value displayed at Signing Certificate Thumbprint is your thumbprint value.

WS Fed Issuer

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Addons tab.
  3. Click WS-FED WEB APP.
  4. On the Addon: WS-Fed (WIF) Web App page, click the Usage tab.
  5. The value at the Issuer attribute for the <wsFederation> tag under the Windows Identity Foundation Configuration (.NET 4.5) section is your WS-Fed issuer value.

JWT Issuer Name

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Settings tab.
  3. Refer to the Domain field, which is the Authority value. The JWT Issuer Name is “https://” followed by the Authority value and a trailing slash, for example https://synergy-rt.auth0.com/.

Allowed Audience

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Settings tab.
  3. Refer to the Client ID field, which is the Allowed Audience value.

Realm

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Addons tab.
  3. Click WS-FED WEB APP.
  4. On the Addon: WS-Fed (WIF) Web App page, click the Settings tab.
  5. The value displayed at Realm is the Realm value.

Audience URI

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Addons tab.
  3. Click WS-FED WEB APP.
  4. On the Addon: WS-Fed (WIF) Web App page, click the Settings tab.
  5. The value displayed at Realm is the Audience URI value.

Metadata

  • Go to Clients and click the hyperlink to open the client.
  • Click the Addons tab.
  • Click WS-FED WEB APP.
  • On the Addon: WS-Fed (WIF) Web App page, click the Usage tab.
  • The value displayed at Identity Provider Federation Metadata URL is the Metadata value.

Reply

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Settings tab.
  3. Refer to the Allowed Callback URLs field, which is your Reply value.

Note: The value should be in the lowercase and should include the trailing slash, for example “http://domain/synergy/”.

Token Endpoint

  1. Go to Clients and click the hyperlink to open the client.
  2. Click the Settings tab.
  3. Click Show Advanced Settings.
  4. Click the Endpoints tab.
  5. Copy the value at OAuth Token URL.

Related document

     
 Main Category: Attachments & notes  Document Type: Online help main
 Category:  Security  level: All - 0
 Sub category:  Document ID: 27.788.106
 Assortment:  Date: 20-03-2020
 Release:  Attachment:
 Disclaimer

Attachments
OH-PU262-Retrieving information for Windows Azure Active Directory and Auth0-7.docx 31.6 KB View Download