Configuration of an Azure authorization server
- Fabian Nola
- Stefan Franz
How to create an Azure application can be read at https://kgs-software.atlassian.net/wiki/spaces/WIKI/pages/2203680771.
For testing on the local computers, there is already a ready-made cmis-authentication.
Prerequisites
You must have access to an Azure portal with all the necessary permissions to register applications.
Adjustments for the CMIS authentication
The following screenshots show you the essential configurations needed to use the Azure application as an authentication server.
In this screenshots the different repository.cfg parameter values are marked with their name.
Authentication
The Redirect URIs are a kind of whitelist of URIs to which the authorization server is allowed to forward its authentication response. These depend on your use case.
For example: If you want to handle your resource server request through Postman, you can configure Postman to handle token processing (this is described under Testing via Postman (token) ). So Postman sends a request to the authentication server and must tell the server which URI to forward the response to. In this case, that would be “https://oauth.pstmn.io/v1/callback“. So this URI must match the redirect URIs on the authentication server.
Certificates & secrets
Token configuration (optional)
Expose an API
API permissions
cmis-authentication permissions can be found under “Add a permission“ → “My APIs“ → “cmis-authentication“ → “Delegated permissions“.
Microsoft Graph permissions can be found under “Add a permission“ → “Microsoft Graph“ → “Delegated permissions“.
Overview