Configuration of an Azure authorization server

Owned by Fabian Nola
Last updated: Dec 01, 2022 by Stefan Franz
2 min read

How to create an Azure application can be read at https://kgs-software.atlassian.net/wiki/spaces/WIKI/pages/2203680771.

For testing on the local computers, there is already a ready-made cmis-authentication.

Prerequisites

You must have access to an Azure portal with all the necessary permissions to register applications.

Adjustments for the CMIS authentication

The following screenshots show you the essential configurations needed to use the Azure application as an authentication server.

In this screenshots the different repository.cfg parameter values are marked with their name.

Authentication

The Redirect URIs are a kind of whitelist of URIs to which the authorization server is allowed to forward its authentication response. These depend on your use case.

For example: If you want to handle your resource server request through Postman, you can configure Postman to handle token processing (this is described under Testing via Postman (token) ). So Postman sends a request to the authentication server and must tell the server which URI to forward the response to. In this case, that would be “https://oauth.pstmn.io/v1/callback“. So this URI must match the redirect URIs on the authentication server.

Certificates & secrets

Token configuration (optional)

Expose an API

API permissions

cmis-authentication permissions can be found under “Add a permission“ → “My APIs“ → “cmis-authentication“ → “Delegated permissions“.

Microsoft Graph permissions can be found under “Add a permission“ → “Microsoft Graph“ → “Delegated permissions“.

Overview