Create Application for Data Sync
  • 14 Nov 2023
  • 1 Minute to read
  • Dark

Create Application for Data Sync

  • Dark

Article Summary

  1. Sign in to the Azure portal, browse to Microsoft Entra ID > App registrations, and then click New registration to create a new application registration.
  2. In the Register an application window, in the Name field, specify the name of the application.
  3. Under the Supported Account Types field, select Accounts in this organizational directory only (Default Directory only - Single tenant).
  4. Under Redirect URI (optional), select web, and then type your Lanteria HR site URL.
  5. Click Register.
  6. Once registered, you can see Application (client) ID and Directory (tenant) ID. Save these IDs somewhere; they will be required when filling in the Azure AD Connection Settings field while configuring Office 365 Integration Settings in Lanteria HR.
  7. Go to Expose an API, and then click Add a scope.
  8. In the Scope Name field, type https://youridentityserverurl/user_impersonation where https://youridentityserverurl is IdentityServer external DNS.
  9. Set the Who can consent field to Admins and users.
  10. In the Admin consent description field, type a description of the scope that is displayed when tenant admins expand a scope of the consent screen.
  11. Click Save.
  12. Click Authentication, and then select the ID tokens check box under Implicit grant and hybrid flows.
  13. Click API Permissions, and ensure that the following permissions are granted:     
    Microsoft Graph (5)
    Directory.AccessAsUser.AllDelegatedAccess directory as the signed in userYesGranted / Not Granted for [Your directory]
    Directory.Read.AllApplicationRead directory dataYesGranted / Not Granted for [Your directory]
    Group.Read.AllDelegatedRead all groupsYesGranted / Not Granted for [Your directory]
    User.ReadApplicationSign in and read user profile
    NoGranted / Not Granted for [Your directory]
    User.Read.AllApplicationRead all users' fill profilesYesGranted / Not Granted for [Your directory]
  14. Under Grant Consent, click Grant admin consent for [Lanteria].
  15. Click Yes to the confirmation message that appears.
  16. Under Manage, click Certificates and Secrets, and then add a new client secret that will be used when filling in the Azure AD Connection Settings field while configuring Office 365 Integration Settings in Lanteria HR.
  17. In the Description field, type the secret description.
  18. Set Expires to 730 days (24 months).
  19. Click Add.
  20.  Once a new client secret is created, copy it's value and save it somewhere, it will be used when configuring Lanteria HR.
    The Never Expire portal option for the Client Secret Expiry was removed in April 2021.
    Please set up a reminder to create a new client secret and update Lanteria HR settings before it expires.

Was this article helpful?