Prepare the Azure AD configuration

This page describes how you, as an organization administrator, prepare Azure AD configuration. For a better overview, the procedure is divided into three sub-procedures. They are based on the user interface of Windows Server 2019 and must all be completed in order.

Add an app registration

  1. Select App registrations in the side panel.

  2. Select + New Registration.

  3. Choose a name for the registration.

  4. In Support account types, select Accounts in this organizational directory only (<yourdirectory>only - Single tenant).

  5. Leave the Redirect URI (optional) field empty for the moment.

    6. Create the application registration and take a note of the following values for later

    • Application (client) ID: You will need it as Client ID in the Secure File Sharing configuration.

    • Directory (tenant) ID: You will need it for the Server URL of the Secure File Sharing configuration.

Create a client secret

  1. Select the app registration that you have created.

  2. Choose Certificates & secrets in the side panel.

  3. Select + New client secret.

  4. Choose the subscription and expiry as you like.

  5. Take a note of the generated secret value. You will need it as the Client Secret in the Secure File Sharing configuration.

Add optional claims

  1. Select the app registration that you have created before.

  2. Select Token Configuration in the side panel.

  3. Select + Add optional claim.

  4. Select ID as token type.

  5. Select the claims email, given_name and family_name.

  6. Select Add.

    Note

    Azure automatically requests permissions to expose these claims to clients.

  7. To confirm the permissions, select API permissions in the side panel and select + Grant admin consent for <yourdirectory>.