¶ Configure Azure AD OAuth2 Authentication
The Azure AD authentication allows you to use an Azure Active Directory tenant as an identity provider for Zero Trust Agentless Access.
¶ Step 1: Create the Azure AD application
To enable the Azure AD OAuth2, register your application with Azure AD.
Log in to Azure Portal, then click Azure Active Directory in the side menu.
If you have access to more than one tenant, select your account in the upper right. Set your session to the Azure AD tenant you wish to use.
Under Manage in the side menu, click App Registrations > New Registration. Enter a descriptive name.
Under Redirect URI, select the app type Web.
See instructions in Step 2 below on where to get the redirect URL in Exium admin console
Add the redirect URL that will look like https://vouch.ta501.speerity.net/auth then click Register.
The app’s Overview page opens.
- Note the Application (client) ID. This is the OAuth client ID.
- Note the Directory (tenant) ID. This is the tenant ID.
- If you have not entered the redirect URL, click on “Redirect URIs”, and enter it.
Click Certificates & secrets, then add a new entry under Client secrets with the following configuration.
- Description: Speerity OAuth
- Expires: Never
Click Add then copy the key value. This is the OAuth client secret.
¶ Step 2: Azure AD application Configuration in Exium
Once the your application is registered on the Azure portal, follow the steps below.
- Navigate to the MSP admin console -> Client Workspace
- Click on Admin console in the left menu bar
- Click on “Users and Deices” → “Agentless” as shown in the screenshot below
- Note the redirect URL that you need in the creating the Azure AD application
- Provide the requested information such as your client ID, tenant ID, and client secret
- Navigate to any of the agentless domains you created
- Login with your Azure AD credentials
To learn more about implementing SASE, XDR, IAM/ MFA, and GRC for your organization and explore tailored solutions that meet your unique requirements, contact Exium at partners@exium.net for a consultation or demonstration. If you are ready to get started, check out our testing and onboarding process.