How to register NoSpamProxy as an app in Microsoft Azure

< zurück

To set up automatic user import via Azure Active Directory in NoSpamProxy, NoSpamProxy must be registered as an app in the Azure Portal.

Registering an app

  1. Open portal.azure.com.
  2. Go to Azure Active Directory > App registrations.
  3. Click New Registration.
  4. Enter a name for the app, for example NoSpamProxy.
  5. Select Accounts in any organizational directory (any Azure AD directory – Multitenant) as the account type.
  6. Select Web as type for the redirect URIs and enter the following URIs:
    https://www.nospamproxy.de/de/admin-consent-redirect/
    
    https://www.nospamproxy.de/en/admin-consent-redirect/

    The URIs are used as targets when returning authentication responses (tokens) after users have been successfully authenticated.

  7. Click Register.

The app registration is now complete. The following overview page displays details about your app registration.

Note: You need the Application ID (Client ID) and the Directory ID (Tenant ID) to connect to the Azure Active Directory in NoSpamProxy.

Adding API permissions

In order to use the automatic user import, you must authorize NoSpamProxy to call certain APIs.

  1. Open the overview page of your app.
  2. Go to API permissions.
  3. Click Add a permission.
  4. Click Microsoft Graph.
  5. Click Application permissions.
  6. Select Group.Read.All, User.Read.All and User.Read.
  7. Click Grant admin consent for “YourCompany”.

Uploading certificates

NoSpamProxy identifies itself to the authentication service when receiving tokens at a web addressable location (using an HTTPS scheme). You must upload the certificate required for the authetication here.

  1. Open the overview page of your app.
  2. Go to Certificates and secrets.
  3. Click Upload certificate.
  4. Select the certificate you want to use. You may use the self-signed certificate created by NoSpamProxy during the installation process or another certificate qualified for client authentication.
  5. Click Add. After uploading the certificate, the fingerprint, start date and expiry date are displayed.