Integrating with Azure Entra ID (AD)

1- Log in to your AD platform with administrative privileges.

2- Navigate to Microsoft Azure AD and select "App registrations" in the menu.

3- Click on "New Registration."

4- Enter "Amove" as the display name and proceed to register the application.

5- Copy the Application ID, as it will be used to connect the Amove Client to Azure AD.

6- Click on Add a certificate or secret option

Then click on New client secret

Enter description and generate secret key

Copy the Secret Value to a secure location. Please be aware that you won't be able to retrieve this value later, so store it in a safe place.

7- Add following URIs in Redirect URI section

https://app2.amove.io/ssocallback

https://app2.amove.io/usercallback

http://localhost:29123

Click on Add a Redirect URI

Click on Add a platform and select Web

Add one of the URIs and configure, then add remaining URIs and save

8 - Click on Endpoint and copy OpenID Connect metadata document endpoint

9- To add API permissions, follow these steps:

• Click on "API permissions" in the navigation bar.

• Select "Add a permission."

• Choose "Microsoft Graph."

• Add the required permissions from the list below:

Select Application permissions option and add following permissions:

• User.Read.All

• Group.Read.All

• GroupMember.Read.All

Then add following permissions with Delegated permission:

• Openid

• User.Read

• User.ReadBasic.All

After adding all the required permissions, the permission section should resemble the provided configuration. Once done, proceed to click on "Grant admin consent."

After granting admin consent, the permissions section should reflect the changes as specified.

10- Open the Amove.

11- Choose "Account" from drop down menu on top right side.

12- Click on Configure button in Azure AD Box.

13- Enter the Application (client) ID, Client Secret, and OpenID URL to establish a connection with your Azure AD.