In order for one to be able to display groups and units in Moreservice, some setup must be done on Microsoft's cloud service (portal.azure.com).
Log in to portal.azure.com with a user who has elevated privileges
In left menu tapp on App registration
Tapp New registration
Enter a name for the app
Under Supported account types choose Accounts in this organizational directory only (amesistechnet only - Single tenant)
Under Redirect URI (optional), choose Single-page application (SPA). In the textbox field, enter the url of your agent portal
Then tap Register at the bottom of the page
Open Authentication in the menu on the left
Under Implicit grant and hybrid flows activate
- Access tokens (used for implict flows)
- ID tokens (used for implict and hybrid flows)
Then press Save, at the top of the page
Open Add a certificate or secret in the menu on the left, then click New client secret
Give the secret a name and choose an expiration date. Then press Add at the bottom of the page
You will see the newly created value appear in the list
Copy the value located under Value and save it somewhere. It disappears when the page is refreshed
Open API permissions in the menu on the left, and press Add a permission
Then tap on Microsoft Graph
The following permissions for Microsoft Graph must be entered
- Delegated
- Device.Read.All
- DeviceManagementManagedDevices.Read.All (Dersom dere har intune lisens)
- Group.Read.All
- Application (Disse trenger admin rettigheter)
- Device.Read.All
- DeviceManagementManagedDevices.Read.All (Dersom dere har intune lisens)
- Directory.Read.All
- Group.Read.All
- GroupMember.Read.All
- User.Read.All
When you have added all the necessary permissions, press Add permissions at the bottom of the page
Permissions should then look like this
Click on Overview in the menu on the left. Then copy the values from ( Application (client) ID and Directory (tenant) ID ) and save them along with the Client secret created earlier
Then the setup on Microsoft's cloud service is done, and you can return to More Service agent web and create a connection to Azure in the Microsoft Azure - AD app.