In order for one to be able to display groups and units in Moreservice, some setup must be done on Microsoft's cloud service (portal.azure.com).
Log in to portal.azure.com with a user who has elevated privileges
In left menu tapp on App registration
Tapp New registration
Enter a name for the app
Under Supported account types choose Accounts in this organizational directory only (amesistechnet only - Single tenant)
Under Redirect URI (optional), choose Single-page application (SPA). In the textbox field, enter the url of your agent portal
Then tap Register at the bottom of the page
Open Authentication in the menu on the left
Under Implicit grant and hybrid flows activate
- Access tokens (used for implict flows)
- ID tokens (used for implict and hybrid flows)
Then press Save, at the top of the page
Open Add a certificate or secret in the menu on the left, then click New client secret
Give the secret a name and choose an expiration date. Then press Add at the bottom of the page
You will see the newly created value appear in the list
Copy the value located under Value and save it somewhere. It disappears when the page is refreshed
Open API permissions in the menu on the left, and press Add a permission
Then tap on Microsoft Graph
The following permissions for Microsoft Graph must be entered
- Delegated
- Device.Read.All
- DeviceManagementManagedDevices.Read.All (Dersom dere har intune lisens)
- Group.Read.All
- Application (Disse trenger admin rettigheter)
- Device.Read.All
- DeviceManagementManagedDevices.Read.All (Dersom dere har intune lisens)
- Directory.Read.All
- Group.Read.All
- GroupMember.Read.All
- User.Read.All