📄️ Register an application for the MS Online Microservice in EntraID
The MS Online microservice uses EntraID authentication to call the Azure API. For this to occur, you need an application (service principal) registered for EmpowerID in your Azure Active Directory. If you do not already have one, you need to do so. This topic takes you through the steps.
📄️ Create an App Service for the MS Online Microservice
EmpowerID uses the MS Online PowerShell Microservice to make API calls to your Azure tenant in response to your actions in EmpowerID. In order for the microservice to make these calls, an App Service for the application must first be created in Azure.
📄️ Configure MS Online App Service for EntraID Authentication
The MS Online PowerShell microservice interfaces with EmpowerID and Azure to execute EntraID operations in response to your actions in EmpowerID. For this to occur, the App Service hosting the microservice needs to be configured so that it can authenticate to EntraID and receive identity and access tokens with the necessary permissions to call the relevant Graph API endpoints on your behalf.
📄️ Publish the MS Online Microservice to Azure
After configuring MS Online App Service Authentication, you need to publish the microservice to Azure to allow the app to make API calls to Azure AD.
📄️ Configure Secrets for the MS Online Microservice
After you have published the MS Online microservice to Azure, you need to create a Key Vault in Azure (if needed), adding secrets to the Key Vault and configuring the App Service Application settings with those secrets.