May 9, 2020 · Integrating BizMerlinHR with 3rd Party Applications,
Getting information from Azure Active Directory
- Following steps are required to connect BizMerlinHR with Azure Active Directory :
- Create a resource in Azure Services
- Create Directory in Azure AD
- Register an application in the App registrations
- Generate Client Secret Key
- Link Azure AD in your BizMerlinHR account
1. Create a resource in Azure Services
2. Create directory
Here the Directory name is bizmerlin.onmicrosoft.com. You can use your own.
3. App Registration
On Register page, enter your application’s registration information:
- Name: Enter a meaningful application name.
- Choose ‘Who can use this application’
Specify Redirect URI: Select “Web” from dropdown menu, and provide the Redirect URI (“https://marketplace.bizmerlin.net/rm/azure/code”).
Click Register, Azure AD assigns a unique Application (client) ID and Directory (tenant) ID for the registered application (copy these values to a safe place), and you’re taken to your application’s main page.
4. Generate Client Secret Key
In Certificates & secrets menu, under Client secrets, click on +New Client Secret. In the next screen, add Description and duration/expiry for secret.
Copy secret value to a safe place, we’ll need it soon.
5. Link Azure AD in your BizMerlinHR account
Go to the top right “Setup” menu and scroll down then click on “Third Party Integrations”: Setup-> Third Party Integrations.
On the Third Party Integrations page, click on the button “New Integration” and select Integration Type “SSO” and choose “Azure AD”.
On the next screen, fill in following details:
- Consumer Key ( Application (client) ID from Azure AD Resource App )
- Consumer Secret ( Client Secret from Azure AD Resource App )
- App Id ( Directory (tenant) ID from Azure AD Resource App )
- On BizMerlinHR App Login Page
If the user account is removed from Azure AD, then he/she will not be able to access the BizMerlinHR app. If the user tries to log in to the BizMerlinHR app through the Azure AD account, then it will show the following error: