In order to allow Fewzion to share Authentication with your users in your Azure AD, you must complete a few steps to grant Fewzion the permissions to access your user’s information for the purpose of Authorisation.
1. Go to https://manage.windowsazure.com and login with a global admin account
2. Navigate to your AD service and click on the applications tab
3. Click New at the bottom of the screen.
4. Select "Add an application my organization is developing"
5. Select Web Application and Call it Fewzion (or whatever unique name you like to make it easy to manage and find)
6. Enter the URL that you use to access your Fewzion Instance
7. The application is now added, and just needs some simple configuration in order to allow us to configure your Fewzion instance
8. Take note of the Client Id as you will need to provide this to us
9.Grant the above access to the Windows Azure Active Directory. This is necessary in order to read the users groups and contact details which are synced into Fewzion
10. Fewzion users Graph API to prepopulate the user details in Fewzion to allow HR and Managers to interact with Users before they have logged in. Click Add Application and select Microsoft Graph
11. And grant permissions as below
12.Click save, we are almost there :)
13. Click download Manifest and edit the line in the image below to say true
This allows the application to make use of Single Sign On with your Azure and Office 365 Login
14. Once you have saved the change to the Manifest, upload it to Azure
15. Collect required information
16. Create a new Key, grant it for 2 years and click save
Info!The Key will be display ONLY this once between the first save, and any other refresh of the page
18. For each AD Group that you wish to link to a role in Fewzion open it in Azure
19. Take note of the Object ID.