Azure Application Registration

The application registration retrieves Azure AD user and group information and delivers this information to the Workspace Control Composer.

Ivanti provides an application registration to access Azure AD information. If you do not want to set up your own, you can use the Ivanti application registration. If so, skip this section and go to Integrate Azure Active Directory into Workspace Control.

In this configuration example, acmeapp is used as the name of the registered application.

This name is used for example purposes. In your configuration, use a name that is appropriate to your business requirements.

To create the application registration, follow these steps:

  1. Log into the Azure portal at https://portal.azure.com/.

  2. Open the Azure portal menu from the top-left corner and select Azure Active Directory from the menu.


    (click the image to enlarge it)

  3. From the left-side navigation menu, go to Manage > App registrations, and then, from the right-side pane, click on New registration.


    (click the image to enlarge it)

  4. Fill in the required fields in the Register an application window:

    • Name: Enter a name for the application

    • Supported account types: Accounts in this organization directory only (Single tenant)


    (click the image to enlarge it)

    Click Register.

  5. From the left-side navigation menu, go to Manage > Authentication, and then, from the right-side pane, under Platform configurations, click on Add a platform.


    (click the image to enlarge it)

  6. In the Configure platforms window, select Mobile and desktop applications.


    (click the image to enlarge it)

  7. In the Configure Desktop + devices window, check the box next to the following option and then click Configure.

    https://login.microsoftonline.com/common/oauth2/nativeclient


    (click the image to enlarge it)

The application registration is complete.

From the left-side navigation menu, go to Manage > API permissions. In the right-side pane, the Microsoft Graph API has been granted the following permissions:

  • To allow Azure AD users to sign-in to the app.

  • To read profile information of signed in users.


(click the image to enlarge it)