Skip to main content

Microsof Entra (Azure AD / Office 365) integration

  1. Go to https://thestorage.app/ and click on LOGIN/SIGN-IN button in the right corner top of the page.

  2. Click on LOGIN WITH AZURE AD on the right side panel.

  3. Sign in with your Microsoft account.

  4. Setup page appears. Enter the name of your company.Tenant name must be globaly unique and it does not contains any special characters or whitespace. Click on Create tenant button.

    name

  5. In the next step, you will need to select your identity provider. In this documentation section, we show you the Azure Active Directory option.

    info

    To assign a device to an employee, it is essential to establish a connection between your company directory and TheStorage App. The supported directories for this connection are Azure Active Directory or Google Workspace (Google) Directory. Without this connection, the application administrator will not be able to assign items to users.

    identity provider

  6. You have to fill in the Azure AD Connect Page. To do this, follow the steps ahead.

    azure ad connect

  7. Open in a new tab the https://portal.azure.com/ page.

  8. Choose Microsoft Entra ID from the Azure Services.

    azure page

  9. From the sidebar select the App Registrations menu item.

    app registrations

  10. Click on the New Registration button on the top of the page.

    new registrations

  11. Enter the name what should be TheStorage. Click on the Register button.

    reg name

  1. In the next page, you will see the Application (client) ID. You will need this for the connection. Copy it from here and paste it on TheStorage Setup page (on the other tab) into the Client ID textbox.

    Microsoft Azure pageTheStorage Setup page
    appl idclient id

  1. From the sidebar select the Certification and secrets menu item on the Microsoft Azure page.

    certificates and secrets

  1. Click on the New client secret button.

    new client secret

  2. The Description should be TheStorage and the Expires should be 24 months. (You can select less, but it would need to update the key frequently). Then click to Add button on the bottom of the window.

    add a client secret

  1. Copy the secret value from here and paste it on TheStorage Setup page (on the other tab) into the Secret Key textbox. Note: after you leave this page, the secrets never show it again.

    Microsoft Azure pageTheStorage Setup page
    secret valuesecret key

  1. To read the whole directory the application needs permission. On the Microsoft Azure page, on the sidebar click on the API Permissions menu item.

    API permissions

  2. Click on the Add a Permission button.

    add a permission

  1. Form the Microsoft API’s click the Microsoft Graph top of the window.

    microsoft graph

  2. In the next step select the Application Permissions.

    application permissions

  3. Then scroll down in the list and choose the Directory from the list. Click into the Directory.Read.All tick box. Only this item! (This item allows the app to read data in your organization's directory, such as users, groups and apps.) Then click on the Add permissions button on the bottom of the window.

    directory

  1. Click on the Grant admin consent for button and select yes on the Grant admin consent confirmation pop-up window.

    grant admin consent for

  2. Go back to TheStorage page on the other tab and provide the remain datas. Enter your domain into Azure Tenant URL textbox. If you have special filter in your organization unite, you can optionally provide.

    finish azure ad connect

  1. Go to Test Connection Settings button, then Connect button.

  2. You can choose a pre-defined template for your application.

    template