2 Configuring Microsoft Azure AD Synchronization in OCI IAM Identity Domain

This section provides the steps to configure Microsoft Azure AD as the authoritative identity store to manage identities in OPERA Cloud Identity Management. Microsoft Azure AD is configured using an application template from Microsoft Azure AD Gallery.

Below are the high-level steps involved in this configuration.

1. Configure OCI IAM so that Microsoft Azure AD is the identity store to manage identities in OCI IAM. In OCI IAM, create a confidential application.
2. Generate a secret token from the OCI IAM identity domain's client ID and client secret. Use this along with the domain URL in Azure AD.
3. Create an app in Microsoft Azure AD and use the secret token and identity domain URL to specify the OCI IAM identity domain and prove that it works by pushing users from Microsoft Azure AD to OCI IAM.
4. Assign the users and groups you want to provision to OCI IAM in the Microsoft Azure AD application.

• 1. Create a Confidential Application
  
• 2. Find the Domain URL and Generate a Secret Token
  
• 3. Create the OCI Application on Azure AD
  
• 4. Additional Configurations for Federated Users
  
• 5. Assign Users and Groups to the Microsoft Azure AD Application
  
• Note