Manually Deploying REST API Application
This section describes how to manually create an Azure registration for connecting to the Live Platform through REST API.
|
1.
|
Run the following PowerShell command on the Service Provider operator tenant with Global Admin permissions (note the first cmdlet is only required if you do not have the AAD module already installed in PowerShell): |
Copy
Install-Module Microsoft.Graph -Scope CurrentUser
Connect-MgGraph -TenantId <Your AAD Tenant ID> -Scopes "Application.ReadWrite.All"
$appId = "9d576dc4-b85d-4571-880e-4c6ed4c08c31"
New-MgServicePrincipal -AppId $appId
|
2.
|
Open the Azure Portal with "Global" admin permissions, and create a new application registration LiveCloud-APIToken-<CustomName>. |
|
3.
|
In the Navigation pane, select API permissions, and then click APIs my organization uses. |
|
4.
|
Enter the value 9d576dc4-b85d-4571-880e-4c6ed4c08c31. |
|
5.
|
Select Data.Read Reader check box, and then Add permissions. |
|
6.
|
Click the Grant admin consent for Contoso check box. |
|
7.
|
In the Navigation pane, select Certificate & secrets. |
|
8.
|
Click New Client Secret. |
Copy the value string to notepad.
|
9.
|
On the Live Platform server, open the SQL Database, SysadminTenant -> ApplicationSetting table, and then add the following parameters with the values shown below: |
|
●
|
AzureAdJwt.ClientId = 9d576dc4-b85d-4571-880e-4c6ed4c08c31 |
|
●
|
AzureAdJwt.Domain = audiocodessaas.onmicrosoft.com |
|
●
|
AzureAdJwt.TenantId = 36bc587e-514a-465c-ae90-2c7b99535f8f |
|
●
|
AzureAdJwt.ValidIssuers = ["https://sts.windows.net/ <ServiceProviderAzureTenantID>"] where <ServiceProviderAzureTenantID> is the Directory (tenant) ID shown in the figure above. |
|
10.
|
Restart the UMP IIS Service. |