Integrating HotH with Active Directory – User Setup

The integration with Azure AD allows you to load users from Azure AD into HotH and to send/read in emails within HotH from a M365 account. To get up and running, you need to add a new Application Registration in Azure. 


Add an Application Registration in Azure 

  • Navigate to the Azure Active Directory section of the Azure Portal. 
  • In the App Registrations section, click to add a New Registration. 
  • Give it a name – e.g. HotH User Integration. 
  • Under Supported Account Types, select Accounts in this organizational directory only. 
  • Under Redirect URI (optional) – Select Web in the first dropdown and enter your personalised sign-on URL in the entry box (this is the URL of your HotH system – ask HotH if you’re unsure what this is). 

 

  • Click Register to then be presented with an Overview page.
  • Make a note of the following for later use (or send to HotH if you want help completing
    the setup):
    o Application (client) ID.
    o Click on the Endpoints tab and copy the top two entries:
    OAuth 2.0 authorization endpoint (v2)
     OAuth 2.0 token endpoint (v2)

 

  • Click the Certificates & secrets link on the left hand side.
  • Click + New client secret in the Client secrets section.

  • Set Expires to Never, if available, or else 2 years, and click Add (you don’t need to give it a Description).
  • Copy the Value (not the Secret ID) of the newly generated Secret. **You won’t be able to see it again**.


HotH Configuration and Authentication

  • Using an InPrivate browsing session… 
  • Log in to your HotH hosted system as a Supervisor login. 
  • Click on the cog icon (top right) and select More Tools, OAuth Scripts 
  • Open the script called OAuth:AAD 
  • Fill in the following fields with the data noted during the App Registration:
  • Application (client) ID 
  • OAuth 2.0 Auth Endpoint (v2) 
  • OAuth 2.0 Token Endpoint (v2) 
  • Client Secret 
  • Enter the URL of your HotH hosted site in the Redirect URI field. 
  • Click on the AzureAD button, it should populate the following text in the Authorization Scope field for you: 

offline_access https://graph.microsoft.com/User.Read.All https://graph.microsoft.com/Group.Read.All https://graph.microsoft.com/Directory.Read.All

  • Click Save 
  • Click Auth 
  • You will now be redirected to a Microsoft Login page – log in using an Admin account.  
  • You will be prompted to give permissions to HotH. Tick the box to Consent on behalf of your organization and click Accept. 
  • At this point you may see a couple of users displayed in the bottom half of the screen as proof that Azure AD has been successfully queried. 
  • Setup should be complete. OK the script. 

Still haven’t found what you’re looking for? Contact documentation@houseonthehill.com

Previous – Microsoft Teams IntegrationNext – Active Directory Email Setup