The integration with Azure AD allows you to load users from Azure AD into HotH. To get up and running, you need to add a new Application Registration in Azure.
Add an Application Registration in Azure
- Navigate to the Azure Active Directory section of the Azure Portal.
- In the App Registrations section, click to add a New Registration.
- Give it a name – e.g. HotH User Integration.
- Under Supported Account Types, select Accounts in this organizational directory only.
- Under Redirect URI (optional) – Select Web in the first dropdown and enter your personalised sign-on URL in the entry box (this is the URL of your HotH system – ask HotH if you’re unsure what this is).
- Click Register to then be presented with an Overview page.
- Make a note of the following for later use (or send to HotH if you want help completing
o Application (client) ID.
o Click on the Endpoints tab and copy the top two entries:
OAuth 2.0 authorization endpoint (v2)
OAuth 2.0 token endpoint (v2)
- Click the Certificates & secrets link on the left hand side.
- Click + New client secret in the Client secrets section.
- Set Expires to Never, if available, or else 2 years, and click Add (you don’t need to give it a Description).
- Copy the Value (not the Secret ID) of the newly generated Secret. **You won’t be able to see it again**.
HotH Configuration and Authentication
- Using an InPrivate browsing session…
- Log in to your HotH hosted system as a Supervisor login.
- Click on the cog icon (top right) and select More Tools, OAuth Scripts
- Open the script called OAuth:AAD
- Fill in the following fields with the data noted during the App Registration:
- Application (client) ID
- OAuth 2.0 Auth Endpoint (v2)
- OAuth 2.0 Token Endpoint (v2)
- Client Secret
- Enter the URL of your HotH hosted site in the Redirect URI field.
- Click on the AzureAD button, it should populate the following text in the Authorization Scope field for you:
offline_access https://graph.microsoft.com/User.Read.All https://graph.microsoft.com/Group.Read.All https://graph.microsoft.com/Directory.Read.All
- Click Save
- Click Auth
- You will now be redirected to a Microsoft Login page – log in using an Admin account.
- You will be prompted to give permissions to HotH. Tick the box to Consent on behalf of your organization and click Accept.
- At this point you may see a couple of users displayed in the bottom half of the screen as proof that Azure AD has been successfully queried.
- Setup should be complete. OK the script.
Still haven’t found what you’re looking for? Contact firstname.lastname@example.org