Integration Guide: Microsoft Azure AD with TAC

Access to Microsoft Entra:

• Go to Microsoft Entra: https://entra.microsoft.com

Application Registration:

• Navigate to the Application > App registrations section.
• Add a new registration.
• As a Redirect URI, select "Web" and enter the following URL: https://company.touchandcontact.com/signin-azuread-oidc.
• Optionally, enable "ID tokens" and "Live SDK support" only if necessary depending on the client directory configuration. API Permissions:

In the API permissions section, add:

• Application permissions:
  • Directory.Read.All
  • Group.Read.All
  • GroupMember.Read.All
  • User.Read
  • User.Read.All
• Delegated permissions:
  • email
  • offline_access
  • openid
  • profile
• Select Grant admin consent for the default Directory to authorize the application. Certificates and Secrets:
• In the Certificates & secrets section, create a new secret. Configuration in the TAC portal:
• Log in to the TAC corporate portal.
• In the TAC portal Integrations section, enter the Tenant ID, Client ID, and Client Secret obtained during registration.
• The Group ID is optional.

These structured instructions should facilitate the step-by-step integration process.