How to integrate with Azure

  • 2 minute(s) read
Prev Next

This document provides information on how to integrate the Certificate Manager with Microsoft Azure.

The integration enables Certificate Manager to manage SAML certificates within Azure enterprise applications. It allows CLM to authenticate and interact with Azure resources using a configured service account.

To perform the integration, see the following:

Creating an Azure application

  1. Access the Azure platform and log in to your account.
  2. Locate the service Microsoft Entra ID.
  3. In the left menu, click Manage > App registrations.
  4. Click New registration.
  5. In the Name* field, enter a name for the application.
  6. Select which account types can use the app or access the API.
  7. (Optional): Select the redirect URI to receive the authentication response.
  8. Click Register.
  9. In the Essentials section, copy the values of the following fields:
    • Application (client) ID
    • Directory (tenant) ID

Creating a client secret

  1. Access the Azure platform and log in to your account.
  2. Locate the service Microsoft Entra ID.
  3. In the left menu, click Manage > App registrations.
  4. Go to the All applications tab and select an application.
  5. In the application's left menu, click Manager > Certificates & secrets.
  6. Click New client secret.
  7. In the Description field, enter a description for the client secret.
  8. In the Expires field, select when the client secret will expire.
  9. Click Add.
Alert

After creating the client secret, make sure to copy the Value field of the client secret. Otherwise, you will have to create another secret.

Selecting API permissions

  1. Access the Azure platform and log in to your Azure account.
  2. Locate the service Microsoft Entra ID.
  3. In the left menu, click Manage > App registrations.
  4. Go to the All applications tab and select an application.
  5. In the application's left menu, click Manager > API permissions.
  6. In the Configured permissions section, click Add a permission and select Microsoft Graph.
  7. Select the following application permission: Application.ReadWrite.All.
  8. Click Add permissions.
  9. After adding the permissions, click Grant admin consent for [Azure Active Directory name], and click Yes.

Integrate Azure with Certificate Manager

To integrate an Azure account with Certificate Manager, see the following steps:

  1. On Segura® Platform, in the navigation bar, hover over the Products menu and select Certificate Manager.
  2. In the side menu, select Management > Authorities and click Cloud certificate authorities.
  3. In the top right corner, click Actions > Azure account.
  4. In the Name * field, enter a name for the account.
  5. In the Tenant * field, enter the tenant ID obtained in Creating an Azure application.
  6. In the Status field, toggle to activate or deactivate the account.
  7. In the Set the access data, check it to set the account’s access data.
  8. In the Client ID field, enter the account’s application ID obtained in Creating an Azure application.
  9. In the Client secret field, enter the secret generated in Creating a client secret value.
  10. Click Save.

The newly added account will appear in the Cloud certificate authorities report.