View Attach (2) Info

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
png
 app_reg_config_permissions.png 112.1 kB 1 06-Feb-2024 04:25 krivacsz
png
 microsoft_group_info.png 126.0 kB 1 25-Jul-2024 08:04 krivacsz

This page (revision-22) was last changed on 19-May-2025 09:27 by krivacsz

This page was created on 05-Dec-2023 05:32 by krivacsz

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 1 removed 2 lines
It requires Microsoft Graph Application registration. Start at the Microsoft Azure portal:\\
[https://azure.microsoft.com/en-us/features/azure-portal/]\\
At line 4 changed one line
__Application registration__: Go to the App registrations and click on New registration:\\
Start at the __Microsoft Azure Portal__: [Link|https://azure.microsoft.com/en-us/features/azure-portal/]\\
At line 6 changed one line
[attachments|SMTP Microsoft Graph XOAUTH 2 Integration/new_registration.png]\\
__Application registration:__ Navigate to App registrations in the Azure Portal. Click on __New registration__ to create a new application.\\
At line 8 changed one line
Name it. Select __Single-page Application__ as a platform. The redirect URL must end with__WebInterface/login.html__. Then click on register.\\
[SharePoint Integration/new_registration.png]\\
At line 10 changed one line
[CrushOAuth/app_reg_config.png]\\
The Redirect URL must end with __SSO_OIDC/__.\\
At line 12 changed one line
Make sure that MSAL.js 2.0 and Implicit grant (Access Token, ID Token) grant types are permitted.\\
{{{
http://localhost:9090/SSO_OIDC/
}}}\\
or
{{{
https://your.crushftp.domain.com/SSO_OIDC/
}}}\\
At line 14 changed one line
[CrushOAuth/app_reg_auth_config.png]\\
__Secret key__: A new client secret must be created. Go to __Certificates & secrets__, and generate a new client secret by clicking on __New client secret__. Ensure you copy over the __value__ immediately!\\
At line 16 changed one line
Configure the API permissions:\\
[SharePoint Integration/new_secret.png]\\
At line 26 added 11 lines
[SharePoint Integration/secret_value.png]\\
\\
\\
Configure the __API Permissions__:\\
\\
Ensure the application has the following __Delegated Permissions__ assigned:\\
\\
__a.) User.Read__: This permission allows an application to access basic profile information (Like: Name,Email address,User ID (object ID), User principal name (UPN), Tenant ID) of the signed-in user.\\
\\
__b.) GroupMember.Read.All__ (Optional): This permission allows the application to read the members of all groups in the directory. List the users, devices, service principals, and other groups that are members of: Microsoft 365 groups, Security groups, Distribution groups. It requires an admin to consent—ordinary users cannot approve it.\\
\\
At line 20 changed one line
Get Client ID and Tenant ID from App registration -> Overview.\\
Grant __Admin consent__ for the newly added permission.\\
At line 41 added 4 lines
[SharePoint Integration/app_permission_admin_consent.png]\\
\\
Get __Client ID__ and __Tenant ID__ from App registration -> Overview.\\
\\
At line 26 changed one line
You can add groups claim to the token.\\
You can add the groups claim to the authorization token. Including group claims in tokens allows applications to determine a user’s group memberships immediately upon login, without the need for additional API calls.\\
At line 30 changed 2 lines
Go to the __Preferences__-> __Ip/Servers__ and select the __HTTP or HTTPS__ port item(__OAuth Sign in__ Tab) where you want to enable the __Microsoft Sing-In__ button. Check the __"Enable Microsoft Sign in"__ flag and provide the __Client ID__ and __Tenant ID__ of your App registration(mentioned above).\\
[CrushOAuth/port_item_settings_ms.png]\\
Copy and securely store the __Client ID__ and __Client Secret__ as these will be required for the [CrushOIDC] plugin configuration.\\
__!!!Continue on:__ [CrushOIDC]\\
At line 33 removed 2 lines
__!!!Continue on:__ [CrushOAuth]\\
\\
Version Date Modified Size Author Changes ... Change note
22 19-May-2025 09:27 2.261 kB krivacsz to previous
21 12-May-2025 03:19 2.124 kB krivacsz to previous | to last
« This page (revision-22) was last changed on 19-May-2025 09:27 by krivacsz
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
CrushOAuth
CrushOIDC

JSPWiki