View Attach (2) Info

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
png
 app_reg_config_permissions.png 112.1 kB 1 06-Feb-2024 04:25 krivacsz
png
 microsoft_group_info.png 126.0 kB 1 25-Jul-2024 08:04 krivacsz

This page (revision-22) was last changed on 19-May-2025 09:27 by krivacsz

This page was created on 05-Dec-2023 05:32 by krivacsz

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 1 removed one line
Start at the __Microsoft Azure Portal__: [Overview of Microsoft Graph permissions Link|https://azure.microsoft.com/en-us/features/azure-portal/]\\
At line 2 added 2 lines
Start at the __Microsoft Azure Portal__: [Link|https://azure.microsoft.com/en-us/features/azure-portal/]\\
\\
At line 7 changed one line
The Redirect URL must end with __"register_microsoft_graph_api/"__.\\
The Redirect URL must end with __SSO_OIDC/__.\\
At line 11 changed one line
http://localhost:9090/register_microsoft_graph_api/
http://localhost:9090/SSO_OIDC/
At line 17 changed one line
https://your.crushftp.domain.com/register_microsoft_graph_api/
https://your.crushftp.domain.com/SSO_OIDC/
At line 28 changed one line
Configure the API permissions:\\
Configure the __API Permissions__:\\
At line 31 added 6 lines
Ensure the application has the following __Delegated Permissions__ assigned:\\
\\
__a.) User.Read__: This permission allows an application to access basic profile information (Like: Name,Email address,User ID (object ID), User principal name (UPN), Tenant ID) of the signed-in user.\\
\\
__b.) GroupMember.Read.All__ (Optional): This permission allows the application to read the members of all groups in the directory. List the users, devices, service principals, and other groups that are members of: Microsoft 365 groups, Security groups, Distribution groups. It requires an admin to consent—ordinary users cannot approve it.\\
\\
At line 32 changed one line
Get Client ID and Tenant ID from App registration -> Overview.\\
Grant __Admin consent__ for the newly added permission.\\
At line 41 added 4 lines
[SharePoint Integration/app_permission_admin_consent.png]\\
\\
Get __Client ID__ and __Tenant ID__ from App registration -> Overview.\\
\\
At line 38 changed one line
You can add groups claim to the token.\\
You can add the groups claim to the authorization token. Including group claims in tokens allows applications to determine a user’s group memberships immediately upon login, without the need for additional API calls.\\
At line 41 changed one line
\\
Copy and securely store the __Client ID__ and __Client Secret__ as these will be required for the [CrushOIDC] plugin configuration.\\
Version Date Modified Size Author Changes ... Change note
22 19-May-2025 09:27 2.261 kB krivacsz to previous
21 12-May-2025 03:19 2.124 kB krivacsz to previous | to last
« This page (revision-22) was last changed on 19-May-2025 09:27 by krivacsz
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
CrushOAuth
CrushOIDC

JSPWiki