This article describes how to log in to the WEBCON BPS Cloud Platform (https://www.webconapps.com) by using Azure Active Directory and how to synchronize user accounts and their profiles.
Defining the application profile in Azure Active Directory admin center
1. Log in to Azure Active Directory admin center and register a new application.
2. Click the “New registration” button, fill in the application name and then, in the “Redirect URI” field, enter the address of the your webconapps Portal address and add the suffix /signin-aad at the end of the address.
In this example, the redirect URI will look something like this: https://demonstration.webconapps.com/signin-aad.
3. In "Authentication" tab click "ID tokens".
4. Go to the “Certificates & secrets” tab and click the “+New client secret” button. Copy the generated password to someplace safe as we will need it later.
5. Next, go to the “Overview” tab and copy the necessary information: Application (client) ID and Directory (tenant) ID.
6. To enable synchronization of the users profiles and groups, add the following permissions for the defined application in the “API permissions” tab.
The correctly configured permissions look like this:
Configuration of the synchronization process in WEBCON Designer Studio
1. Run WEBCON BPS Designer Studio, go to the “System settings” option, select the “Authentication providers” tab and then select the “Azure Active Directory (AAD)” option.
2. Now enter the data that we previously copied: “Application (client) ID” into the “Application ID” field and “Directory (tentant) ID” into the “Tentant ID” field. In the “Mode” field select the operation mode of your AAD environment.
After saving, restart the service.
3. After logging in to the subscription panel (at https://www.webconapps.com), in the “Subscriptions” tab click the “Restart services” button.
Configuration of the synchronization process in the WEBCON BPS administration panel
1. In the WEBCON BPS Portal administration panel, in the “Azure AD Synchronization” tab, paste the previously copied fields (including the Client secret). Confirm the changes by clicking “Save”.
The administration panel is found by adding the /adminPanel suffix to your Portal address, so in our example it would look something like: https://demonstration.webconapps.com/adminPanel.
2. To test the configuration, users must be synchronized with AAD. In the administration panel in the “Azure AD synchronization”, click “Start synchronization” -> “Full synchronization”.
Check the result of the synchronization in the “All users” tab. If user data from ADD appears, then the process was correctly completed.
In order for these users to be able to use the WEBCON BPS system, we must first do two things:
- Assign licenses directly from this Admin Panel to the individual user accounts (User CAL)
- Assign user privileges to WEBCON BPS applications, processes, and interface elements by using Designer Studio.