Integrating Auth0 With Azure Active Directory

Task 3: Configure API Permissions

To find more help on this task take a look at the official Microsoft documentation.

We need to configure access to the MS Graph API for retrieving basic user profile and directory info (some of which will find its way into Auth0 via the sync when the user logs in via Auth0). This will be done with delegated permissions which give access to the ‘User.Read’ and ‘Directory.Read.All’ permissions.

The key steps are:

1. Start on your App registration overview screen.

app registration overview screen

2. Click the “View API Permissions” button.

view api permissions

3. You should now see the API permissions screen.

api permissions screen

4. You should see that “Delegated” permission for User.Read is already configured by default. If not, follow the steps below replacing Directory.Read.All with User.Read.

5. Click “Add A Permission”.

add a permission

6. You should see the “Request API Permissions” dialog.

request api permissions

7. Select “Microsoft Graph”.

8. You should see the following:

mircosoft graph

9. Select “Delegated Permissions”.

10. This should reveal the “Select permissions” search field.

microsoft graph

11. In the search text field under the “Select Permissions” heading enter the text ‘Directory.Read.All’. This should result in the following results:

directory.read.all

12. Tick the checkbox next to the “Directory.Read.All” permission. This should result in the following:

select permissions

13. Click the “Add Permissions” button.

14. OPTIONAL: If we want to avoid users having to manually accept giving our application access to these permissions we could click the “Grant admin consent for YOUR_AZURE_AD_DOMAIN” button.

To find out how to create and configure Auth0 application, click below to go through to page 4.

Nick McKenna
Since 2004, Nick McKenna, BSc, MBCS Biography has been the CEO of McKenna Consultants. McKenna Consultants is a bespoke software development based in North Yorkshire, specialising in Cloud development, mobile App development, progressive web App development, systems integration and the Internet of Things development. Nick also holds a First Class Degree in Computer Science (BSc) and wrote his first computer program at the age of nine, on a BBC Micro Model B computer. For the last 21 years, Nick has been a professional computer programmer and software architecture. Nick’s technical expertise includes; Net Core, C#, Microsoft Azure, Asp.Net, RESTful web services, eProcurement, Swift, iOS mobile development, Java, Android mobile development, C++, Internet Of Things and more. In addition, Nick is experienced in Agile coaching, training and consultancy, applying modern Agile management techniques to marketing and running McKenna Consultants, as well as the development of software for clients. Nick is a Certified Enterprise Coach (Scrum Alliance), SAFe Program Consultant (SAI), Certified LeSS Practitioner (LeSS) and Certified Scrum@Scale Practitioner. Outside the office, Nick is a professional scuba diver and he holds the rank of Black Belt 5th Dan in Karate.