Declaring the application in Microsoft Azure AD

If you do not wish to use the Stormshield Azure application to create your OneDrive for Business or Office 365 shared space, you need to declare your own SDS for C&M application.

Ensure that you have associated the Microsoft Azure subscription with the directory which authenticates logins for the Microsoft Office 365 subscription.

The procedure below describes the steps involved in declaring an application on the new Microsoft Azure AD portal.

  1. Log in to the Azure AD administration center with your Microsoft Office 365 account.
  2. Click on the Azure Active Directory menu. If this menu is not visible, click on All services to display it.
  3. Select the App registrations menu.
  4. Click on New application registrations.
  5. Enter a name (SDS for C&M for example) and select Native client application.
  6. Enter the URI to redirect to the new application; The URI must begin with http://localhost. Select an available port greater than 1024, such as http://localhost:36150/, for example.

HTTPS is not supported.

  1. Click on Create.
  2. Select the application and take note of the application ID that you will need when you add a shared space on the server. For more information, please refer to Declaring shared spaces.
  3. Click on Settings, then on Required permissions. Ensure that you have the following elements in the list of APIs:
    • Office 365 SharePoint Online,
    • Microsoft Graph.
  4. In Delegated permissions, select the following permissions: Administration privileges are not required for these permissions, unless otherwise specified.
    • For Office 365 SharePoint Online:
      • Read and write items and lists in all site collections
    • For Microsoft Graph:
      • Log in and read user profile,
      • Edit or delete items in all site collections,
      • Have full access to all files user can access,

      • Read all users’ full profile (administration privileges required).
      • Read all groups (administration privileges required),
      • Read directory data (administration privileges required),
      • Access directory as the signed in user (administration privileges required),
      • Read items in all site collections.
  5. In the permissions view of the SDS for C&M application, click on Grant permissions and confirm so that permissions requiring administration privileges can be applied to all users found in the Active Directory.
  6. Ensure that the SDS for C&M application is allowed to create anonymous sharing links.