Azure Active Directory

You can sync Azure Active Directory with Infraon to enable synchronization of user/requester accounts. Follow the below steps to configure Azure Active Directory.

Pre-requisites

• An active Azure account

The Process

Follow the below steps on your Azure portal.

Step 1: Register your app

1. Log in to your Azure account and click 'App Registrations.'

2. Select 'New registration.'

3. Add a display name for your application, select the account type, and click 'Register.'

4. The application is created, and the details are displayed per the reference screenshot. Copy the Application and Tenant ID.

Step 2: Enable API Permissions

1. Navigate to ' API Permissions' and click 'Add a permission.'

2. A slider appears. Click on the 'APIs my organization uses' tab.

3. Select 'Microsoft Graph' from the list of APIs displayed.

4. Scroll down and look for 'User' related APIs. Expand and select 'User. Read.All' to enable.

5. Once the permissions are added, details are displayed per the reference.

6. Click on 'Grand Admin Consent' and confirm your selection.

Step 3: Create a client secret

1. Navigate to 'Certificates and secrets' -> Client Secrets.

2. Add a new client secret. Provide a description and an expiration date. The client secret is valid only for the selected period. A new client must be created on the expiry of this. Click 'Add' once done.

3. The client secret is generated. Copy the value to the clipboard. Please note that this value will be hidden on page refresh.

Step 4: Register your app on Infraon.

1. Navigate to Infraon -> Market Place -> Azure Active Directory (Azure AD). Click 'Install'. Add the 'Talent ID, Client ID, and Secret Key. Click 'Verify.'

2. Per the reference screenshot, you will be redirected to the field mapping screen upon successful verification. In the tabs below on Infraon, select column names to the respective field names.

• Requester

• Work

• Address

3. Click 'Submit' when you are done. Infraon might take a few minutes to complete the synchronization. Once complete, all your Azure users are added as requesters on Infraon.

Requester Login via SSO

Azure AD–synced requesters can log in to the Infraon Self-Service Portal using Microsoft Single Sign-On (SSO). Authentication and access management for requesters occur when a ticket is created under any workflow configured with App Integration.

It includes scenarios such as:

• Successful login via SSO

• Invalid login attempts

• Session management

• Multi-device login

• Error handling

• Audit logging

How It Works

1. Navigate to Infraon Configuration → Infraon Automation → Workflow.

2. Select the required Ticket Workflow and click Edit.

3. In the Configure Workflow section, expand the left-side panel using the double arrow icon.

4. Under the Actions category, select App Integration.

5. Select the Azure AD app (installed from Infraon Marketplace Integration) from the dropdown.

6. Once selected, you will see three options to configure Azure AD account actions.

Azure AD Actions | Details

This ensures IT admins can automate user account management actions within ticket workflows, integrating Azure AD SSO policies directly into Infraon Infinity Automation.