This document is under construction. Please excuse our dust.
Step 1:
Log in to Azure.
In the left navigation menu, under Manage, select Appregistrations. This displays existing applications and also allows you to create a new application.
In the command bar, select +NewRegistration.
App registrations page. Select New registration in the command bar.
Step 2:
On the Register an application page, make the following settings:
Name: This is the public-facing name of the application and has no bearing on the application’s use within Epiphany. If you have a naming convention used by your organization, follow it, otherwise it is recommended that you use a name with which you can discern that the application is used by Epiphany. For example, epiphany-azuread.
Supported account types: This dictates the boundaries of access to the application being created. The first option, Accounts in this organizational directory only, is recommended as it limits the scope of access.
Redirect URI (optional). This isn't used. The default setting is fine so don't make any changes.
Select the Register button.
Register an application page.
Step 3:
A new page will show the name of the application you just registered (epiphany-azuread in this example). It shows the Application (client) ID and Directory (tenant) ID. Write these down because you'll need them when you add Azure AD credentials to Epiphany.
In Epiphany, these are called the Application ID and TenantID.
In the upper-right corner, under Client credentials, select Add a certificate or secret to create a secret.
The application you just registered.
The Certificates & secrets page displays. Under Client Secrets, select New client secret.
On the Certificates & secrets page, under Client secrets, select New client secret.
The Add a client secret pane displays on the right. On the Add a client secret pane, make the following settings:
Description: Use a description that can be easily identified as a secret for Epiphany, unless your organization has a naming standard that requires that you use some sort of obfuscation or other method for descriptions.
Expires: The default expiration date is six months from the time of creation. However, you are encouraged to select an expiration period in alignment with your organization’s standards.
It may be worthwhile to include the date in the Description to more easily identify the expiration date.
The Add a client secret pane is on the right.
A display shows the generated secret. You must copy the Value before navigating to another page.
If you don't copy the Value when it's first visible and before navigating to another page, you won't be able to see it again. You will need to repeat the steps above to create a new secret.
On the Client Secrets page, copy the Value.
A common mistake is to accidentally copy the Secret ID and not the Value.
The value no longer displays once you navigate away from where you set it up.
