In this article, we will explain the steps you need to follow to get the Azure Subscription details such as Client Identifier, Tenant Identifier, Application Secret Key, and the Publish Settings file from Azure. Let's assume you are trying to connect BizTalk360 with Azure Active Directory. We will explain the detailed process of adding BizTalk360 to the Active directory and retrieving the subscription details.
Quick Links -
- Adding BizTalk360 to Active Directory and retrieving the subscription details
- Retrieving the Publish Settings File
- Adding the Azure Subscription details to BizTalk360
Adding BizTalk360 to Active Directory & retrieving the subscription details
- Log in to the Azure Classic Portal
- Click Active Directory from the left navigation menu. Select the Active Directory from the list
- Click Applications from the menu. Click Add to add BizTalk360 as an application into your Azure Active Directory.
- Select "Add an application my organization is developing"
- Enter a Name for the application that you want to add to the Azure Active Directory. Ex: BizTalk360. Choose the Type as Web Application And/Or Web API.
- Enter the Sign-On URL (the URL where the users can sign-in and use the application) and App ID URI (an unique URI that Azure AD can use for this application). This URL can later be changed.
- Click the Complete button (tick mark) to add the new application
- Once the application is created, click Configure
- Scroll down the page and copy the Client Id. The Client Id is the unique identifier for your application. Under the Keys section, choose the duration of the validity of the keys (say, 1 year or 2 years). The key will be displayed once you save the application configuration. This is the Application key.Copy and store the key value. You won't be able to retrieve it after you leave this page.
- Click View Endpoints at the bottom of the screen to get the Tenant Id. In the App Endpoints screen, copy the id after the http://login.microsoftonline.com (this ID will be common across all the sections in this pop-up screen). Click the Complete button (tick mark) to close the pop-up.
- In the Permissions to other applications section, click Add Application
- Select Windows Azure Service Management API option. Click the Complete button (tick mark).
- In the Permissions to other applications section, select Windows Azure Active Directory option. Elevate the Delegated Permissions by selecting "Sign in and read user profile" and "Read and write directory data". Similarly, elevate the Delegated Permissions for Windows Azure Service Management API to "Access Azure Service Management as an organization"
- Click Save to save the configuration details. Now you will notice the Keys section displaying the application key. This key is required for the application to be able to read/write data in Microsoft Azure AD.
- By now, you should have copied the 3 different keys that are required to add the Azure subscription to BizTalk360
Retrieving the Publish Settings File
In addition to retrieving the Client identifier, Tenant identifier, and Application key from the Azure Classic Portal, you also need to retrieve the Publish Settings (subscription) file. This file will contain the secure credentials and additional information about the subscription that you can use in the development environment. To download the publish settings file, Click the Publish Settings link and this will automatically download the file.
Adding the Azure Subscription details to BizTalk360
In this section, let us take a look at the process of adding an Azure subscription (with the client identifier, tenant identifier, and application secret key information) to BizTalk360.
- Log in to BizTalk360 (as a Super User). Click the Settings icon at the top of the screen. Navigate to Monitoring and Notification > Manage Azure Subscriptions
- Click Add Azure Subscription. In the Azure Subscription Details page, you will see the below fields:
- Friendly Subscription Name - You can enter a friendly name for the subscription that you are adding to BizTalk360
Choose Environment - You can select the environment for which you want to add the Azure subscription.You can only choose one environment at a time from the drop down. If you have 3 environments and you want to map the Azure subscription for only 2 environments, you need to add the subscription separately for both environments.The normal monitoring restrictions will apply for Normal users. If the normal user does not have access to the environment, he cannot monitor the Azure services. If the normal user does not have permissions to monitor Azure services (under User Access Policy settings), they cannot monitor the Azure Services.
- Tenant Identifier - The identifier that authorizes and provides single sign-on and directory access for the application that you integrated with Microsoft Azure AD
- Client Identifier - The unique identifier for the application you integrated with Azure AD
- Application Secret Key - In order for BizTalk360 to be able to read or write data in Microsoft Azure AD, you need to enter the application key
- Publish Settings File - A simple XML file with the subscription details and the management certificate for authenticating the management API requests. You can download the Publish Settings file by clicking the link. You need to add this file in order to validate the Azure subscription details (in addition to the previously entered details in Step 3, 4, 5).
- Enable Subscription for Monitoring - You need to toggle the icon to the active state in order to enable the subscription for monitoring with BizTalk360. If you disable the toggle icon, you will notice the Monitoring Availability status as Not Available.
- Validate - Click the button to validate the entered subscription details. You will be prompted to copy a command and execute in PowerShell. Please refer to the steps in this article to see the process of enabling the permission for BizTalk360 to access the Azure subscription.
Done - Once you have successfully executed the command in PowerShell, click Done. You will notice the confirmation message as "You have successfully validated the configurations. Click save to start monitoring the Azure Resources".
If the PowerShell execution did not happen as expected or if you click Done without performing the PowerShell operation, you will notice an error message as "Azure PowerShell command not executed properly. Try to execute the command successfully and click Done." The Validate button will change to Validated and will be in the disabled state. For further information about the process of executing the PowerShell command, please click the Need Help link.
- Save - Click Save to save the Azure subscription details
- The Azure subscription details will be updated on the Manage Azure Subscriptions page
Follow the steps as shown below to add a new Azure Subscription in BizTalk360.