During the configuration of DS Service with Active Directory in O365 (Azure AD), we need to create an application registration with rights to read Active Directory objects in your O365 tenant.
Note: This feature requires that users can log in with “basic authentication”.
Create Azure app for Keyboard function in Digital Sign Client
1. Log on Azure portal with your Azure account.
2. If your account gives you access to more than one, click your account in the top right corner, and set your portal session to the desired Azure AD tenant.
3. In the left-hand navigation pane, click the Azure Active Directory service (if it absent, click on All services and find it by name), click App registrations --> New registration.
4. When the Register an application page appears, enter your application's registration information:
- Name: Enter WorkSpace.Authentication (or any name you want).
- Note: Name of the web app must not include spaces or digits.
- Supported account types: Select ‘Accounts in this organizational directory only’.
- Redirect URI: Enter your web app URL (the address of a web page where users can sign in and use your app). The APP ID URI is your Azure Tenant URI followed by your app name (unique identifier for Azure AD to identify your app).
5. When finished, click Register. You are presented with the details of the app that you created. Copy the Application (client) ID for later use:
6. Go to Authentication, check on ID tokens and select Yes for ‘Allow public client flows’ and click [Save]:
7. Go to Certificates & secrets --> New client secret (key):
Note: Select ’24 months’ for Expires
Add a description for your key and click [Add]. The right-most column will contain the key value (Password), after you save the configuration changes. Be sure to copy the Value for use in Digital Sign Service (inside it’s Password field), as it is not accessible once you leave this page.
8. Go to API Permissions, grant admin consent to the app
9. Go to DS Service Manager/SYSTEM/Settings. Check on option “Use keyboard for user-authentication on digital signage” as shown in the figure below:
10. Go to DS Service Manager/SYSTEM/Connections. Copy the Application (client) ID retrieved at Step 5 to the field Application (client) ID for Client, and fill in the code provided in Step 7 for Client Secret:
11. Click [Save] to finish.
Applies to: DSS for Server 4.3
Reference: TFS #204048
Knowledge base ID: 0298
Last updated: July 31, 2021
Tuan Dinh Cong