viflow logoknowledge base

Contact Us

Menu
en de
  • viflow product page
  • Support request

Contact Us

  • viflow knowledge base
  • Instructions
  • WebModel
  • Azure AD connection for the WebModel on IIS
WebModel

Azure AD connection for the WebModel on IIS

Applies to: viflow (subscription | 9), Azure AD | Article: 1890246 | Updated on 21.05.2024

Delete

Article for IT professionals/administrators

This article is intended exclusively for administrators who are familiar with hosting websites (viflow WebModel), Microsoft Azure AD and assigning permissions.

Initial Situation

Your viflow WebModel is hosted on an internal/external IIS ( Internet Information Services from Microsoft – not in Azure!) and should be connected to the Active Directory on Microsoft's cloud computing platform Azure (Azure AD).

Configuration in Azure

Register new app

  1. Open the Microsoft Azure Portal from portal.azure.com.
  2. Open the Azure Active Directory application.
  3. Under App registrations, click New registration.
    The Register an application window opens.
  4. Enter a name here and under Supported account types select the Active Directory that is to be connected to the WebModel (here: ViCon GmbH only – Single tenant).
  5. Under Redirect URI (optional), select Web in the left selection box.
    Enter the Redirect URL, which must match the WebModel Server URL.
    The URL path specification (/signin-oidc) must be identical to the path specification in the appsettings.json file and entered in the settings under AzureAd >> CallbackPath. Then the "Client ID" and "Tenant ID" must be transferred to the WebModel configuration.
Delete

Important

As soon as the AzureAd and DownstreamApi keys are present in the configuration, an attempt is made to connect to Azure. To prevent this behavior, the key AzureAd must be renamed.

  1. After Client credentials, click Add a certificate or secret.
  2. Select New client secret and transfer this to the appsettings.json file.

Claim Configuration

Delete

Only when joining Azure AD to on-premises AD

The work step described here is only necessary if the Azure AD is linked to a local/external Active Directory (not Azure AD!).
If only the Azure AD is used, the "Claim Configuration" does not apply.

In the default setting, the Claim OnPremiseSecurityIdentifier is not supplied. This is required by the WebModel to identify users added from the local Active Directory.

API permissions

The WebModel works with a service account to communicate with the Microsoft Graph API.
A delegation (on-behalf-of) is not readily permitted and therefore the WebModel requires additional permissions.

  1. Open the Request API permissions window.
  2. Under Application permissions, grant the WebModel the following permissions:
    > Directory.Read.All
    > Group.Read.All
    > User.Read.All
Delete

Administrator rights required

The assigned permissions must be approved once by an administrator!

Delete

Information about the WebModel on IIS

You can find more information about hosting the viflow WebModel on IIS in the article
››› Providing the viflow WebModel with IIS (Internet Information Services)

All articles in WebModel

  • Use of the hosting service viflow cloud for your web model
  • Improve the performance of the WebModel
  • Deploying the viflow WebModel with IIS (Internet Information Services)
  • Installation of IIS (Internet Information Services) for viflow WebModels
  • Disable caching for viflow WebModels
  • Turn off the login dialog when opening the WebModel
  • Opening the WebModel via HTTPS
  • Operate viflow on Microsoft Azure
  • Open local viflow WebModel
  • Enable single sign-on (SSO) for different browsers
  • Error "HTTP Error 500.37 - ANCM Failed" when starting the WebModel
  • Error "HTTP Error 500.19" when starting the WebModel
  • Error "HTTP Error 500.30 - ANCM" when starting the WebModel
  • Processes are blocked by prohibition signs in the WebModel
  • Calling up documents on a file server via a web server (IIS)
  • Open local/external documents from the WebModel
  • Process Model cannot be exported as WebModel
  • Enable compatibility mode in WebModel – .NET 6.0
  • Open local viflow WebModel as preview
  • Replace WebModel manually on web server
  • Restrict access to WebModel directly on web server
  • Direct linking to specific processes in the WebModel
  • Adjust the name of the viflow WebModel
  • Azure AD connection for the WebModel on IIS
  • Administer WebModel – Set up permissions
  • Changing the viflow cloud password
  • Long loading time when calling up the WebModel
Quicklinks
  • viflow international
  • viflow functions
  • Trainings
  • viflow life cycle
  • viflow system requirements
  • Remote support
  • viflow updates
SUBMIT SUPPORT REQUEST

Couldn't find a solution? Make a support request.

Submit a support request


FOLLOW US

We inform you regularly about current developments, trends and news around viflow. Just choose the format that's right for you.

Newsletter subscription
vilfow auf facebook ViCon auf Xing ViCon auf Linkedin vilfow auf youtube
Contact Central office

+49 511 696048-0

Sales

+49 511 696048-20

Support support@viflow.de
  • Contact
  • T&Cs
  • Conditions of Use
  • Privacy Statement
  • Legal Info

Copyright © 2003 – 2025 ViCon GmbH | viflow knowledge base | All rights reserved.

info@vicon.biz +49 511 696048-0
Knowledge Base Software powered by Helpjuice

Definition by Author

0
0
  • Kontakt
  • AGB
  • Nutzungsbedingungen
  • Datenschutz
  • Impressum

Copyright © 2003 – 2021 ViCon GmbH | Funktionen | Alle Rechte vorbehalten.

info@vicon.biz +49 511 696048-0
Expand