Seamless Azure AD Integration: Step-by-Step Guide for NordicScreen Q-Cal

Create Azure app for AD-Integration


Introduction

This guide describe how to send up Azure App for AD integration between Office 365 and NordicScreen Q-Cal. The guide includes 2 step.

1. Create App registration in Azure.

2. Click on App registrations

Microsoft Azure dashboard highlighting the 'App registrations' option for setting up new applications.


3. Click on New registration

Microsoft Azure 'App registrations' page with an option for 'New registration' highlighted for adding a new application.


4. Type "NordicScreen - Q-Cal AD"

Microsoft Azure application registration form with 'Name' field filled as 'NordicScreen - Q-Cal AD' for a new application setup.


5. Click on Register

Register button and policy agreement on Microsoft Azure app registration page.


6. Click on API permissions

API permissions section in Microsoft Azure App registration menu.


7. Click on Add a permission

Add a permission button in the API permissions section of Azure App Registration.


8. Click on Microsoft Graph…

Microsoft Graph API option selected for requesting permissions in Microsoft Azure.


9. Click on Your application runs as a background service or daemon without a signed-in user.

Option for Application permissions selected indicating the app runs as a background service without a signed-in user.


10. Type "directory"



11. Click on Expand

Microsoft Azure app registration process highlighting the selection of 'Directory' permission within the API permissions setup.


12. Click on Directory.Read.All

Microsoft Azure API permissions selection interface showing 'Directory.Read.All' permission with admin consent required.


13. Type "group"

Microsoft Azure interface showing API permissions for Microsoft Graph with options for Group, GroupMember, and other permissions, indicating admin consent is required


14. Click on Expand

Microsoft Azure permissions selection window with 'Group' highlighted as a potential permission to add for an application's API access.


15. Click on Group.Read.All

Microsoft Azure API permissions for 'Group' with 'Group.Read.All' option to read all group data selected and marked as requiring admin consent.


16. Type Group Member

API permission request in Microsoft Graph for 'Group.Read.All' to read all group data, with admin consent required highlighted.


17. Click on Expand



18. Click on GroupMember.Read.All

Checkbox selected for Microsoft Graph permission 'GroupMember.Read.All' to read all group memberships, with admin consent confirmed as 'Yes'.


19. Type "user"



20. Click on Expand

Screenshot of Microsoft Graph API permissions selection with 'User' permission highlighted for addition.


21. Click on User.Read.All

Microsoft Graph API permissions interface showing 'User.Read.All' permission selected to read all users' full profiles.


22. Click on Add permissions

Microsoft Azure permissions selection for 'User.Read.All' with 'Add permissions' button highlighted.


23. Click on Certificates & secrets



24. Click on New client secret



25. Type "NordicScreen - Q-Cal AD"

Dialog for creating a new client secret in Microsoft Azure with the name 'NordicScreen - Q-Cal AD' entered.


26. Click on Expires

Options for client secret expiration in Microsoft Azure, with a recommended duration of 180 days (6 months) highlighted.


27. Click on 730 days (24 months)

Dropdown menu selection for a client secret expiration term of 730 days (24 months) in Microsoft Azure settings.


28. Click on Add

Button for 'Add' next to 'Cancel' on a blank configuration screen, likely in a setup or registration process.


29. Click on Certificates & secrets



30. Copy "Value" and pas in a email (Used in part two of the guide)

Client secret details blurred out for security, with a visible 'Copy to clipboard' icon next to the secret ID for user convenience.


31. Copy "Secret" and pas in a email (Used in part to of the guide)



32. Click on Overview

Click on Overview

33. Copy "Application (client) ID" and pas in a email (Used in part to of the guide)

Application ID and directory (tenant) ID details displayed for NordicScreen - Q-Cal AD in Microsoft Azure, with a clipboard icon indicating the option to copy these IDs.

34. Press "Grant admin consent" after assigning permissions.


2. Send information to NordicScreen Support


After creating the App registration in Azure, send below information to NordicScreen Support. 

Emne: Azure AD integrtaion - "Customer name"

Following app registration is created. 

Application ID: (Use information from step 33.) 
Value: (Use information from step 30.) 
Secret: (Use information from step 31.) 
And Exchange domain.


    • Related Articles

    • Create Employees as Clients for Check-In

      To show an employee on the Check-In solution, the person must be created as a client in Q-Desk via app.q-cal.net. This guide describes how to create an employee on the "Har aftale" and "Har ikke aftale" list on the Check-In solution, respectively. If ...

    • How to create a Check-In view with guest registration

      This guide shows step by step how to create a Check-In design with guest registration for you solution. 1. The first step is to log in to Q-Cal. 2. Here, click on Design. 3. You can choose what you want to create a design for. Select Check-In. 4. ...

    • Set up ChurchDesk Integration

      This guide describes how to set up Churchdesk in Q-Cal. The guide is divided into 2 parts: 1. Contact Churchdesk for link delivery. 2. Set up the integration in Q-Cal. Contact Churchdesk for link delivery. To set up a Churchdesk integration in Q-Cal, ...

    • How to create/use Q-Cal Templates for Q-Play Template solution

      How to create a Q-Cal Screen Design. If you want to add a dynamic element to your Q-Play template, we can create a relevant template in Q-Cal. Then we also showcase how the two systems work together. Sign in to Q-Cal. Click on Design Choose a display ...

    • How to Create an API Key

      1. Open the Dropdown Menu Click on the dropdown menu in the top right corner of your screen. 2. Access the Admin Panel In the dropdown menu, click on Admin. 3. Navigate to API Access Within the Admin panel, click on API access. 4. Create a New API ...