Showing posts with label Azure Active Directory. Show all posts
Showing posts with label Azure Active Directory. Show all posts

Thursday, March 18, 2021

Sailpoint IIQ Azure Active Directory Connector Pre-check

Sailpoint IIQ Azure Active Directory Connector

Recently I was trying to integrate Azure AD with IIQ and found that 7.3P3 doesn't support proxy rather it's supported from patch4 version , so if you are in patch 3 make sure that the server FW is open and should be able to access the below URL which are internally used by Sailpoint Azure Connector.

https://login.windows.net

https://graph.windows.net

https://graph.microsoft.com

https://login.microsoftonline.com

Also make sure that you are able to retrieve data from Azure using below CURL

To generate access token :

curl --location --request POST 'https://login.microsoftonline.com/sailpointdev.onmicrosoft.com/oauth2/v2.0/token' \

--header 'Cookie: fpc=AnqEXhzvx4NKjU5r-HxvS9WRa5E6AQAAALRd4tcOAAAA; stsservicecookie=ests; x-ms-gateway-slice=prod' \

--form 'grant_type="client_credentials"' \

--form 'client_id="<Client_ID>"' \

--form 'client_secret="<Secret>"' \

--form 'scope="https://graph.microsoft.com/.default"'


Use above generated access token and fire below curl :

curl --location --request GET 'https://graph.microsoft.com/v1.0/groups?$top=500&$filter=securityEnabled+eq+true' \

--header 'Authorization: Bearer XXXXXXeyJ0eXAiOiJKV1QiLCJub25jZSIXXXXX' \

--header 'Content-Type: Application/json;odata=minimalmetadata'


Happy Learning !!