Sailpoint IIQ Azure Active Directory Connector
Recently I was trying to integrate Azure AD with IIQ and found that 7.3P3 doesn't support proxy rather it's supported from patch4 version , so if you are in patch 3 make sure that the server FW is open and should be able to access the below URL which are internally used by Sailpoint Azure Connector.
https://login.windows.net
https://graph.windows.net
https://graph.microsoft.com
https://login.microsoftonline.com
Also make sure that you are able to retrieve data from Azure using below CURL
To generate access token :
curl --location --request POST 'https://login.microsoftonline.com/sailpointdev.onmicrosoft.com/oauth2/v2.0/token' \
--header 'Cookie: fpc=AnqEXhzvx4NKjU5r-HxvS9WRa5E6AQAAALRd4tcOAAAA; stsservicecookie=ests; x-ms-gateway-slice=prod' \
--form 'grant_type="client_credentials"' \
--form 'client_id="<Client_ID>"' \
--form 'client_secret="<Secret>"' \
--form 'scope="https://graph.microsoft.com/.default"'
Use above generated access token and fire below curl :
curl --location --request GET 'https://graph.microsoft.com/v1.0/groups?$top=500&$filter=securityEnabled+eq+true' \
--header 'Authorization: Bearer XXXXXXeyJ0eXAiOiJKV1QiLCJub25jZSIXXXXX' \
--header 'Content-Type: Application/json;odata=minimalmetadata'
Happy Learning !!
