TDV Adapter for Azure Analysis Services

Build 24.0.9060

Creating an Azure AD Application

Creating an Azure AD Application

Azure Analysis Services supports user-based authentication using Azure AD. This authentication is OAuth-based.

CData embeds OAuth Application Credentials with CData branding that can be used when connecting to Azure Analysis Services via a desktop application or a headless machine. To connect to Azure Analysis Services via the Web, you must always create a custom application, as described here.

However, since custom Azure AD applications seamlessly support all three commonly-used authentication flows, you might want to create a custom application (use your own Azure AD Applications Credentials) for those other authentication flows.

Custom OAuth applications are useful if you want to:

  • Control branding of the authentication dialog.
  • Control the redirect URI that the application redirects the user to after the user authenticates.
  • Customize the permissions that you are requesting from the user.

Authenticating With Azure AD

In https://portal.azure.com:

  1. In the left-hand navigation pane, select Azure Active Directory > App registrations.
  2. Click New registration.
  3. Enter a name for the application.
  4. Specify the types of accounts this application should support:

    • For private use applications, select Accounts in this organization directory only.
    • For distributed applications, select one of the multi-tenant options.

    Note: If you select Accounts in this organizational directory only (default), when you establish a connection with Azure Analysis Services Adapter you must set AzureTenant to the Id of the Azure AD Tenant. Otherwise, the authentication attempt fails.

  5. Set the redirect URI to http://localhost:33333 (default) OR, if you want to specify a different port, specify the desired port and set CallbackURL to the exact reply URL you just defined.
  6. To register the new application, click Register. An application management screen displays. Record these values for later use. (You will use the Application (client) ID value to set the OAuthClientId parameters, and the Directory (tenant) ID value to set the AzureTenant parameter.)
  7. Navigate to Certificates & Secrets. Select New Client Secret for this application and specify the desired duration. After the client secret is saved, the Azure App Registration displays the key value. This value is displayed only once, so record it for future use. (You will use it to set the OAuthClientSecret.)
  8. If you have specified the use of permissions that require admin consent, you can grant them from the current tenant on the API Permissions page.

Copyright (c) 2024 CData Software, Inc. - All rights reserved.
Build 24.0.9060