Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

An Azure Active Directory (Azure AD) service principal is the local representation of an application object in a tenant or directory. It's the identity of the application instance.

There are three ways of integrating Azure AD

  1. Azure AD Legacy

  2. Azure AD Non- CSP

  3. Azure AD CSP

Differences

How are these three different?

  • Azure AD CSP

    • Licenses Azure AD through a CSP partner

  • Azure AD non-CSP

    • Directly acquires Azure AD licences from Microsoft.

  • Azure AD Legacy

    • CyberCNS creates an application in MS Azure Portal; If you have already integrated using this option then that means you have opted by Azure AD Legacy.

Azure AD Legacy CSP or Non-CSP

Azure AD (New) CSP or Non-CSP

Application in MS Azure Portal

CyberCNS creates an application in the MS Azure Portal and Partner consents

Partner creates the application in MS Azure Portal by themselves (instructions provided in the documentation here)

Permissions required for the CyberCNS application in MS Azure Portal

Maximum permissions of Read-Write

A minimum set of permissions (Read in most cases, Write only when absolutely required)

Validity of Token

90 days, one will have to renew the token after 90 days for AD sync to continue

Validity is set by the partner themselves and has to be renewed after the validity expires, for AD sync to continue

Azure AD Legacy

If you already have a Azure AD integration then you could continue with this.

Azure AD Legacy and Office 365 Integration

Azure AD CSP account

Azure Active Directory CSP Integration

Azure AD Non-CSP account

  • No labels