Configuring Azure for Process Director Integration

Note A PDF file for end-to-end Azure OAuth configuration can be found here: Configuring Azure OAuth (PDF Download)

Microsoft Modern Authentication (an OAuth-based authentication system) provides much more secure access to SharePoint, SMTP email, and other Azure services from Process Director, but does require a complex setup process. To set up Modern Authentication between Azure and Process Director, you must complete the following steps.

  1. Create a certificate to authenticate Process Director with Azure.
    1. Using Microsoft’s certreq.exe, installed on all modern Windows OS versions.
    2. Using PowerShell, also included with all modern Windows OS versions.
  2. Add Process Director as a Registered Active Directory application in the Azure Active Directory portal.
    1. Add the public key certificate to the Process Director application in Azure.
    2. Configure the appropriate Azure settings.

In this topic, we'll address each of these required steps in detail. Additional information about this topic can also be obtained from Microsoft's online documentation.

Important You cannot configure any OAuth settings for SharePoint Datasources or SMTP Email in Process Director until you have created and registered an Azure Active Directory Application in Azure by completing the steps described in this topic.

Create a certificate to authenticate Process Director with Azure #

Microsoft prefers the use of certificates for authentication. Each certificate includes both the public and private keys used to encrypt data. The public key (in a CER file) is used by SharePoint Online to authenticate Process Director. The private key is packaged in a password-protected PFX file and is used by Process Director to authenticate with Azure Services. There are two methods that can be used on Windows-based systems to create a proper certificate.

  • Using Microsoft’s certreq.exe, installed on all modern Windows OS versions.
  • Using PowerShell, also included with all modern Windows OS versions.

Important Keep in mind that certificates expire after a set period of time. Most organizations specify the maximum length of time certificates should be used. By default, the instructions that follow will generate certificates valid for one year. You should, therefore, generate and install new certificates well before existing certificates expire. This implies that your organization also has a mechanism in place to be reminded when expiration is approaching, to ensure that service interruptions don't occur.

Creating a Certificate with certreq.exe

This method of certificate creation might be preferred if you’re less comfortable with command-line operations and don’t intend to automate the generation of certificates. Microsoft's online documentation has additional information about certreq.exe.

Creating a Certificate with PowerShell

PowerShell is a command line application that's included with all modern versions of Windows. You can choose this method if you’re comfortable with PowerShell and might want to automate certificate generation on a recurring basis.

Add Process Director to Azure #

To add Process Director as an application in your Azure Active Directory portal at the Tenant level, complete the steps below after signing into your Azure portal (portal.azure.com):

Your AAD Application should now be properly registered and secured with a certificate.

Conclusion

Congratulations! Assuming that you've correctly followed the instructions above, you've now configured an Azure Integration with Process Director. To complete the integration, you'll need to perform some additional, specialized configuration in Azure, depending on whether you're trying to: