This guide covers authenticating with custom Azure Applications/APIs. You will need your Azure and PixieBrix Administrator to assist with the instructions in this guide.
- Create/Register an Azure Application
- Assign Users and Groups
- Configure the Application Registration
- Configure API Permissions
- Record the Application and Directory ID
- Configure the PixieBrix Integration
- Testing the Integration Configuration in a Mod
Create/Register an Azure Application
Azure documentation to Register an Application
- Visit the Enterprise Applications page
- Click New application
- Click Create your own application
- Provide a name for your application and click “Create”
Assign Users and Groups
- Assign one or more users/groups to the application for them to access the application
Configure the Application Registration
- Open the Application Registration for your application. To locate it from the Omnibar, search for the name and select the “Application” entry
- Open the Authentication settings
- Click “Add a platform”
- Choose Single-page Application
- Provide the following Custom Redirect URL. (The
chromiumapp.org
origin is a special origin that the Chrome Web Browser uses client OAuth2 flow redirects.)
https://mpjjildhmpddojocokjkgmlkkkfjnepo.chromiumapp.org/oauth2
Configure API Permissions
- Select Manage > API Permissions
- Add some base permissions. To allow sign in, select “Microsoft Graph” and choose the Open ID permissions:
Record the Application and Directory ID
- Return to the Overview page for the application you created
- Record the Application (client id) and Directory (tenant) ID for use with PixieBrix
Configure the PixieBrix Integration
To complete these steps for your team, you must be an Admin on your PixieBrix team. Alternatively, for development & testing, you may configure the integration in the Extension Console
- Open the PixieBrix Admin Console: https://app.pixiebrix.com/
- Select Integrations in the left side nav
- Click “Add Integration”
- Search for Microsoft Azure
- Provide the following information for the Application
- Pushdown (read-only): the integration configuration will be pushed to your team members. They will each authenticate individually with the application
- Application (client) ID: from the Application Registration Overview
- Directory (tenant) ID: from the Application Registration Overview
- Scope: for information on available Azure scope names, see https://learn.microsoft.com/en-us/graph/permissions-reference
Testing the Integration Configuration in a Mod
- Create a new Mod in the Page Editor, e.g., a Trigger
- Add an HTTP Request Brick
- Configure the brick:
- URL:
https://graph.microsoft.com/v1.0/me
- Integration Configuration: select the Integration Configuration you configured in the previous section
- Method: get
- Run the Mod
- Your browser will open the OAuth2 authentication flow
- After you authenticate, the Output Panel will show your user’s profile information: