Project

General

Profile

Actions
Copy link

Task #138

closed
FR FR

Automate creating the entra-id application registration

Task #138: Automate creating the entra-id application registration

Added by Frank Refol 5 days ago. Updated 3 days ago.

Status:
Close
Priority:
Must Have
Assignee:
Frank Refol
Category:
Entra ID
Start date:
12/08/2025
Due date:
% Done:

0%

Estimated time:

Description

Currently, oauth2 properties from entra id is hard coded within the rproxy_setup_sites variable. To make this more dynamic, grab these values using an entra id role,

oauth2_tenant_id: 
oauth2_client_id:
oauth2_client_secret:
oauth2_email_domains:

FR Updated by Frank Refol 5 days ago Actions
Copy link
 #1

  • Description updated (diff)

FR Updated by Frank Refol 5 days ago Actions
Copy link
 #2

  • Status changed from New to In Progress

Code is currently in feature_138_entra_id_oath feature branch.

FR Updated by Frank Refol 5 days ago Actions
Copy link
 #3

  • Status changed from In Progress to Done

Slight change in process.

App password is generated and will be stored in vault.
App ID is generated and will be stored in vault.

Ansible module that is used to register application has a bug that makes it not idempotent unless app id is specified. Therefore, app id must be generated manually and store ahead of running the playbook. The guid can be created using one of the following methods:

python3 -c "import uuid; print(uuid.uuid4())"

Or

uuidgen

FR Updated by Frank Refol 5 days ago Actions
Copy link
 #4

  • Status changed from Done to Document

FR Updated by Frank Refol 3 days ago Actions
Copy link
 #5

Current implementation is documented at Entra ID OAuth2 Provisioning Ansible Role wiki page.
Full documentation is available at Microsoft_Entra_ID wiki page.

FR Updated by Frank Refol 3 days ago Actions
Copy link
 #6

  • Status changed from Document to Close
Actions
Copy link

Also available in: PDF Atom