How to - Connect Azure AD in Clavister Cloud Services

Last modified on 20 Dec, 2023. Revision 10
Up to date for
Clavister Cloud Services 3.1.0
Status OK
Subscription Required
Clavister Cloud Services with Essentials or higher

This guide walks you through the process of configuring Azure and Clavister Cloud Services to establish seamless integration between the two systems. To achieve this, you will need to perform specific configuration steps in both Microsoft Azure and Clavister Cloud Services. This guide provides two separate sets of instructions, each dedicated to its respective platform, ensuring a successful setup.

The guide uses our example companyShieldIT as<company_name> through the different steps

Please note the following assumptions:

  • This guide assumes that you already have an existing Azure Active Directory (Azure AD) setup in place.
  • Additionally, it is assumed that you have an active instance of Clavister Cloud Services deployed and are enrolled in the service, with access to the Clavister Cloud Services web user interface.

(See related articles below for for enrolling to the service)

Registering the Clavister Cloud Services application in Microsoft Azure

  1. Access the Azure portal by visiting
  2. In the search box at the top of the page, enter "Microsoft Entra ID" and initiate the search.
  3. In the menu on the left, select "App registrations."
  4. To register a new Clavister Cloud Services application, click on "New registration." Leave all values as default (except for the name) at this stage.
  5. The Clavister Cloud Services application requires specific permissions. Navigate to "API permissions" in the left-hand menu.
  6. Add a new permission for Microsoft Graph by clicking on "Add a permission." Choose "Application permission" as the permission type and set the scope to "User.Read.All."
  7. Configuration of a secret is also necessary. Proceed to "Certificates & secrets" in the left-hand menu.
  8. Click on "New client secret" to generate a secret.
  9. A new secret will be created; please copy this secret as it will be required later.
  10. Return to the overview page of the application registration and copy the "Application (client) ID" and "Directory (tenant) ID". 

Setting up Azure in Clavister Cloud Services

  1. Access Clavister Cloud Services, example using ShieldIT:
  2. Navigate to "Users" and select the "User directories" tab.
  3. Click on the "add new" button, provide a name for the directory, and input the "tenant ID," "client ID," and "secret" obtained from the previous section.
  4. Azure users should now have the ability to enroll.

Please note:

Once you have successfully completed the steps outlined above, the configuration process is considered complete. Further configuration within Azure and Clavister Cloud Services may not be necessary at this stage. Users who are part of the Azure Active Directory (Azure AD) setup will now have the ability to enroll in the service, note that they will need to have a mobile phone number and email configured in to be able to enroll and that they will not show up in the Clavister Cloud Services console until enrolled using the normal enrollment link. If needed, additional actions and configurations can be performed by users within the Azure AD environment to facilitate their enrollment in Clavister Cloud Services.

Related articles