Azure Active Directory
You can configure Integration Server based Common Directory Services (CDS) in IBM® webMethods Managed File Transfer. Apart from CDS, IBM webMethods Managed File Transfer also supports Azure Active Directory (AD) as an external directory service using Microsoft graph library.
Before you Begin
- IBM webMethods Managed File Transfer user name is the Principal Name in Azure AD.
- Azure AD user login fails, if the Active toggle button is disabled.
Basic Flow
To enable Azure AD user management:
-
Go to Azure console and register IBM webMethods Managed File Transfer as an application. Copy the following information provided by Azure console during the registration process:
- Tenant ID
- Client ID
- Client secret
- Configuration URL
-
Log in to your tenant.
-
Go to . Click Active under Azure active directory, paste the details copied from Azure console in the relevant fields. Click Test Connection, verify the connection and click Save.
Next Steps
-
Azure AD users appear automatically in all user and group related sections. Azure AD users cannot be updated or created from IBM webMethods Managed File Transfer, they can only be viewed.
-
Azure AD implementation provides access to partner users only, and these users do not have access to IBM webMethods Managed File Transfer user interface. Partner user permissions provided in the UI permissions section are therefore not applicable to Azure AD users.
-
As an Azure AD client, IBM webMethods Managed File Transfer performs the following operations:
- List all users.
- List all groups.
- Associate users with groups.
- Login with a valid username and password.
Provide a valid set of permissions in your Azure console to perform these operations. The corresponding operation fails if the required permissions are not granted to the client.
Example:
Application level type permission
Directory.Read.All: List all users, groups and member associations.Delegated level type permission
User.Read: Login and read the user profile.