Help Center Help Articles Professional Support Community RMA & Warranty Downloads Tech Specs

UniFi Identity - Create an Application for UniFi Identity in Microsoft Entra Admin Center

To integrate Microsoft Entra with UniFi Identity, please create an application for UniFi Identity in the Microsoft Entra admin center first. This application is dedicated to directory use only, granting the necessary permissions and featuring independent permission control.

Requirements

Create an Application for UniFi Identity

  1. Sign in to the Microsoft Entra admin center with the role of at least a Cloud Application Administrator.
  2. If you have access to multiple tenants, go to Settings > Directories + subscriptions in the upper-right menu to switch to the tenant where you want to register the application.
    Settings.png
  3. Go to Identity > Applications > App registrations and select New registration.
  4. Enter a name for the application.
  5. Go to Supported account types and select Accounts in this organizational directory only.
  6. Go to Redirect URI (optional) and set the platform to Web. A redirect URI is where the Microsoft identity platform redirects the user's client and sends security tokens after authentication.
  7. Click Register.
    Accounts_in_this_organizational_directory.png
  8. When registration finishes, the Microsoft Entra admin center displays the app registration's Overview page. Copy the Application (client) ID as you'll need it when setting up Entra ID in UniFi Identity.
    Client_ID.png

Configure API Permissions

  1. Go to ManageAPI permissions > Add a permission > Microsoft Graph and click Application permissions.
    API_Permission.png
  2. Select User.Read.All and Directory.Read.All. You can use the filter for a quick search. Then click Add permissions.Application_Permissions.png
  3. Click Grant admin consent for… and click Yes to confirm.
    Grant_Admin_Consent.png

Add a Client Secret

  1. Go to Manage > Certificates & secrets > Client secrets and click New client secret.
  2. Add a description for your client's secret and select an expiration or set a custom lifetime. Note that the client's secret lifetime cannot exceed two years (24 months).
  3. Click Add.
    Client_Secret.png
  4. Copy the client secret's Value for later use when setting up Entra ID in UniFi Identity. This value will not be shown again after you leave this page.
    Copy_Value.png
Was this article helpful?
1 out of 4 found this helpful