Celiveo 365

Configure ROPC with Federation

What is ROPC?

The Resource Owner Password Credential (ROPC) flow is one of the standard flows defined in OAuth1.
For ROPC to function with Federation (when password synchronisation is enabled), an app level HRD (Home Realm Discovery) policy needs to be created (please see this page to learn more).

Configuration

  1. Open powershell
  2. Install the “AzureADPreview” module using cmdlet “Install-Module AzureADPreview”.
  3. Connect to Azure AD using powershell with Global Admin account using cmdlet “Connect-AzureAD”.
  4. Execute “Get-AzureADServicePrincipal -SearchString Celiveo” cmdlet to find out the ObjectID of Celiveo authentication app (the one you consented to while signing up for Celiveo 365).
  5. Create an HRD policy in the Azure Tenant using “New-AzureADPolicy -Definition @(“{`“HomeRealmDiscoveryPolicy`”:{`“AllowCloudPasswordValidation`”:true}}”) -DisplayName EnableDirectAuthPolicy -Type HomeRealmDiscoveryPolicy” and note the highlighted ID.
  6. Associate this created HRD policy with the Celiveo app using – “Add-AzureADServicePrincipalPolicy -Id e727fe37-5734-4157-bcc9-38f03c6f8244 -RefObjectId 4c2f2c73-d325-4e70-a364-6aab3f216a3d”.
  7. It is possible to check if the policy is successfully attached using “Get-AzureADPolicyAppliedObject -Id 4c2f2c73-d325-4e70-a364-6aab3f216a3d”. This should return the appID object of the Celiveo 365 app.
Last modified: 5 April 2024

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment