Mapping CASA Account with JSDN (Office 365)
This section explains you how to Map your CASA account with JSDN.
Pre-requisites:
- Only existing Microsoft CASA customers can be mapped on JSDN.
- Already consuming CASA licenses.
Checklist for Additional Information:
Note: Keep the below information ready before
proceeding with the order flow:
- Microsoft Primary Domain
- Authorization Code
- Partner Center App ID
- Partner Center App Key
- Microsoft Custom Domain
Mapping CASA Account to JSDN
To obtain Microsoft Primary Domain and Custom Domain names.
- Log into portal.office.com using your Microsoft admin credentials.
- Navigate to the Admin section under the Apps.
- Select Domain from the left-pane.
- Make a note of the default domain which is your primary domain name.
- You can even map your custom domains (if any) which have been setup completely.
App Creation in Azure Portal
Create an app in azure portal by following the below steps:
- Log into portal.azure.com using your Microsoft admin credentials.
- Click Azure Active Directory option from the left menu.
- Once Active Directory opens up, Click App Registration option available in the left menu.
- In App registration section, Click “New registration” and app creation form appears on the screen.
- Fill up the form with respective information,
- Go with default option in supported account types.
- Enter http://localhost:8080/in the field next to web drop-down for Redirect URI.
- Click on “Register” button.
- Once you click Register, the newly created app will appear.
App Permissions
- Now you have the newly created app available under “All applications” tab on App registration page.
- Click on the newly created app, the system will redirect you to app specific page.
- Click on “View API Permissions”. Refer to the list of existing API Permissions.
- Clicking “Add a permission” will open the window to select Microsoft API in order to provide the permissions.
- Select “Microsoft graph”, it will take user to a
window displaying two permissions options i.e. Delegated permissions and
Application permissions.
- Select Delegated permissions
- Click on Directory drop-down
- Check permissions “Directory.Access as User.All” and Directory.ReadWrite.All”
- Click on User drop-down
- Check permissions “User.Read” and “User.ReadWrite.All”
- Check “Email” and “Profile”
- Click “Add permission” on the bottom, the selected permissions should display on API permission page table.
- Click “Grant admin consent" button on the API permission page.
- Click “Yes”, user will get the success message on the top and Granted permissions on the page under “Admin consent required column”.
- Perform Steps 3, 4, and 5 then
- Select Application permissions
- Click on Directory drop-down
- Check permissions “Directory.Read.All” and Directory.ReadWrite.All”
- Click on Domain drop-down
- Check permissions “Domain.ReadWrite.All”
- Click on User drop-down
- Check permissions “User.ReadWrite.All”
- Perform Steps 6, 7, and 8
- Perform Steps 3, and 4
- Select “Azure Active Directory graph” on Request API
permission window. It will take user to a window displaying two permissions
options i.e. Delegated permissions and Application permissions.
- Select Delegated permissions
- Click on Directory drop-down
- Check permissions “Directory.Access as User.All”
- Click on User drop-down
- Check permissions “User.Read” and “User.Read.All”
- Perform Steps 6, 7, and 8
- Select Application permissions
- Click on Domain drop-down
- Check both the permissions “Domain.ReadWrite.All”
- Perform Steps 6, 7, and 8
- Perform Steps 3, and 4
- Select “Azure Service Management” on Request API
permission window. It will take user to a window displaying two permissions
options i.e. Delegated permissions and Application permissions.
- Select Delegated permissions
- Click on single permission available “User_impersonation”.
- Perform Step 6, 7, and 8
- Here, you are done with providing all the permissions and granting admin consent. You can check all the permission details on “API permissions” page.
Expose API
- Now, we have given the app permissions, next step is to Expose an API, navigate to app registrations page and select the newly created app.
- Double click on the newly created app.
- You will be directed to app specific page.
- Click on “Expose an API” option on the inner left-pane and click on “Add a scope”.
- You will be redirected to app specific- Expose an API window.
- Here you have to enter information as provided in the screen shot. User can add and edit existing scope.
- Click Save.
Update the Details in JSDN
You can map the O365 CASA Account details to JSDN while placing the order for any O365 service from the store catalogue.
- Login to the Store URL with Admin credentials
- Navigate to Catalogue > View Offer > Click on Add to cart.
- After accepting the SLA, in Data collection page provide the O365 CASA Account details
- Click Save and finish to complete the order.