Preparation
Your SafeID Token Service (STS) needs to access your Azure AD (AAD) tenant in order to retrieve data such as users and tokens etc, therefore it needs a service account in AAD. This account is called the Access User account.
The Access User account must meet the following requirements
- It must be a service account that does not expire
- It must have global administration rights
- It must NOT be enabled with multi-factor authentication
As the Access User account is only going to be used for machine to machine communication, you can make its password as long as possible.
Integration
Sign into the SafeID Token Service console, navigate the following Navigate to Settings | Azure AD Setup
...
In the Access User Password box, enter the password of the access user.
Click Start
Click "Accept"
The integration completed successfully
Review
To ensure that the integration has indeed been completed successfully, you can check the following
Finally, sign out and sign in again. Then, you should be able to browse users in AAD
