Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save shash-sgnl/808f5bb77996ace8632783929cec0ff1 to your computer and use it in GitHub Desktop.
Save shash-sgnl/808f5bb77996ace8632783929cec0ff1 to your computer and use it in GitHub Desktop.
# Azure AD Configuration YAML for DS2.0
name: Azure AD
icon: |
PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCAxOCAxOCI+PGRlZnM+PGxpbmVhckdyYWRpZW50IGlkPSJhIiB4MT0iMTMuMjUiIHkxPSIxMy4wMiIgeDI9IjguNjIiIHkyPSI0LjI1IiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSI+PHN0b3Agb2Zmc2V0PSIwIiBzdG9wLWNvbG9yPSIjMTk4OGQ5Ii8+PHN0b3Agb2Zmc2V0PSIuOSIgc3RvcC1jb2xvcj0iIzU0YWVmMCIvPjwvbGluZWFyR3JhZGllbnQ+PGxpbmVhckdyYWRpZW50IGlkPSJiIiB4MT0iMTEuMjYiIHkxPSIxMC40NyIgeDI9IjE0LjQ2IiB5Mj0iMTUuOTkiIGdyYWRpZW50VW5pdHM9InVzZXJTcGFjZU9uVXNlIj48c3RvcCBvZmZzZXQ9Ii4xIiBzdG9wLWNvbG9yPSIjNTRhZWYwIi8+PHN0b3Agb2Zmc2V0PSIuMjkiIHN0b3AtY29sb3I9IiM0ZmFiZWUiLz48c3RvcCBvZmZzZXQ9Ii41MSIgc3RvcC1jb2xvcj0iIzQxYTJlOSIvPjxzdG9wIG9mZnNldD0iLjc0IiBzdG9wLWNvbG9yPSIjMmE5M2UwIi8+PHN0b3Agb2Zmc2V0PSIuODgiIHN0b3AtY29sb3I9IiMxOTg4ZDkiLz48L2xpbmVhckdyYWRpZW50PjwvZGVmcz48cGF0aCBmaWxsPSIjNTBlNmZmIiBkPSJNMS4wMSAxMC4xOWw3LjkyIDUuMTQgOC4wNi01LjE2TDE4IDExLjM1bC05LjA3IDUuODRMMCAxMS4zNWwxLjAxLTEuMTZ6Ii8+PHBhdGggZmlsbD0iI2ZmZiIgZD0iTTEuNjEgOS41M0w4LjkzLjgxbDcuNDcgOC43My03LjQ3IDQuNzItNy4zMi00LjczeiIvPjxwYXRoIGZpbGw9IiM1MGU2ZmYiIGQ9Ik04LjkzLjgxdjEzLjQ1TDEuNjEgOS41MyA4LjkzLjgxeiIvPjxwYXRoIGZpbGw9InVybCgjYSkiIGQ9Ik04LjkzLjgxdjEzLjQ1bDcuNDctNC43Mkw4LjkzLjgxeiIvPjxwYXRoIGZpbGw9IiM1M2IxZTAiIGQ9Ik04LjkzIDcuNzZsNy40NyAxLjc4LTcuNDcgNC43MnYtNi41eiIvPjxwYXRoIGZpbGw9IiM5Y2ViZmYiIGQ9Ik04LjkzIDE0LjI2TDEuNjEgOS41M2w3LjMyLTEuNzd2Ni41eiIvPjxwYXRoIGZpbGw9InVybCgjYikiIGQ9Ik04LjkzIDE3LjE5TDE4IDExLjM1bC0xLjAxLTEuMTgtOC4wNiA1LjE2djEuODZ6Ii8+PC9zdmc+
description: "Azure AD as a Data Source"
address: "https://login.microsoftonline.com"
defaultSyncFrequency: MINUTELY
defaultSyncMinInterval: 2
defaultApiCallFrequency: SECONDLY
defaultApiCallMinInterval: 1
adapter:
hostname: adapter.sgnl.svc.cluster.local
port: 8080
apiVersion: "V1"
disableTls: true
supportedAuthMechanisms:
- OAuth2:
clientId: "fc6088b2-932e-44b5-b2ab-8906bd830cfd"
scope: "https://graph.microsoft.com/.default"
tokenURL: "https://login.microsoftonline.com/e53fac2f-57f3-4d36-8051-f1df14e3f81c/oauth2/v2.0/token"
authStyle: AutoDetect
clientSecret: "yvN8Q~mVq~C_auFMHuXH01yFD1tyGe1ms0-wrbxy"
config: ewoJInZlcnNpb24iOiAiMS4wIiwKCSJjb25maWciOiB7CgkJInJlcXVlc3RUaW1lb3V0IjogMTAsCgkJImF6dXJlYWQiOiB7fQoJfQp9
entities:
- name: User
displayName: "User"
description: User Entity in Azure AD
syncEnabled: false
syncFrequency: MINUTELY
syncMinInterval: 2
apiCallFrequency: SECONDLY
apiCallMinInterval: 1
pageSize: 1000
pageOrderedById: true
attributes:
- name: id
description: "ID of the user"
type: String
indexed: true
normalization: []
list: false
encrypted: true
uniqueId: true
- name: userPrincipalName
type: String
indexed: true
normalization:
- trimSpaces
encrypted: true
- name: businessPhones
type: String
encrypted: true
- name: displayName
type: String
indexed: false
encrypted: true
- name: givenName
type: String
indexed: false
encrypted: true
- name: jobTitle
type: String
indexed: false
encrypted: true
- name: mail
type: String
indexed: true
encrypted: true
- name: mobilePhone
type: String
indexed: false
encrypted: true
- name: officeLocation
type: String
indexed: false
encrypted: true
- name: preferredLanguage
type: String
indexed: false
encrypted: true
- name: surname
type: String
indexed: false
encrypted: true
- name: accountEnabled
type: boolean
indexed: false
encrypted: true
- name: ageGroup
type: String
indexed: false
encrypted: true
- name: city
type: String
indexed: false
encrypted: true
- name: companyName
type: String
indexed: false
encrypted: true
- name: consentProvidedForMinor
type: String
indexed: false
encrypted: true
- name: country
type: String
indexed: false
encrypted: true
- name: createdDateTime
type: DateTime
indexed: false
encrypted: true
- name: creationType
type: String
indexed: false
encrypted: true
- name: deletedDateTime
type: DateTime
indexed: false
encrypted: true
- name: department
type: String
indexed: false
encrypted: true
- name: employeeHireDate
type: DateTime
indexed: false
encrypted: true
- name: employeeId
type: String
indexed: false
encrypted: true
- name: employeeOrgData__costCenter
type: String
indexed: false
encrypted: true
- name: employeeOrgData__division
type: String
indexed: false
encrypted: true
- name: employeeType
type: String
indexed: false
encrypted: true
- name: externalUserState
type: String
indexed: false
encrypted: true
- name: externalUserStateChangeDateTime
type: DateTime
indexed: false
encrypted: true
- name: faxNumber
type: String
indexed: false
encrypted: true
- name: imAddress
type: String
indexed: false
encrypted: true
- name: isResourceAccount
type: boolean
indexed: false
encrypted: true
- name: lastPasswordChangeDateTime
type: DateTime
indexed: false
encrypted: true
- name: legalAgeGroupClassification
type: String
indexed: false
encrypted: true
- name: mailNickname
type: String
indexed: false
encrypted: true
- name: manager__id
type: String
indexed: true
encrypted: true
- name: onPremisesDistinguishedName
type: String
indexed: false
encrypted: true
- name: onPremisesDomainName
type: String
indexed: false
encrypted: true
- name: onPremisesImmutableId
type: String
indexed: false
encrypted: true
- name: onPremisesLastSyncDateTime
type: DateTime
indexed: false
encrypted: true
- name: onPremisesSamAccountName
type: String
indexed: false
encrypted: true
- name: onPremisesSecurityIdentifier
type: String
indexed: true
encrypted: true
- name: onPremisesSyncEnabled
type: boolean
indexed: false
encrypted: true
- name: onPremisesUserPrincipalName
type: String
indexed: false
encrypted: true
- name: otherMails
type: String
indexed: false
encrypted: true
- name: passwordPolicies
type: String
indexed: false
encrypted: true
- name: passwordProfile__forceChangePasswordNextSignIn
type: boolean
indexed: false
encrypted: true
- name: passwordProfile__forceChangePasswordNextSignInWithMfa
type: boolean
indexed: false
encrypted: true
- name: passwordProfile__password
type: String
indexed: false
encrypted: true
- name: postalCode
type: String
indexed: false
encrypted: true
- name: preferredDataLocation
type: String
indexed: false
encrypted: true
- name: proxyAddresses
type: String
indexed: false
encrypted: true
- name: showInAddressList
type: boolean
indexed: false
encrypted: true
- name: signInSessionsValidFromDateTime
type: DateTime
indexed: false
encrypted: true
- name: state
type: String
indexed: false
encrypted: true
- name: streetAddress
type: String
indexed: false
encrypted: true
- name: usageLocation
type: String
indexed: false
encrypted: true
- name: userType
type: String
indexed: false
encrypted: true
- name: Group
description: "Group Entity in Azure AD"
displayName: "Group"
syncEnabled: false
syncFrequency: MINUTELY
syncMinInterval: 2
apiCallFrequency: SECONDLY
apiCallMinInterval: 1
pageSize: 100
pageOrderedById: true
attributes:
- name: id
type: String
indexed: true
encrypted: true
uniqueId: true
- name: classification
type: String
indexed: false
encrypted: true
- name: createdDateTime
type: DateTime
indexed: false
encrypted: true
- name: creationOptions
type: String
indexed: false
encrypted: true
- name: deletedDateTime
type: DateTime
indexed: false
encrypted: true
- name: description
type: String
indexed: false
encrypted: true
- name: displayName
type: String
indexed: true
encrypted: true
- name: expirationDateTime
type: DateTime
indexed: false
encrypted: true
- name: groupTypes
type: String
indexed: false
encrypted: true
- name: isAssignableToRole
type: boolean
indexed: false
encrypted: true
- name: mail
type: String
indexed: false
encrypted: true
- name: mailEnabled
type: boolean
indexed: false
encrypted: true
- name: mailNickname
type: String
indexed: false
encrypted: true
- name: membershipRule
type: String
indexed: false
encrypted: true
- name: membershipRuleProcessingState
type: String
indexed: false
encrypted: true
- name: onPremisesDomainName
type: String
indexed: false
encrypted: true
- name: onPremisesLastSyncDateTime
type: DateTime
indexed: false
encrypted: true
- name: onPremisesNetBiosName
type: String
indexed: false
encrypted: true
- name: onPremisesSamAccountName
type: String
indexed: false
encrypted: true
- name: onPremisesSecurityIdentifier
type: String
indexed: false
encrypted: true
- name: onPremisesSyncEnabled
type: boolean
indexed: false
encrypted: true
- name: preferredDataLocation
type: String
indexed: false
encrypted: true
- name: preferredLanguage
type: String
indexed: false
encrypted: true
- name: proxyAddresses
type: String
indexed: false
encrypted: true
- name: renewedDateTime
type: DateTime
indexed: false
encrypted: true
- name: resourceBehaviorOptions
type: String
indexed: false
encrypted: true
- name: resourceProvisioningOptions
type: String
indexed: false
encrypted: true
- name: securityEnabled
type: boolean
indexed: false
encrypted: true
- name: securityIdentifier
type: String
indexed: false
encrypted: true
- name: theme
type: String
indexed: false
encrypted: true
- name: visibility
type: String
indexed: false
encrypted: true
- name: assignedLabels
type: String
indexed: false
encrypted: true
- name: deletedDateTime
type: DateTime
indexed: false
encrypted: true
- name: resourceBehaviorOptions
type: String
indexed: false
encrypted: true
- name: resourceProvisioningOptions
type: String
indexed: false
encrypted: true
- name: licenseProcessingState
type: String
indexed: false
encrypted: true
- name: GroupMember
description: "Group Member Entity in Azure AD"
displayName: "GroupMember"
syncEnabled: false
syncFrequency: MINUTELY
syncMinInterval: 2
apiCallFrequency: SECONDLY
apiCallMinInterval: 10
pageSize: 100
pageOrderedById: true
attributes:
- name: id
type: String
indexed: true
encrypted: true
uniqueId: true
- name: groupId
type: String
indexed: true
encrypted: true
- name: userId
type: String
indexed: true
encrypted: true
relationships:
- name: Member
displayName: "Member"
from:
attribute: GroupMember.userId
to:
attribute: User.id
- name: GroupMembership
displayName: "GroupMembership"
from:
attribute: GroupMember.groupId
to:
attribute: Group.id
- name: Manager
displayName: "User to Manager"
from:
attributes: User.manager__id
to:
attributes: User.id
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment