In order for XTAM to reset Azure or Office 365 passwords, you will need to register a new application in your Azure Active Directory. Please review the following steps to create, register and properly permission the App in your Azure AD.
Note that an Azure Portal Administrator account is required for this procedure.
Login to your Azure Portal (https://portal.azure.com) using an Administrator account.
Locate and open the Azure Active Directory service. If you do not immediately see it in the left blade menu, click More Services and then enter Azure Active Directory in the filter box.
Open App Registrations in the Azure Active Directory menu.
Click New Application Registration.
Enter a Name for the new App. The name could be anything you choose, however we would recommend something like XTAM Password Reset App so other Admins will recognize it. Select Application Type
Native and Redirect URl
http://graphclient. Click Create to continue.
Open your new app by clicking on it once it is created.
From within the App settings, locate and open the Required Permissions menu.
In Required Permissions, click the Add button.
Select the API Microsoft Graph and Enable Access (check the box) for the delegated permission Sign In and Read User Profile. Click Select to continue.
When both the API and Permissions have been selected, click Done on the Add API Access blade. Microsoft Graph will now appear in the Require Permissions table with 1 delegated permission.
Next we will need to modify the default Windows Azure Active Directory API. Click to select the Windows Azure Active Directory API. If it is not listed, click Add and then select it from the list of available APIs to continue.
In the Windows Azure Active Directory Enable Access menu, select the following 2 permissions, Access the directory as the signed-in user and Sign in and read user profiles. Click Save to continue.
The Required Permissions for this App should now show Windows Azure Active Directory with 2 delegated permissions and Microsoft Graph with 1 delegated permission.
In the Required Permissions menu, click the Grant Permissions button.
Read and confirm the Grant Permissions description by clicking the Yes button.
The configuration is now complete. Return back to this registered App’s Setting page, locate and copy the Application ID value.
Login to XTAM with a Global Administrator account and navigate to Administration > Settings > Parameters.
Locate the field Azure App ID and paste here the App ID that was copied from Azure.
Click the Save button to complete the operation.
The configuration is now complete. At this point, we would recommend testing this password reset function on a test Azure Administrator or Office 365 Global Administrator account. If the password reset fails with a message about granting consent to the App, please review the steps again and ensure everything is setup correctly.
As always, if issues continue to arise please don’t hesitate to contact our Support Team.