This guide provides step-by-step instructions for configuring a minimal EntraId setup to manage users, roles, and applications efficiently.
1. Application Registrations
2. Authentication and Authorization
3. Token and API Permissions
email
, groups
) for use in JWTs, which are used for secure identity validation across services.4. Custom Attributes
businessFilter
) allow organizations to apply additional filters or metadata to user and group profiles, configured and managed using Microsoft Graph CLI.5. Helm Chart Configuration
tenant_id
, client_id
, and client_secret
are configured to support authentication and secure access.6. Example JWT Tokens
FlowxAI.ReadWrite.All
FlowxAI.ReadWrite.All
scope:SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_MAINIDENTITY_CLIENT_SECRET
.businessFilter
.
<application_object_id>
with the object ID of your flowx-api application:extn.businessFilter
.businessFilter
attribute to a user by running the command below. Replace <user_object_id>
with the user’s object ID
:businessFilter
attribute to a group. Replace <group_object_id>
with the group’s object ID
and use the following command:
<user_object_id>
with the user’s object ID. The businessFilter attribute is set to “docs” in this example.Authorization
header).JWT token example
<tenant_id>
, <flowx_web_client_id>
, and <client_id>
with your specific values.