Configure Azure AD for EcoSys Connect - EcoSys - 3.1 - Installation & Upgrade - Hexagon

Configuring OAuth2 token providers for EcoSys and EcoSys Connect

Search by Category
Installation & Upgrade
EcoSys Version

This section explains how to set up Azure AD to use with EcoSys Connect. After completing these steps, the following values can be used in your EcoSys/Connect environments.

  • Token URL

  • Client ID

  • Client Secret

  • Scope


  1. Login to the Azure Portal.

  2. Go to the ‘Azure Active Directory’ Service

  3. In the left-hand navigation panel, select ‘App Registrations

  4. Click the ‘New registration’ button

  5. Enter in an Application name. For example, ‘EcoSys-Connect’

    All other options can be left at the default settings.

  6. Click the ‘Register’ button.

  7. Click the ‘Endpoints’ button.

  8. The value from ‘OAuth 2.0 token endpoint (v2)’ is the Token URL that will be used later during the setup.

  9. Copy the URL from the ‘OpenID Connect metadata document’ and open it in a browser.

    1. Find the value for the attribute ‘jwks_uri’, the value is the JWKS URL that will be user later during the setup.

  10. Close the ‘Endpoint’ dialog.

  11. In the left-hand navigation select ‘Overview’.

  12. Copy the ‘Application (Client) ID’. This is the Client ID.

  13. The Scope is the Client ID with /.default added to the end of the string.

    1. Example, if the Client ID is ‘abfe7a2a-73a3-4b34-8bf0-881d71018d4e’ the Scope is ‘abfe7a2a-73a3-4b34-8bf0-881d71018d4e/.default

  14. On the left-hand navigation panel select ‘Certificates & secrets’.

  15. Click on the ‘Client secrets’ tab.

  16. Click the ‘New client Secret’ button.

    1. Enter a ‘Description’ and an expiration.

    2. Click Add.

  17. Copy the ‘Value’ field, this is the Client Secret.

    1. When configuring the ‘Trusted App’ in EcoSys, set the client secret to this value.

  18. When editing the values.yaml during the Connect Installation, leave the ‘’ blank.