It's therefore important that you make all of the necessary checks to verify the validity of your requests and the responses.
This section provides instructions on how to configure Azure AD with a single-page application (SPA) so that users can authenticate through it and make requests to the WorkflowGen GraphQL API. This configuration is done in three steps: registering your SPA, granting access to the API, and setting some redirect URLs.
Make sure to have a licensed copy of WorkflowGen installed and running on an IIS web server in HTTPS secure connection mode.
Make sure to have administrative access to Azure AD to be able to configure it properly.
Make sure to have provisioned an existing Azure AD user with which you can authenticate to WorkflowGen so that you can use the application afterwards.
Make sure to have successfully configured delegated authentication to Azure AD on your WorkflowGen instance following the instructions in the Azure Active Directory authentication section with the
WorkflowGen GraphQL API application registered as well.
In the Azure portal, click App registrations in the Azure Active Directory section.
Click New registration, and fill in the properties:
My SPA name
Supported account type:
Accounts in this organizational directory only (Single tenant)
✏️ Note: Depending on the context, you should choose the right option for your use case for the supported account type.
https://<my spa login url>
Click Register at the bottom of the page.
You've now successfully registered your application in Azure Active Directory.
Go to the Implicit grant and hybrid flows section.
Check the Access tokens and ID tokens checkboxes.
Now that you've successfully registered your SPA, you need to grant it access to the
WorkflowGen GraphQL API application, which should be already registered if you've met the prerequisites.
Click API permissions.
In the Configured permissions section, click Add a permission.
Click My APIs, then select the
WorkflowGen GraphQL API application in the list.
Click Delegated permissions and check
default under the Permission column.
Click Add permissions.
On the API permissions page, click Grant admin consent for <your tenant name>, then click Yes.