Comment on page

Azure AD Configuration for the WorkflowGen CLI


  • Make sure to have a licensed copy of WorkflowGen installed and running on an IIS web server in HTTPS secure connection mode.
  • Make sure to have Azure AD administrator access to be able to configure Azure AD.
  • Make sure to have provisioned an existing Azure AD user with which you can authenticate to WorkflowGen so that you can use the application afterwards.
  • Make sure to have successfully configured delegated authentication to Azure AD with the Microsoft Identity Platform v2.0 provider on your WorkflowGen instance following the instructions in the Azure AD Authentication section with the WorkflowGen GraphQL API application registered as well.

Interactive mode

Azure Active Directory configuration

This configuration is done in three steps. First, you have to register a new native application in Azure AD. Then, you have to give the application the necessary permissions to access the WorkflowGen GraphQL API. Finally, you have to register the correct callback URLs that will redirect within the native application.

Step 1: Register a new native application

  1. 1.
    In the Azure portal, click App registrations in the Azure Active Directory section.
  2. 2.
    Click New registration, and fill in the properties:
    • Name: WorkflowGen CLI
    • Supported account types: Accounts in this organizational directory only (Single tenant)
      ✏️ Note: Depending on the context, you should choose the right option for your use case for the supported account type value.
    • Redirect URI:
      • Type: Public client/native
      • Value:
    ✏️ Note: Port 8888 is defined by default; you can change it if it's already in use on your computer.
  3. 3.
    Click Register at the bottom of the page.
You've now successfully registered your WorkflowGen CLI native application in Azure Active Directory.

Step 2: Grant access to the GraphQL API

  1. 1.
    Click API permissions.
  2. 2.
    In the Configured permissions section, click Add a permission.
  3. 3.
    Click My APIs, then select the WorkflowGen GraphQL API application in the list.
  4. 4.
    Click Delegated permissions and check default under the Permission column.
  5. 5.
    Click Add permissions.
  6. 6.
    On the API permissions page, click Grant admin consent for <your tenant name>, then click Yes.

Review the registration

Take note of the information you'll need later on:
  • A client ID: This is the application (client) ID in the Overview section of your application registration.
  • A tenant ID: This is the directory (tenant) ID in the Overview section of your application registration.
You'll need to give this information to the users who will be using the WorkflowGen CLI.
You've now successfully registered the WorkflowGen CLI in your Azure AD.

Non-interactive mode

The configuration of non-interactive mode is the same as in the Azure AD Configuration for Server-Side Scripts section.