This is effectively creating the registration for the client side applications that are allowed to authenticate against the Azure Active Directory.
Open the Azure portal (https://portal.azure.com) and log in with your credentials.
Make sure that you are using the appropriate Azure tenant domain. We recommend that the default xxx.onmicrosoft.com tenant be used (eg. mytenant.onmicrosoft.com)
Find the menu item “Azure Active Directory”. As there are a few ways to find the link on the portal, the simplest way is to perform a search for “Active Directory” and it will be listed as a service.
Once you have found the option, select it and then select “App registrations”; you will be presented with the following screen:
App registrations screen
Select “+ New application” at the top, you will get the following screen:
Register an application screen
Fill in the following details:
Name – This is the name of the application, it must be the value M1xApps
Supported account types – Select “Accounts in this organizational directory only”
Platform configuration – Select “Client Application (Web, iOS, Android, Desktop+Devices)”
Once the details are filled in, click the “Register” button.
Click “API Permissions” on the left menu. On the right of “Microsoft Graph (1)”, there are three dots. Right-click to bring up a menu, then select “Remove all permissions”. A prompt will ask you to confirm, click “Yes, remove” to remove this item:
Click “+ Add a permission”, ensure “Microsoft APIs” are selected at the top and click on “Microsoft Graph”
Request API permissions screen
Select “Delegated permissions”, scroll down to “User” and expand the tree. Tick the item “User.Read” and then click “Add permissions”:
Request API permissions screen
Click “+ Add a permission” again, ensure “My APIs” are selected at the top and click on “M1x”:
Expand “User” then tick the boxes that correspond to “user_impersonation” and “User.Read”. Click “Add permissions” when done:
Select permissions screen
Click “Expose an API” on the left side menu.
Note that the heading “Application ID URI” near the top will have a “Set” link, click “Set” to open the dialogue that will allow you to set an application ID URI:
Enter the Application ID URI as the combination of the default tenant with HTTPS at the beginning and the GUID that was originally in the dialogue after “api://” value (eg. https://mytenant.onmicrosoft.com/xxxxxx-xxx-xxx-xxxxxxxxxx). Click “Save” to set the Application ID URI.
Click “+ Add a scope” and you will see the following dialogue:
Add a scope dialogue
Fill in the following details:
Scope name – This is the name of the scope, it must be the value user_impersonation
Who can consent? – Select “Admins and users”
Admin consent display name – Enter the value Access M1x
Admin consent description – Enter: Allow the application to access M1x on behalf of the signed-in user.
User consent display name - Enter the value Access M1x
User consent description – Enter: Allow the application to access M1x on your behalf.
Once the details are filled in, click the “Add scope” button.
Select “Authentication” on the left menu; you will see:
Authentication screen
Click “+ Add a Platform”, then select “Web”:
Configure platforms screen
Enter the default tenant address with the M1xApps directory at the end (eg. https://mytenant.onmicrosoft.com/M1xApps) as the value within “Redirect URIs” and ensure that “Access tokens” and “ID Tokens” are ticked. Click “Configure” when done”:
Configure Web screen
The following steps are for M1x iOS applications, skip to step 22 if you are not using iOS-based applications. Click “+ Add a Platform”, then select “Mobile and desktop applications”:
Configure platforms screen
In the prompt “Custom redirect URIs”, enter the value urn:ietf:wg:oauth:2.0:oob and then click “Configure”:
Configure Desktop + devices screen
The following steps are for M1x Android applications, skip to step 27 if you are not using Android based applications. Click “+ Add a Platform”, then select “Android”:
Configure platforms screen
The following screen will be presented after clicking “Android”:
Configure your Android app screen
Fill in the following details:
Package name – This is the name M1x application package, the full list will be presented below. (eg. com.coins.mobile.mtech)
Signature hash – This should be the value bgwlNQRdrlgStkPJCxMddteK5X8=
Once the details are filled in, click the “Configure” button.
The full list of production M1x Android package names are as follows (for development or QA versions, contact Mobile Support or Mobile Development):
com.coins.mobile.mtech
com.coinsglobal.mtech
com.pervasic.mfm
com.pervasic.mcare
com.pervasic.mtick
com.pervasic.msite
com.coinsglobal.poreceipts
com.coinsglobal.mforms
com.coinsglobal.msales
com.coinsglobal.crm
Once you have clicked “Configure”, you will see the following screen. Click “Done” to save:
Android configuration screen
Repeat steps 22 to 25 for each M1x Android application that will be used.
Click on “Branding” on the left menu, then fill in the “Home” with the default tenant URL and the M1xApps directory (eg. https://mytenant.onmicrosoft.com/M1xApps). Click “Save” when done:
Branding screen
