Browse Guides

Loading list...
X
Email Templates
Resource Booking
One-Click Feedback
Sage 50 UK Integration
Suppliers
Dynatrace Integration
Email Rules
AI Auto Triage
Call Scripts
Statuses
X.509 for encryption
Halo Application Licensing
Mail Campaigns
Services
The Service Catalogue - Advanced Configuration
Roles
Consignment PDFs
Awaiting Review/Ticket Review Processing
Improve Search Using AI
Zabbix Integration
SharePoint Integration
Connectwise RMM Integration Guide
Jira Service Management Integration
Chat Bot and Chat Profiles
Halo Accounts Integrator Setup
Azure Key Vault Integration
Using the Halo API
Azure Monitor Integration
My Account
Atera RMM Integration
Date Format
User Management
Creating and Updating Tickets via Email
Followers and Following Tickets
Leveraging AI in Halo
Agent Permission Settings
Jira Software Integration
Contents of Incident Management guides
QuickBooks Online Integration
Modifying and Adding Workflows
Advanced Settings
Invoicing Explained
Notifications
Custom Integrations/Runbooks
Altering Ticket Types
Asset Type & Asset Import - CSV/XLS/Spreadsheet Method
Ticket Templates
Call Management
Adobe Commerce Integration (Magento)
Wordpress.org Integration
Wordpress.com Integration
Trustpilot Integration
Rhipe Integration (Crayon PRISM)
Reacting Personal Information on Tickets - PII Data Flagging
User Roles
Recurring Bills
Service Search - Order Service Search by Relevance
Device42 Integration
Account Managers
Assetbots Integration
Start to Finish: Service Desk Basics
Integrating with Other Accounts Tools
Invoice Statuses
Security Questions
SeatGeek Integration
SailPoint Identity Now Integration
Dicker Data Integration
SFTP CSV imports Integration
Mail Campaign flows
Security Questions
SLA Escalation Rules and Automations
Alemba Migration
Customising how your Tickets Look
Searching the Knowledge Base
Splunk On Call Integration
Intermedia Contact Centre Integration
Customising Ticket Views in Halo
Start to Finish: Organisation Structure
Create a Contract from a Sales Order
Opinyin Integration
ITQuoter Integration
AI Ticket Clustering
Optional Items on Quotations
Cove Usage Billing Sync
AuthRocket Integration
AT&T Integration
Triggering Mail Campaigns From Opportunities
Chat Profile (for Self-Service Portal) Overrides
RMM/Alerting Integrations Comparisons
KashFlow Integration
Sophos Integration
AI Acknowledgement Emails
Hopewiser Integration
Call Scripts
Progressive Web Application
Ticket View Overrides
Sales Mailboxes - Google
Email Start Tag being Auto-Filled with your email address (Keeper Browser Extension)
Redacting Card and Social Security Numbers (SSN)
Connecting Claude to Halo's MCP Server
An Introduction to Halo
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Using and Configuring Halo
Using and Configuring Halo
Integrations
Integrations
Configuration Settings Guides
Configuration Settings Guides
On-Premises Guides
On-Premises Guides
About Halo
About Halo
Authentication Methods for Microsoft Integrations
Reading mode
Copy Link
Link Copied!
Print
Feedback
This guide has multiple versions available:
<style>p { margin: 0; }span.fr-emoticon.fr-emoticon-img { background-repeat: no-repeat !important; font-size: inherit; height: 1em; width: 1em; min-height: 20px; min-width: 20px; display: inline-block; margin: -0.1em 0.1em 0.1em; line-height: 1; vertical-align: middle; } span.fr-emoticon { font-weight: normal; font-family: "Apple Color Emoji", "Segoe UI Emoji", "NotoColorEmoji", "Segoe UI Symbol", "Android Emoji", "EmojiSymbols"; display: inline; line-height: 0; } blockquote { border-left: solid 2px #5e35b1; color: #5e35b1; margin-left:0; padding-left:5px;}blockquote blockquote{ border-color: #00bcd4; color: #00bcd4;}blockquote blockquote blockquote{ border-color: #43a047; color: #43a047;} table.grid{ border-collapse: collapse;} table.grid td, table.grid th { border: 1px solid #ddd;} .fr-fic.fr-dib{ display: block; margin: 5px auto;}.fr-fic.fr-dib.fr-fir{ text-align: right; margin: 5px 0 5px auto;}.fr-fic.fr-dib.fr-fil{ text-align: left; margin: 5px auto 5px 0;}.fr-fic.fr-dii{ float: none; margin: 5px auto;}.fr-fic.fr-dii.fr-fil{ float: left; margin: 5px auto;}.fr-fic.fr-dii.fr-fir{ float: right; margin: 5px auto;}img.fr-dib.fr-fir { margin-right: 0; text-align: right;}img.fr-dib.fr-fil { margin-left: 0; text-align: left;}img.fr-dib { margin: 5px auto; display: block; float: none;}img.fr-bordered { box-sizing: content-box; border: solid 5px #CCC;}img.fr-shadow { box-shadow: 10px 10px 5px 0px #cccccc;}img.fr-rounded { border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; -moz-background-clip: padding; -webkit-background-clip: padding-box; background-clip: padding-box;}</style><style> p { margin: 0; } span.fr-emoticon.fr-emoticon-img { background-repeat: no-repeat !important; font-size: inherit; height: 1em; width: 1em; min-height: 20px; min-width: 20px; display: inline-block; margin: -0.1em 0.1em 0.1em; line-height: 1; vertical-align: middle; } span.fr-emoticon { font-weight: normal; font-family: "Apple Color Emoji", "Segoe UI Emoji", "NotoColorEmoji", "Segoe UI Symbol", "Android Emoji", "EmojiSymbols"; display: inline; line-height: 0; } blockquote { border-left: solid 2px #5e35b1; color: #5e35b1; margin-left: 0; padding-left: 5px; } blockquote blockquote { border-color: #00bcd4; color: #00bcd4; } blockquote blockquote blockquote { border-color: #43a047; color: #43a047; } table.grid { border-collapse: collapse; } table.grid td, table.grid th { border: 1px solid #ddd; } .fr-fic.fr-dib { display: block; margin: 5px auto; } .fr-fic.fr-dib.fr-fir { text-align: right; margin: 5px 0 5px auto; } .fr-fic.fr-dib.fr-fil { text-align: left; margin: 5px auto 5px 0; } .fr-fic.fr-dii { float: none; margin: 5px auto; } .fr-fic.fr-dii.fr-fil { float: left; margin: 5px auto; } .fr-fic.fr-dii.fr-fir { float: right; margin: 5px auto; } img.fr-dib.fr-fir { margin-right: 0; text-align: right; } img.fr-dib.fr-fil { margin-left: 0; text-align: left; } img.fr-dib { margin: 5px auto; display: block; float: none; } img.fr-bordered { box-sizing: content-box; border: solid 5px #CCC; } img.fr-shadow { box-shadow: 10px 10px 5px 0px #cccccc; } img.fr-rounded { border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; -moz-background-clip: padding; -webkit-background-clip: padding-box; background-clip: padding-box; } </style><p id="isPasted"><strong>In this guide we will cover:</strong></p><p><strong>- App Registration Basic Setup</strong></p><p><strong>- Method 1: Secret Authentication</strong></p><p><strong>- Method 2: Certificate Authentication</strong></p><p><strong>- Method 3: Federated Credential Authentication</strong></p><p><br></p><p><br></p><p><strong>Related Articles:</strong></p><ul><li style="font-weight: bold;"><a href="https://usehalo.com/haloitsm/guides/2290" target="_blank" rel="noopener noreferrer"><strong>Azure Deltas</strong></a></li><li style="font-weight: bold;"><a href="https://usehalo.com/haloitsm/guides/1106" target="_blank" rel="noopener noreferrer"><strong>Microsoft Entra ID Integration</strong></a></li><li style="font-weight: bold;"><a href="https://usehalo.com/haloitsm/guides/2322" target="_blank" rel="noopener noreferrer"><strong>Single Sign on (SSO) For Entra/CSP Users and Agents</strong></a></li></ul><p><br></p><p>When setting up a Microsoft integration, there are generally a number of different permission types and authentication options that can be used.</p><p><br></p><p>Before setting up your integration, Halo recommends you review:</p><p><br></p><ul><li>The difference between delegated and application permissions using <a href="https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http" target="_blank" rel="noopener noreferrer"><strong>Microsoft&#39;s guide</strong></a>.</li><li>The configuration of <a href="https://learn.microsoft.com/en-us/powershell/module/exchange/new-applicationaccesspolicy?view=exchange-ps" target="_blank" rel="noopener noreferrer"><strong>Application Access Policies</strong></a> and configure one where relevant (Mail and Exchange Calendars). Some supplemental instructions are available <a href="https://learn.microsoft.com/en-us/graph/auth-limit-mailbox-access" target="_blank" rel="noopener noreferrer"><strong>here</strong></a>.</li></ul><p id="isPasted">If unsure which permission type to use, Applications Permissions are the simplest, feature-rich and most stable option.</p><p><br></p><p><strong><span style="font-size: 14pt;">App Registration Basic Setup</span></strong></p><p>Regardless of the permission type or authentication method you choose, there are some basic steps that you will need to complete for any App Registration.</p><p><br></p><p>Open the Entra Admin Center (or similar) and navigate to the App Registration section. Click &quot;New Registration&quot;.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjYyZmYyN2YwLWFkODgtNGVkYS05ZWUwLTIxNzFmZjE3YTlmZCJ9.kO_fiQ-6SvcOtWJYiXCrWg7IlYs9OEpClx67d1TILGk" class="fr-fic fr-fil fr-dib" width="1511" style="width: 1513px; height: 383.427px;" height="383"></p><p><strong><span style="font-size: 10pt;">Fig 1. App registration&nbsp;</span></strong></p><p><br></p><p>On the registration screen you will want to fill out:</p><p><br></p><ul><li><strong>Name:&nbsp;</strong>Be aware in some situations the name will be visible to end-users (when configuring the SSO application for example).</li><li><strong>Supported Account Type:</strong> Single Tenant except for SSO and CSP.</li><li><strong>Redirect URI:</strong> The integration setup page/guide will tell you if you need one and the value required. Platform is always &quot;Web&quot;.</li></ul><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjhiMmQ0MzZiLWQ1ZjctNGM1ZS04YjQyLTc4ODBlZTBhZThhYSJ9.504HuiUSRlfT8jBDWcKBqiw2J6S66Q2ow98n2Gld2Eo" class="fr-fic fr-fil fr-dib" width="896" height="542"></p><p><strong><span style="font-size: 10pt;">Fig 2. Creating an application</span></strong></p><p><br></p><p>Click &quot;Register&quot;. Once registered, copy the &quot;Application (client) ID&quot; and &quot;Directory (tenant) ID&quot; from the Overview tab and store them safely, as these will be needed later.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjdkYjA0NDVhLTFjYjYtNDMzYi05MTNhLWYxNDI0NGRjYzQ0YSJ9.YpbcxXsAwmbxguXeG4_-2jZ1AvisVEZArtjIc65xIEM" class="fr-fic fr-fil fr-dib" width="1693" style="width: 1695px; height: 709.117px;" height="709"></p><p><strong><span style="font-size: 10pt;">Fig 3. Copying IDs</span></strong></p><p><br></p><p>In the &quot;API permissions&quot; section, remove the default &#39;User.Read&#39; permission unless the integration configuration requires it.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjFjMzcwMWQ2LTQxNzItNDFlNS1iNmMxLWYyYmY3NmIzMDg0YiJ9.gRa6FSnYK5GQkE-F_wFAfKskO6hLWbXQDZ1TjNkw4G0" class="fr-fic fr-fil fr-dib" width="1692" style="width: 1694px; height: 528.629px;" height="529"></p><p><strong><span style="font-size: 10pt;">Fig 4. Removing User.Read permission</span></strong></p><p><br></p><p>Click &quot;Add a permission&quot;, then choose the relevant API (generally Microsoft Graph but the integration page will tell which API if not), and choose your permission. If the permissions on the integration&#39;s configuration page and the guide differ, use what the integration page in Halo gives and report this difference to our support team.&nbsp;</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjE5MGIzZmRmLTFjNzEtNDA2NC1iZDQ1LTNjYTdiY2Q1MmE3MyJ9.jNwObtJAbeqdVBBZoH8_w55P3d939wYaWBcGRhqGD28" class="fr-fic fr-fil fr-dib" width="1703" style="width: 1705px; height: 551.043px;" height="551"></p><p><strong><span style="font-size: 10pt;">Fig 5. Adding other permissions</span></strong></p><p><br></p><p>Grant admin consent (if required).&nbsp;</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjNlOWEzYWM1LWFlYWYtNDRiNC04NDM5LTNkN2IzM2UxNGMxYSJ9.gezXFfsroTYpnRVsH0qUsR91-7CLqPsE9O16RhgrnUc" class="fr-fic fr-fil fr-dib" width="1431" style="width: 1433px; height: 733.263px;" height="733"></p><p><strong><span style="font-size: 10pt;">Fig 6. Granting admin consent</span></strong></p><p><br></p><p>The &quot;Status&quot; column will change if consent has been successfully granted.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6Ijk1NjE4ZDEzLWYzZDAtNDBmMy1hNmVlLTE4ODViM2ZkNGIzMSJ9.xGKsixI-iwWcrJdjIuAoWlE9I7XcH3tp7_NGVJyLlAQ" class="fr-fic fr-fil fr-dib" width="1430" style="width: 1432px; height: 693.675px;" height="694"></p><p><strong><span style="font-size: 10pt;">Fig 7. Permission with admin consent granted</span></strong></p><p><br></p><p>Once completed, you will now need to select your authentication option. <em><strong>Note: Not all options are available for all Microsoft integrations.</strong></em></p><p><br></p><p><strong><span style="font-size: 14pt;">Method 1: Secret Authentication</span></strong></p><p>In Halo, choose &quot;Client Secret&quot; as your &quot;Credential Type&quot;.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImIyZWJhZDVmLTVkNDMtNGIzOC1iYzE4LTE5M2EwMTZhYjZmYyJ9.j6ECYwIhcbjFFx8-ShCHYHI7W2gwnnLRsUfn2yx05PI" class="fr-fic fr-fil fr-dib" width="377" height="180"></p><p><strong><span style="font-size: 10pt;">Fig 8. Choosing a credential type</span></strong></p><p><br></p><p>In Azure, navigate to the &quot;Certificates &amp; secrets&quot; tab, and open the &quot;Client secrets&quot; tab. Click &quot;New client secret&quot;, fill out the description and choose an expiry. Microsoft limits this to a maximum of 2 years from creation. Once this generates, copy the &quot;Value&quot; (not Secret ID) and store it securely. It will no longer be visible once you leave this screen.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjJkNjU3MmQzLTBjN2UtNGQ1Ny05MjdjLTIwYTAxODRhM2I3MyJ9.VUXFd_YkwMY43pQtqqYBVJzjniSP8o-ON4twC8sUtvs" class="fr-fic fr-fil fr-dib" width="1442" style="width: 1444px; height: 483.867px;" height="484"></p><p><strong><span style="font-size: 10pt;">Fig 9. Adding client secret</span></strong></p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImRkYTFhMjI2LTI3OTktNDUyYi04OTljLTQ5NWExZDZlY2M5NSJ9.RVxb4nCM6ebCzzdkYHcnx7-sDSVZzQu0kFz0EQmhQlE" class="fr-fic fr-fil fr-dib" width="1443" style="width: 1445px; height: 643.559px;" height="644"></p><p><strong><span style="font-size: 10pt;">Fig 10. Copying the secret value</span></strong></p><p><br></p><p>Back in Halo, add this secret to the secret field along with the Tenant and Application IDs.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjBiMzEwNzE0LWI4NjEtNDQ0Ny1iNjBhLTVkNzM4NWY4MjhiMCJ9.30hmYZMif2tGs3y_UtbEK8u13VFBiOblTIxYeHhr--g" class="fr-fic fr-fil fr-dib" width="1439" style="width: 1441px; height: 1020.2px;" height="1020"></p><p><strong><span style="font-size: 10pt;">Fig 11. Adding the application details into Halo</span></strong></p><p><br></p><p><strong><span style="font-size: 12pt;">If using delegated permissions</span></strong></p><p>There will be a &quot;Sign in with Microsoft&quot; button. Once pressed, you will be directed to the Microsoft Sign-In screen where you can sign in before being re-directed back to Halo. You will need to sign in with an account with appropriate permissions to access the resources you wish to import. For example, if authorising the Intune integration, the user will need permission to view all Intune devices.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6Ijg4ODZlNjg3LTdlNTItNGIzZC04YWEzLTVhNGRhNzk2NmUwMCJ9.xUZhYv4yfll4onZOGZI-EvcGfeF8QVjgZK_UCU127eM" class="fr-fic fr-fil fr-dib" width="494" height="377"></p><p><strong><span style="font-size: 10pt;">Fig 12. Sign in button (Delegated)</span></strong></p><p><br></p><p>If the authentication has been successful, the permissions/redirect URIs will have disappeared and the other tabs become accessible (if they weren&#39;t before). If unsuccessful, an error will appear in a model windows once re-directed back to Halo.</p><p><br></p><p><img data-fr-image-pasted="true" src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjZlNDYxZTVkLTcxNjAtNDI3MS1iYmQwLTZhZjZhN2E4ZWFiMyJ9.jj2elVyQGKoamNA4EiYKP7dtBy6DwW3ExBV_tNqdeLM" width="1398" height="925" style="box-sizing: inherit; border-style: none; cursor: pointer; padding: 0px 1px; user-select: none; text-align: left; color: rgb(0, 0, 0); font-family: sans-serif; font-size: 14px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: normal; background-color: rgb(255, 255, 255); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; width: 1400px; height: 925.235px; max-width: none !important;" id="isPasted" class="fr-fil fr-dib"></p><p><strong><span style="font-size: 10pt;">Fig 13. Successful connection (Delegated)</span></strong></p><p><br></p><p><strong><span style="font-size: 12pt;">If using application permissions</span></strong></p><p>There will be an &quot;Authorise Application&quot; button. Once pressed, the application will attempt authorisation without leaving Halo.&nbsp;</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY1MmFhNTY2LTcwZGEtNGNiZS1hYTI0LTdmMThmNjg0MGZmZCJ9.HIxhpfn-_qkK6eOa69CZYdLE6kq5jWgMalbBI_jvErQ" class="fr-fic fr-fil fr-dib" width="643" height="432"></p><p><strong><span style="font-size: 10pt;">Fig 14. Authorize Application button (Application)</span></strong></p><p><br></p><p>If successful, the button will disappear and relevant tabs will be unlocked. If unsuccessful, an error code will appear in a modal window.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImFkZTI0ZDVhLTlmMDktNDMzNS1iOTFiLTQyYTQ0MDc0NjI0NCJ9.DSvLkGG4afqb9quod8ZjPloNy_H2mb0x_PPuzQn3VNc" class="fr-fic fr-fil fr-dib" width="1412" style="width: 1414px; height: 958.366px;" height="958"></p><p><strong><span style="font-size: 10pt;">Fig 15. Successful connection (Application)</span></strong></p><p><br></p><p><strong><span style="font-size: 14pt;">Method 2: Certificate Authentication</span></strong></p><p>In Halo, choose &quot;Certificate&quot; as your &quot;Credential Type&quot;.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjIyOGMxMDg4LWZhMTEtNDk2Zi05OGRjLTM5ODYxYjM3YTlhNSJ9.KEwzPm1EtgmaM0JxB1LOBT9YFtMcEzCWxx8_av2FS8U" class="fr-fic fr-fil fr-dib" width="377" height="180"></p><p><strong><span style="font-size: 10pt;">Fig 16. Selecting credential type</span></strong></p><p><br></p><p>You will need access to a valid X.509 certificate before starting. You will need this in both &quot;.pfx&quot; format (with access to the export password) and in &quot;.cer, .pem or .crt&quot; for Azure.&nbsp;</p><p><br></p><p>Once you have these, within Halo navigate to Configuration &gt; Advanced Settings &gt; Certificates. Create a new certificate entry by giving it a name, uploading the file, entering the password, and saving.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImZlOTk1M2I0LTkzNDItNDg2MC05Zjk3LTg0NzUxZTk4MTFhYyJ9.20g5KtL9wh_Z1nnNRbf6sZoGCAeqIhvs84Y72w92DrY" class="fr-fic fr-fil fr-dib" width="1406" style="width: 1408px; height: 570.968px;" height="571"></p><p><strong><span style="font-size: 10pt;">Fig 17. Creating a certificate entry</span></strong></p><p><br></p><p>In Azure, navigate to the &quot;Certificates &amp; secrets&quot; tab, and open the &quot;Certificates&quot; tab. Click &quot;Upload Certificate&quot;, upload the file, and give it a description before clicking &quot;Add&quot;.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6Ijc1NzhlNDM3LWVmMzUtNGE3MS04YzFkLWY2MTQ2OTUzYmI3OCJ9.KPMtbI30Tk181hm8xgV08TQxrhcL52bWQiR-xQTWqvc" class="fr-fic fr-fil fr-dib" width="1413" style="width: 1415px; height: 504.958px;" height="505"></p><p><strong><span style="font-size: 10pt;">Fig 18. Uploading the certificate</span></strong></p><p><br></p><p>Back in Halo, input the Tenant and Application IDs and choose the uploaded certificate before saving.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRjMGUyMGQ0LWRkMDMtNGM2Yi05NjgyLWU0OTEyYTFjMjkxYyJ9.530HdYiVnpC-PWIVZip3t8oZagqQ8VETUH_8lYQlqMQ" class="fr-fic fr-fil fr-dib" width="1294" height="1075"></p><p><strong><span style="font-size: 10pt;">Fig 20. Selecting the certificate</span></strong></p><p><br></p><p><strong><span style="font-size: 12pt;">If using delegated permissions</span></strong></p><p>There will be a &quot;Sign in with Microsoft&quot; button. Once pressed, you will be directed to the Microsoft Sign-In screen where you can sign in before being re-directed back to Halo. You will need to sign in with an account with appropriate permissions to access the resources you wish to import. For example, if authorising the Intune integration, the user will need permission to view all Intune devices.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjQ1NWQ3MDg4LTY1NjAtNGEyZC1hMmY5LTJjOGRkOWYyNzRjMCJ9.pd1fln56vIikNuhCFPr44GZaOh8usltJ43HEWGoj-vQ" class="fr-fic fr-fil fr-dib" width="676" height="337"></p><p><strong><span style="font-size: 10pt;">Fig 21. Sign in button (Delegated)</span></strong></p><p><br></p><p>If the authentication has been successful, the permissions/redirect URIs will have disappeared and the other tabs become accessible (if they weren&#39;t before). If unsuccessful, an error will appear in a model windows once re-directed back to Halo.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjU1ZGI1MmVjLWM1MTUtNDU3Yy1hNDA5LTdkZTdiYzI1OGM3MSJ9.x04dMdT3qOnDiqF6iZz44j-tBvVCwDwqs14wirS1-Lw" class="fr-fic fr-fil fr-dib" width="1513" style="width: 1515px; height: 1104.55px;" height="1105"></p><p><strong><span style="font-size: 10pt;">Fig 22. Successful connection (Delegated)</span></strong></p><p><br></p><p><strong><span style="font-size: 12pt;">If using application permissions</span></strong></p><p>There will be an &quot;Authorise Application&quot; button. Once pressed, the application will attempt authorisation without leaving Halo.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVjZDNlNjEzLTRiZDctNGZmOC1iMzViLWFmMzJmN2RjNjBiZCJ9.0mYkuVwyTQMtEpCWm2Julk_rQ3Rt51MKQ4n_7vQ1uLc" class="fr-fic fr-fil fr-dib" width="728" height="358"></p><p><strong><span style="font-size: 10pt;">Fig 23. Authorize Application button (Application)</span></strong></p><p><br></p><p>If successful, the button will disappear and relevant tabs will be unlocked. If unsuccessful, an error code will appear in a modal window.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImY1MGJkZjFjLTQ2YjctNDcyMy1iNzUwLTExOGVkNzk3ZTg1YyJ9.qLjzaFhxF-k3vuMvFbUBOS5G8DcTuK0w4EzmbIaPiCs" class="fr-fic fr-fil fr-dib" width="1024" height="789"></p><p><strong><span style="font-size: 10pt;">Fig 24. Successful connection (Application)</span></strong></p><p><br></p><p><strong><span style="font-size: 14pt;">Method 3: Federated Credential Authentication</span></strong></p><p>In Halo, choose &quot;Federated Credentials&quot; as your &quot;Credential Type&quot; and choose an Agent to use.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjA3OGUzNDQ5LTIyYjgtNDAwYy1iYTQ4LTE0MGNjMGY0ZWUzNiJ9.AlchM2_xpZG45AR8vmTniBPW1jjtnNxmQYlhq2vwuMY" class="fr-fic fr-fil fr-dib" width="492" height="189"></p><p><strong><span style="font-size: 10pt;">Fig 25. Selecting a credential type</span></strong></p><p><br></p><p>Once saved, you will be presented with some values you will need to input into Azure.&nbsp;</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImY5ZTYxODY3LWZiOGItNDI3ZS1hODQ1LWMyZTE2N2MxYzdiNyJ9.xqUsdJLeoDy2xsOoVWkkr6XxC4SbalCguX6_FXF2YEM" class="fr-fic fr-fil fr-dib" width="698" height="670"></p><p><strong><span style="font-size: 10pt;">Fig 26. Credentials to copy</span></strong></p><p><br></p><p>In Azure, navigate to the &quot;Certificates &amp; secrets&quot; tab, and open the &quot;Federated credentials&quot; tab. Click &quot;Add Credential&quot;, and choose &quot;Other issuer&quot; as your &quot;Federated credential scenario&quot;.</p><p><br></p><p>The following fields need to be filled out:</p><p><br></p><ul><li><strong>Issuer:</strong> Copy &quot;Issuer URL&quot; from the Halo configuration page.</li><li><strong>Value:&nbsp;</strong>Copy &quot;Subject claim to validate&quot; from the Halo configuration page.</li><li><strong>Name:&nbsp;</strong>Choose a name.</li><li><strong>Audience:&nbsp;</strong>Copy &quot;Audience claim to validate&quot;.</li></ul><p>Then click &quot;Add&quot;.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImMyZDNmYjVhLTliZTMtNDcwYy05ZTdlLTI1MTllYzhhZDQzYSJ9.BCUdMLyEHe79EhXz-rWLZGRvzQtfkOxiRTy0TgUKbfg" class="fr-fic fr-fil fr-dib" width="1048" style="width: 1050px; height: 1088.47px;" height="1088"></p><p><strong><span style="font-size: 10pt;">Fig 27. Setting the credential details</span></strong></p><p><br></p><p>Back in Halo, input the Tenant and Application IDs and save. Click the &quot;Authorise Application&quot; button.&nbsp;</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjFiMDUxMDI5LWY1MjItNGQ2OS04YWY0LWI1ZGEyZTAyZTE0MSJ9.9rsgCiA7HilZJjPITYi8UckFzlnS5BKP-KANbpgmGbw" class="fr-fic fr-fil fr-dib" width="728" height="358"></p><p><strong><span style="font-size: 10pt;">Fig 28. Authorizing application</span></strong></p><p><br></p><p>If successful, the button will disappear and relevant tabs will be unlocked. If unsuccessful, an error code will appear in a modal window.</p><p><br></p><p><img src="https://halo.haloservicedesk.com/api/attachment/image?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjliY2FmNmQwLWQ1YjAtNGZkNi1iYzM2LWFhNTdhNzBhMTE4YyJ9.WIIgPAIIw55G-8C1AJ2T-eTcW0dNPYwlEJDUzYTy8EA" class="fr-fic fr-fil fr-dib" width="1329" style="width: 1331px; height: 775.411px;" height="775"></p><p><strong><span style="font-size: 10pt;">Fig 29. Successful connection</span></strong></p><p><br></p><p><br></p>
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Platform
Platform Capabilities >
Use Cases
View all Use Cases >
Resources
Halo
Subscribe to Halo for latest news

By submitting, you are agreeing to our privacy policy.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Follow
© 2026 Halo Service Solutions. All Rights Reserved.
Terms & ConditionsPrivacy PolicySecurityTrust CentreGDPRAccessibilityModern Slavery StatementService Status