Register O365 Splice application with Azure AD

The o365 Splice application will need to be registered with Azure AD to grant it permission to call the Microsoft Graph API. Follow the steps below for registration.

1.Login as admin to and click on Azure Active Directory

2. Go to App Registrations

3. Click on New Registration

4.Provide a name for the application and for supported account types, pick “Accounts in this Organizational Directory Only” and hit on “Register”

5. Copy the values for Client ID, Tenant ID.

6. Click on Certificates & secrets

7. Click on New client secret

8. Add a description and click on Add

9. Copy the Client Secret value by clicking on the copy icon.

10. Cloud Run Deploy command with values for Client ID, Client Secret and Tenant ID.

11.Go to the registered application and click on API Permissions and then on Add a permission.

a. In the window that pops up, click on Microsoft Graph

b.Click on Application permissions

c. Search and add the following Application permissions

  • Directory.ReadWrite.All

  • User.ManageIdentities.All

  • User.ReadWrite.All

d. After adding all the permissions, the Status initially shows as Not granted. Click on “Grant admin consent for..”

e.After granting the permissions, a green tick mark should be seen under the status column for each of the permissions

12. Continue to edit the configuration file, application.yml as per the table below

Field Name

Field Description


 certs URL. For example, https://<>/auth/realms/IDHub/protocol/openid-connect/certs. Replace <> with the name of the server where the connector is deployed, rest remains the same


The hostname /IP of IDHUB application


Tenant / Keyclock realm name


The client ID of client under idhub.realm of Keyclock


Password for client Id


Follow this document to generate access and refresh tokens



Set to false

Name of Onboarded Applicatioon


Onboarded Application description


Name of the business owner of the application


Name of the IT owner of the application


Port on which the O365 connector application will run. See this to set up reverse proxy.

The application.yml file should look like this after making all the changes

13. Run the connector either from the command line or as a service.


  • JRE 16 OR JDK 16 installed

  • O365 Connector

a. To run from the command line.

For example, to run the o365 connector jar in the background and redirect the output to nohup.out.

cd /apps/o365_connector
nohup java -jar o365-splice-1.0.0-with-connector-application-2.1.5.jar & > nohup.out

b. To run the connector as a service, follow the steps here