Register your application in Microsoft Entra ID
Register an application in Microsoft Entra ID to obtain OAuth 2.0 credentials for StackOne.
Sign in to Microsoft Entra admin center
Sign in to your Microsoft Entra admin center as at least an Application Developer.
- If you have access to multiple tenants, click the Settings (gear) icon in the top-right corner, then select the desired tenant from the list under Directory + subscription.
- Navigate to Identity > Applications > App registrations.
Create a new app registration
Click New registration and complete the form.
- Name:
StackOne Azure Blob Storage Integration - Select Accounts in this organizational directory only (single tenant).
- Click Register.
Configure the redirect URI
Register the OAuth 2.0 callback URL so Microsoft Entra can return the authorization code to StackOne.
Configure API permissions
Grant the Azure Storage delegated permission and admin consent for your application.
Add Azure Storage permissions
Navigate to API permissions under Manage.
- Click Add a permission.
- Select Azure Storage from the list.
- Choose Delegated permissions.
- Select user_impersonation to allow access as the signed-in user.
- Click Add permissions.
Assign Azure RBAC roles on the storage account
Entra ID authenticates the user, but Azure Storage authorizes operations via Azure RBAC roles assigned on the storage account. Assign the role that matches the operations StackOne will perform.
Assign Storage Blob Data Contributor
Grants read, write, and delete on blobs and containers — required for most StackOne actions.
- Open the storage account in the Azure portal.
- Select Access Control (IAM) in the left sidebar.
- Click Add > Add role assignment.
- Search for and select Storage Blob Data Contributor, then click Next.
- Under Members, select User, group, or service principal and click Select members.
- Search for the OAuth user who will connect StackOne and click Select.
- Click Review + assign.
Create a client secret
Generate a secret that StackOne will use to authenticate the app registration against Microsoft Entra.
Creating the StackOne Connector Profile
To create the Connector Profile in StackOne for Azure Blob Storage:Navigate to Connector Profiles
Create New Connector Profile
- Click + Connector Profile
- Search for and select Azure Blob Storage
- Select Type as OAuth 2.0 (Entra ID)
- Fill out the fields using details retrieved from your provider:
- Tenant ID
- Client ID
- Client Secret
- Scopes (Optional)
- (Optional) Select Actions to be enabled for this Connector Profile
- Click Create profile