Skip to main content

Entra ID (Azure AD) Integration

Administrator

This guide details how to integrate your Microsoft Entra ID (formerly Azure Active Directory) tenant with DataCentral. This allows your internal users to log in using their existing Microsoft credentials.

Prerequisites

Before beginning, ensure you have:

  1. Global Administrator or Privileged Role Administrator access to your Microsoft Entra ID portal.
  2. Tenant Administrator access to your DataCentral instance.

Step 1: Register an Application in Entra ID

You must register DataCentral as an application within your Azure portal.

  1. Log in to the Microsoft Entra admin center.
  2. Navigate to Identity > Applications > App registrations.
  3. Click New registration.
  4. Enter a name for the application (e.g., DataCentral Auth).
  5. Select Accounts in this organizational directory only (Single tenant).
  6. Under Redirect URI, select Web and enter the callback URL provided in your DataCentral Administration settings (e.g., https://yourcompany.datacentral.ai/auth/callback).
  7. Click Register.

Step 2: Generate a Client Secret

DataCentral requires a secret key to communicate securely with Entra ID.

  1. In your new App Registration, go to Certificates & secrets.
  2. Click New client secret.
  3. Add a description (e.g., DataCentral Login Secret) and select an expiration period.
  4. Click Add.
  5. Important: Copy the Value of the new secret immediately. You will not be able to view it again after leaving the page.

Step 3: Configure API Permissions

You must grant the application permission to read basic user profiles.

  1. Go to API permissions.
  2. Click Add a permission.
  3. Select Microsoft Graph.
  4. Select Delegated permissions.
  5. Check the following permissions:
    • User.Read
    • profile
    • email
    • openid
  6. Click Add permissions.
  7. Click Grant admin consent for [Your Tenant Name].

Step 4: Configure DataCentral

Now, return to DataCentral to complete the integration.

  1. Log in to your DataCentral Tenant as an Administrator.
  2. Navigate to Administration > Settings > Authentication.
  3. Enable Entra ID.
  4. Enter the following details from your Azure App Registration:
    • Client ID: Found on the Overview page of your App Registration.
    • Tenant ID: Found on the Overview page of your App Registration.
    • Client Secret: The secret value you copied in Step 2.
  5. Click Save.

Your users can now log in to DataCentral using their Microsoft 365 credentials.

Next Steps

If you plan to use DataCentral to embed reports for users who do not have their own Power BI Pro licenses, you will also need to configure a Power BI Service Principal.