How to: Create the External Application Account in LS Central
There are two ways to create the external application account in LS Central: manually or automatically from code.
In both cases, the app needs to be granted consent manually, but the option to create the record from code is much more convenient for end-users.
To manually create the Azure Active Directory Application account
- In LS Central, click the icon, and enter Azure Active Directory Applications (or just AAD), and select the relevant link.
- Click the New action to add a new record.
- In the Azure Active Directory Application Card, fill in the Client ID that you copied in the setup or an ID that you received from the organization that owns the external application. The curly brackets will be added automatically.
- Enter a description.
- Assign the proper permission sets to the user.
To assign a permission set
The user must have sufficient permission. The best way to start is to assign the user with a SUPER equivalent permission set, because at this point you do not know which objects the permission set must have.
The SUPER permission set cannot be assigned to this user, so you must create a new permission set based on the SUPER permission set.
- Create a new Permission Set, name it Super_S2S, for example.
- Copy the existing super permission set, and assign it to the S2S user.
- You can refine this permission set, if needed.
See also
Video Tutorial: S2S Authentication - Step 2