🔵Integrations

Explore the various integrations available in Blockbrain and learn how to connect your existing tools for seamless authentication, file access, and collaboration

Available Integrations

While this documentation provides detailed steps we recommend a brief setup call with our expert team to ensure a smooth implementation.

Though not mandatory, experience has shown that a 15-20 minute setup call can significantly accelerate your integration and help avoid potential configuration issues.

To schedule a setup call please contact your Key Account Manager.

Entra ID Integration

This guide provides a step-by-step walkthrough for integrating Microsoft Azure Active Directory (AD) as an identity provider with Blockbrain Auth, streamlining the registration and login experience.

1. Azure AD Configuration

You need to have access to an Azure AD Tenant. If you do not yet have one follow this guide from Microsoft to create one for free.

2. Register a new client

Browse to the App registration menus create dialog to create a new app.
Give the application a name and choose who should be able to login (Single-Tenant, Multi-Tenant, Personal Accounts, etc.) This setting will also have an impact on how to configure the provider later on in Blockbrain Auth.
Choose "Web" in the redirect uri field and add the URL: https://auth.theblockbrain.ai/ui/login/login/externalidp/callback
Save the Application (client) ID and the Directory (tenant) ID from the detail page.

3. Add client secret

Generate a new client secret to authenticate your user.

Click on client credentials on the detail page of the application or use the menu "Certificates & secrets"
Click on "+ New client secret" and enter a description and an expiry date, add the secret afterwards
Copy the value of the secret and store it in a safe place (Password Manager) for future usage. You will not be able to see the value again in Azure in the future.

If you lose your secret or if the secret is expired, you need to create a new secret again.

4. Token configuration

To allow Blockbrain Auth to get the information from the authenticating user you have to configure what kind of optional claims should be returned in the token.

Click on Token configuration in the side menu
Click on "+ Add optional claim"
Add email, family_name, given_name and preferred_username to the ID token

5. API permissions

To be able to get all the information that Blockbrain Auth needs, you have to configure the correct permissions.

Go to "API permissions" in the side menu
Make sure the permissions include "Microsoft Graph": email, profile and User.Read

6. Other permissions granted

OpenID authorization is essential for enabling the OpenID Connect protocol. This protocol is particularly important for managing user logins and issuing ID tokens in applications.

In the context of app registration, 'other permissions' refer to the specific access rights or 'scopes' required by an application. These Scopes determine what data and features the application can access on behalf of the user.

User Consent: On the user's first login, they will be prompted to grant these permissions. This step is crucial for ensuring user agreement and security compliance. Depending on your Organization setup, admin consent might be needed.
After the consent was fulfilled, the permissions will be active and listed in the App Registration - Authentication and signin is now possible, the application has the necessary access rights.
- The "Other permissions granted" should include "Microsoft Graph: openid"
Azure Permission Consent Screen
Azure API Permissions Step 2

Azure Groups Integration

This guide provides a step-by-step walkthrough for setting up Azure Groups Integration within the Blockbrain Knowledge Bot Platform.

1. Create a New Sites Admin App

Go to the Overview page and obtain the Client ID (Application (client) ID) and Tenant ID (Directory (tenant) ID). Save this information in a text file.

2. Grant Graph API Permission

In the Sites Admin App Registration, grant Graph API permissions for Group.Read.All, GroupMember.Read.All and User.Read.All

3. Create Client Secret Key

Navigate to the Certificates & Secrets page to create client secrets.

Copy the secret key value to the text file containing the Client ID and Tenant ID, Client Secret. Your text file should include:

Client Id: 4dbceba4-*******-960918801231
Client Secret: JPz******************
Directory (tenant) ID: cef6ac5c-7bc6-*****-fdf0

4. Final Step

Provide the Client ID, Client Secret Key, Tenant ID of the Target Application, and a list of selected sites to connect to the Knowledge Bots platform.

Connect Sharepoint

This guide provides a step-by-step walkthrough for setting up SharePoint folders as knowledge bases using Azure Active Directory applications.

Attention: Before you connect Sharepoint, please make sure that you have already completed the Entra ID integration!

If not, you must first complete the Entra ID integration before you can continue here. You can find the instructions for the Entra ID integration by scrolling to the top of this page.

1. Register Sites Admin App

Before you begin the integration, you need to register an application in the Azure Active Directory portal.

We will only need the Admin App in this step to assign permissions to your Target App and credentials are not persisted. Optionally you can also delete the Admin App after the full setup process.

1.1 Create a New Sites Admin Application

Go to the Azure Portal.
Navigate to Azure Active Directory > App registrations > New registration.

After creating the application, access the Overview page to get the Client ID (Application ID) and Tenant ID (Directory ID). Copy these values and save them in a text file.

1.2 Grant Graph API Permissions

In the Azure portal, go to API Permissions > Add a permission.
Select Microsoft Graph > Application permissions.
Grant the following permissions:
- Application.Read.All
- Sites.FullControl.All

Important: Sites.FullControl.All

The far-reaching rights (Sites.FullControl.All) are only required for the one-off setup. Specifically:

Admin Application:

The Admin App only needs Sites.FullControl.All to assign the required authorizations to the target application.
The access data of the Admin App is not saved permanently.

After setup:

During operation, only the target application accesses SharePoint - and only the sites that are actually relevant.
The rights of the target application are restricted accordingly.

Optional:

The admin app can even be deleted again once setup is complete.

Conclusion: The extensive rights are only temporary and only necessary for the initial configuration. During subsequent operation, only the minimum required rights are used.

After adding the permissions, click Grant admin consent to approve the permissions.

1.3 Create a Client Secret

Go to Certificates & secrets > New client secret.
Create a new client secret and copy the secret key to your text file along with the Client ID and Tenant ID.
Your text file should contain:
- Client ID: 4dbceba4-*******-960918801231
- Client Secret: JPz******************
- Tenant ID: cef6ac5c-7bc6-*****-fdf05232c2f4

2. Register the Target Application

2.1 Create Target Application

Follow the same steps as above to register another application, which will serve as the target application for SharePoint integration.
Ensure that this application also has Sites.Selected permissions.
After registering, create a new client secret and save it in your text file with the following details:
- Client ID: 1ad09322-6c74-*****-8d736a2d9e92
- Client Secret: Npn******************
- Tenant ID: cef6ac5c-7bc6-*****-fdf05232c2f4

3. Configuring SharePoint Integration in Blockbrain

Now that your applications are registered and configured, follow these steps to integrate SharePoint with Blockbrain

Access the Admin Panel:
- In the Blockbrain workspace, click on the Admin button at the top right corner of the screen. This will open up the administrative configuration options.
Navigate to Integrations:
- In the left sidebar, locate and click on Integrations. This section allows you to browse, install, and manage integrations for your workspace.
Initiate the SharePoint Integration:
- In the integrations section, click on the Connect button next to SharePoint to begin setting up the integration.
`
Enter Integration Configuration Details:
- A pop-up window will appear for configuring the integration. You will need to fill in the following fields get from Step 1: Register Sites Admin App in the Azure Portal:
  - Client ID (Admin App): Enter the Client ID for your admin application.
  - Client Secret (Admin App): Enter the client secret for your admin application.
  - Tenant ID: Provide the Tenant ID for your setup.
Fetch Sites:
- After entering the necessary details, click on Get Sites to fetch the available sites for integration. The system will display a list of SharePoint sites that you can connect to.
Select Sites:
- From the list of available sites, select the ones you want to integrate with Blockbrain. Multiple sites can be selected by clicking on each option.
Proceed with the Integration Setup:
- Once you have selected the desired sites, click Next to move forward with the integration process.
Complete the Configuration:
- In the final configuration screen, fill in the Client ID and Client Secret for the Target Application in Step 2: Register the Target Application for Connecting SharePoint.
- Review the selected sites under Connected Sites.
- When everything looks correct, click Save to finalize the integration configuration.

Data Disconnection Warning:

Be aware that all data in the old SharePoint folder will be disconnected when you proceed with the integration. Ensure that you are ready to disconnect the old folder before saving.

By following these steps, you should be able to configure the SharePoint integration with Blockbrain successfully.If you have any questions or need further assistance, please consult the relevant resources:

PreviousManage your Domain NextGoogle SSO

Last updated 16 days ago