Azure Application Insights provider

An EAM-X edition license is required for this feature. To upgrade please contact [email protected]

What are Integrations?

SquaredUp DS Integrations allow you to create your own providers. Each Integration has its own form to help you input the information required for different providers.

What is a provider?

Providers contain the connection details to external platforms. A provider only needs to be set up once and can then be used when creating tiles on a dashboard.

There are two types of integrations and therefore providers:

  • generic Web API providers that can connect to any REST API
  • dedicated providers that connect to a specific external platform or database (SQL, ServiceNow, Azure Active App Insights, Elasticsearch, etc.)

About Azure Application Insights provider

An Azure Application Insights provider stores the authentication details for your Azure Application instance.

This provider allows you to use the Azure Application Insights tile.

How do I use the tile after I created the provider for it?

See How to use the Azure Application Insights tile

Prerequisites

  • A Microsoft Azure App Insights Application
  • Azure subscription administrator role
  • Microsoft Entra ID User administrator role
  • If you use a proxy server you may need to configure the proxy to allow the Azure App Insights tile to communicate with Application Insights (How to configure SquaredUp DS to use a proxy)

Connecting SquaredUp DS to Azure App Insights

Connecting SquaredUp DS to Azure App Insights is a simple procedure, but requires some one-time configuration in your Microsoft Entra ID environment prior to creating an Azure App Insights provider. These settings will enable permissions and connectivity for API access, and only need to be performed once regardless of the number of SquaredUp DS instances you have.

Configure Microsoft Entra ID

In order for SquaredUp DS to authenticate and access App Insights data you must create an Microsoft Entra ID application that represents SquaredUp DS and configure an SPN for that application with the appropriate permissions to access App Insights data for your application(s).

In order to complete the Microsoft Entra ID configuration process, you will need to have Administrative permissions over Microsoft Entra ID.

A. Add App Insights as a new Service Principal in Microsoft Entra ID

This step is required to ensure that Microsoft Entra ID is setup to interact with the App Insights API.

Adding the Service Principal is a one-time operation.

First, you will need to find your Microsoft Entra ID Tenant ID, and then create a new App Insights API Service Principal. The instructions below assume you have PowerShell v4 or later installed (if not, you can use the in-browser PowerShell session right from the Azure portal).

  1. In the Azure portal, open your Microsoft Entra ID resource.
  2. Take note of the Tenant ID as you will need it in following steps, and it will be entered as the azure active directory id on the azure app insights provider page later.
  3. Start a new PowerShell prompt, and type in the command below:
    Install-Module AzureADConnect-AzureAD -TenantId <AAD Tenant ID> -Credential (get-credential)
    where <AAD Tenant ID> is the Tenant ID located in the previous step
  4. You will get a prompt to log in using your Azure credentials.
  5. Execute the following command:
    New-AzureADServicePrincipal -AppId f5c26e74-f226-4ae8-85f0-b4af0080ac9e -DisplayName "Application Insights API"

B. Create a Microsoft Entra ID application

In this step, you will create an Microsoft Entra ID application, which SquaredUp DS will use to authenticate against Microsoft Entra ID.

  1. Open your Microsoft Entra ID resource in the Azure portal and click on App registrations.
  2. Click New application registration.
  3. Give your application a name (such as SquaredUp DS). Make sure the application type is set to Web app/API. Finally, enter a sign-on URL for SquaredUp DS. This must be unique, but is only used if someone clicks on a link to the application within Azure. If you do not wish to enter your URL here, you can put in a dummy value such as http://server.local/.
  4. Click create.

C. Allow the Application to access App Insights data

  1. Open the Microsoft Entra ID resource and under the App registrations page, find your SquaredUp DS app, and click on it to open its details page.
  2. Take note of the Application ID as you will need it later. (This will be entered as the active directory application id on the provider page later).
  3. Click API permissions > Add a permission
  4. On the Request API permissions page, select the Service Principal you created in the first section of these instructions (i.e. Log Analytics API or Application Insights API).
  5. Click Delegated Permissions and ensure that Read <app> data as user is checked, and click Add permissions.
  6. Finally, you need to create a new client secret. Under Manage click on Certificates & secrets and then New client secret. Give your secret a description and an expiry and press Add. Your client secret value will be generated and displayed - make sure to copy the value, as it cannot be retrieved once you navigate away from the page. (This will be entered as the application key on the provider page later).
    We now have an application that will allow us to authenticate against your Microsoft Entra ID!

D. Grant access from your Microsoft Entra ID application to App Insights applications

In this step you will allow the Microsoft Entra ID application to access App Insights applications. This step will need to be repeated on each App Insights app you want to query using SquaredUp DS.

  1. Find your Application Insights resource on the Azure portal.
  2. Click on API Access
  3. Take note of the Application ID, as you will need it later. (This will be entered as the application id (app insights application to query) on the azure app insights provider page later).
  4. Next, click on Access Control (IAM) and then Add.
  5. Set the Role to Reader.
  6. On the Select dropdown list click on the Microsoft Entra ID application created earlier, and make sure it appears under Selected members.
  7. Click Save.

How to create an Azure App Insights provider

Now that SquaredUp DS has an identity within Microsoft Entra ID that it can use to query App Insights apps, you need to provide the details to SquaredUp DS. A provider defines the App Insights Application that you wish to query, and the identity used for doing so (in this case, the Microsoft Entra ID Application authenticates to query App Insights as the user who authorizes the provider).

If you have multiple apps that you want to query, you can either create multiple providers (one per app) and/or create an empty App Insights app for use with the provider, and then use the additional applications option in each tile to query up to 10 apps simultaneously.

1. Create provider for a App Insights Application

  1. In SquaredUp DS navigate to the right-hand menu ☰ > system > Integrations

  2. Under Integrations click on Azure App Insights and type in a suitable name, e.g. SalesApp.
  3. In the application id box enter the App Insights Application ID you noted down in section D. Grant access from your Microsoft Entra ID application to App Insights applications above.
  4. In the azure active directory id box enter the Microsoft Entra ID Tenant ID you noted down in section A. Add App Insights as a new Service Principal in Microsoft Entra ID above.
  5. In the active directory application id box enter the Microsoft Entra ID Application ID you noted down at the beginning of section C. Allow the Application to access App Insights data above.
  6. In the application key box enter the application secret value that you noted down at the end of section C. Allow the Application to access App Insights data above.
  7. Click save.

2. Add Reply URL to Microsoft Entra ID Application and authorize provider

Once the provider is created, the final step is to authorize it within Microsoft Entra ID. These credentials are sent to Microsoft Entra ID and are not stored anywhere within SquaredUp DS.

  1. Note down the reply url listed under the newly created provider in SquaredUp DS.
  2. In the Azure portal, click on the Microsoft Entra ID resource and under the App registrations page, find your SquaredUp DS app, and click on it to open it's Overview page.
  3. Click on Authentication.
  4. Add the URL from step 1 to the list of Redirect URIs.
  5. Wait a few minutes for the Microsoft Entra ID to process the update, then back in SquaredUp DS click perform authorization under the newly created provider.
    If you do not want to repeatedly add a reply URL to the application for each new provider, you can specify a wildcard when configuring the reply URL using a * (e.g. https://server.local/*).

Troubleshooting

Attempts to authorize the provider fail

Ensure that you have added the Reply URL to the Azure AD application, and that you have given Azure enough time to replicate the configuration (often takes several minutes).

How do I use the tile after I created the provider for it?

See How to use the Azure Application Insights tile

Was this article helpful?

Have more questions or facing an issue?
Submit a ticket