Home
Connecting to other systems
Learn how to connect ClearID to other systems.
Synchronizing identities using One Identity
Use the Genetec ClearID™ One Identity Synchronization Tool to synchronize external system attributes into Genetec ClearID™ identity attributes. These identity attributes in ClearID can then be used to assign people to roles and automate role-based access control.
About the Azure web app
The Azure web app is a web application that is used to connect Genetec ClearID™ One Identity Synchronization Tool to the Azure AD data so that the Active Directory user information can be accessed and synchronized.

About ClearID
Learn about the ClearID self-service physical access management solution.
What's new
Check out what's new in the latest update to ClearID.
Deployment preparation
Check your compatibility and deployment requirements.
ClearID plugin
Learn how to download and install the plugin.
Managing identities and users
Learn how to manage identities and users.
Managing sites
Learn how to manage sites.
Managing areas
Learn how to manage areas.
Managing visitors
Learn how to manage visit requests and access requests.
Managing visitor watchlists
Learn how to manage visitor access using watchlists.
Role-based access control
Learn about role-based access control.
Connecting to other systems
Learn how to connect ClearID to other systems.
- Authenticating your connection
  Before you can connect with Genetec ClearID™ to synchronize data or issue API commands, you must first authenticate your applications (or API environment) so that your applications or API can communicate with ClearID.
- Setting up data synchronization
  Setting up data synchronization in Genetec ClearID™ involves learning some concepts, configuring the synchronization solution for your identity data, and the webhook integration options that are relevant for your organization.
- Synchronizing identities using an API
  Use the Genetec ClearID™ API to code your own solutions to automate various functions in ClearID. The primary use for the REST API is synchronizing identities, however many other scenarios are also possible.
- Synchronizing identities using the SCIM integration
  To synchronize external system attributes from a supported identity provider into Genetec ClearID™ identity attributes, you can use the System for Cross-domain Identity Management (SCIM) integration. These identity attributes can then be used in ClearID to assign people to roles and automate role-based access control.
- Synchronizing identities using One Identity
  Use the Genetec ClearID™ One Identity Synchronization Tool to synchronize external system attributes into Genetec ClearID™ identity attributes. These identity attributes in ClearID can then be used to assign people to roles and automate role-based access control.
  - About the One Identity Synchronization Tool
    The Genetec ClearID™ One Identity Synchronization Tool is a Windows service that you can use to import identities information from an external system into Genetec ClearID™.
  - About One Identity Synchronization Tool attribute fields
    When you synchronize an external system with Genetec ClearID™ using the Genetec ClearID™ One Identity Synchronization Tool, your external system attributes are synchronized (imported) into ClearID identity attributes using the field mappings in the One Identity Synchronization Tool.
  - About the Azure web app
    The Azure web app is a web application that is used to connect Genetec ClearID™ One Identity Synchronization Tool to the Azure AD data so that the Active Directory user information can be accessed and synchronized.
  - Installing the One Identity Synchronization Tool
    Before you can import identities information from an external system into Genetec ClearID™, you must first install the Genetec ClearID™ One Identity Synchronization Tool.
  - Configuring the One Identity Synchronization Tool
    Before you can synchronize an external system with Genetec ClearID™, you must first configure the Genetec ClearID™ One Identity Synchronization Tool.
  - Reviewing synchronization status
    To check that your identity attributes were synchronized into Genetec ClearID™ correctly, you can review the synchronization status in the Genetec ClearID™ One Identity Synchronization Tool or the ClearID web portal.
  - About One Identity Synchronization Tool logs
    The Genetec ClearID™ One Identity Synchronization Tool includes logs that can be used for troubleshooting. The logs can be used to check the status of the configuration tool, the windows service, or review synchronization activities.
  - Viewing One Identity Synchronization Tool logs
    You can use the Genetec ClearID™ One Identity Synchronization Tool logs to check the status of the configuration tool, the windows service, or review synchronization activities.
  - Updating existing identities from an external data source
    When users that have already been created have the same external ID as existing users, you can use Genetec ClearID™ One Identity Synchronization Tool to update the existing identities information from an external data source.
- Synchronizing identities using LDAP
  Use the Genetec ClearID™ LDAP Synchronization Agent to synchronize Active Directory (AD) Lightweight Directory Access Protocol (LDAP) attributes into Genetec ClearID™ identity attributes. These identity attributes in ClearID can then be used to assign people to roles and automate role-based access control.
ClearID Self-Service Kiosk
Learn about the ClearID Self-Service Kiosk mobile app that simplifies visitor management and check-in.
Troubleshooting
Troubleshoot common issues that can occur.
Additional resources
Need tech support or product information? Check out these resources.
Glossary

About the Azure web app

2023-05-04

The Azure web app is a web application that is used to connect Genetec ClearID™ One Identity Synchronization Tool to the Azure AD data so that the Active Directory user information can be accessed and synchronized.

Connection information for Azure web app

To connect the Azure web app to the ClearID One Identity Synchronization Tool, you need the following information:

Data source configuration dialog in the ClearID One Identity Synchronization Tool showing configuration information including Tenant name, Client ID, and App key.

Tenant name (Directory ID for account)
Client ID (Application ID)
App key (Client secret value)

Tip: The Tenant name, Client ID, and App key can be obtained from your Azure Active Directory application registration.

Overview page in Microsoft Azure showing the One Identity application with the Application ID and Directory ID highlighted.

Certificates & secrets page in Microsoft Azure showing the One Identity application with the Client secret value highlighted.

Azure AD API permissions

Before you can synchronize data with ClearID, an external system attributes administrator (IT or security personnel) must set up and configure the following API read permission privileges in Azure AD.

Microsoft Graph (minimum requirements):

Application.Read.All - Used to get extensions attributes.
- Allows the app to read applications and service principals without a signed-in user.
For more information, see List extensionProperties (directory extensions)
User.Read.All - Used to get user information.
- Allows the app to read identity user risk information for all users in your organization without a signed-in user.
Group.Read.All - Used to get group information.
- Allows the app to read group properties and memberships, and read conversations for all groups, without a signed-in user.

API permissions page in Microsoft Azure showing the One Identity application with the API permissions highlighted.