When connecting to an Azure resource, like Azure Analysis Services, Anaplan XL Reporting Web makes use of the Anaplan XL application registration (02b5d7ef-9e5a-4351-aa9b-9d65e5e3df12). The first time a user accesses an Azure resource via Anaplan XL Web in an organization, an administrator will need to grant approval.
Alternatively, you can follow the instructions below to use an internal App Registration.
The Anaplan XL application uses these permissions to access the Azure data source in a controlled way. This lets the administrator control which permissions they give.
These are the API permissions it can use:
Certain permissions can be granted when required. For example, if access to PowerBI isn't needed, then the Power BI Service APIs can be omitted.
- Azure Active Directory Graph: Used to obtain user identity information.
- Azure Analysis Services: Allows access to Azure Analysis Services data models
- Azure SQL Database: Allows access to Azure SQL databases.
- Power BI Service: Allows access to Power BI models.
Using a Custom App Registration
Anaplan XL can use a custom application registration for some of these accesses. You will need to tell Anaplan XL Web the details of this new application registration by updating the web.config file and adding keys for:
- PowerBiClientID
- PowerBiClientSecret
- PowerBiRedirectUrl
The redirect url must go to a page with the same content as the built-in redirect so that the token can be passed to Anaplan XL.
For single-tenant applications, you may also need to add the below key with your Tenant ID:
- AzureAuthorityAudience
