End user authorization

After you successfully

registered an application for Token Vault in a cloud provider,
registered an Authorization Provider in Token Vault for your selected cloud, and
configured the AutoStore component,

the user needs to log in to Token Vault and authorize on the Token Vault Available authorization providers page.

To authorize, users need to:

Open a browser and enter the Token Vault URL in the browser's address bar. For example, https://testmachine.testdomain.com:8381.

The administrator must provide the URL to users so that they can perform this step.
Enter their windows User name in DOMAIN\USERNAME format and their Password.
Click Log in.
After successful log in, the available Authorization Providers are displayed.
Click Authorize for the selected authorization provider.
The browser redirects them to the log in page of the cloud belonging to the selected authorization provider.
Log in with their cloud account and grant access to the application.
The browser directs them back to Token Vault displaying the authorization success dialog.
Click Close to finish authorization.

Once the authorization is complete, users can do the following:

Revoke authorization: Click Revoke authorization for the selected authorization provider and then click Revoke on the confirmation dialog.
Re-authorize with a different cloud account: Click Reauthorize for the selected authorization provider and then perform the required authorization steps again.

If the administrator modifies the permissions of n Microsoft 365 application configured for Token Vault after some users have already authorized the Microsoft 365 authorization provider connected to this Microsoft 365 application, the users must perform the authorization steps again to get a new token which is valid for the modified permissions. The administrator can force this reauthorization by removing the tokens belonging to this Microsoft 365 authorization provider on the Manage tokens page in Token Vault.