How to add an Azure Application Insights provider
A Connect edition licence (or above) is required for this feature. To upgrade please contact firstname.lastname@example.org.
What is a provider?
Providers contain the connection details to external platforms. A provider only needs to be set up once and can then be used when creating tiles on a dashboard.
There are two types of providers:
generic Web API providers that can connect to any REST API
dedicated providers that connect to a specific external platform (ServiceNow, Azure Active App Insights, Elasticsearch, etc.)
About Azure Application Insights provider
An Azure Application Insights provider stores the authentication details for your Azure Application instance.
This provider allows you to use the Azure Application Insights tile.
How do I use the tile after I created the provider for it?
SquaredUp v4 or above.
A Microsoft Azure App Insights Application
Azure subscription administrator role
Azure Active Directory User administrator role
If you use a proxy server you may need to configure the proxy to allow the Azure App Insights tile to communicate with Application Insights (How to configure SquaredUp to use a proxy)
Connecting SquaredUp to Azure App Insights
Connecting SquaredUp to Azure App Insights is a simple procedure, but requires some one-time configuration in your Azure Active Directory (AAD) environment prior to creating an Azure App Insights provider. These settings will enable permissions and connectivity for API access, and only need to be performed once regardless of the number of SquaredUp instances you have.
Configure Azure Active Directory
In order for SquaredUp to authenticate and access App Insights data you must create an Azure AD application that represents SquaredUp and configure an SPN for that application with the appropriate permissions to access App Insights data for your applications(s).
In order to complete the Azure Active Directory configuration process, you will need to have Administrative permissions over Azure AD.
This step is required to ensure that your Azure Active Directory is setup to interact with the App Insights API.
Adding the Service Principal is a one-time operation.
First, you will need to find your Azure Active Directory Tenant ID, and then create a new App Insights API Service Principal. The instructions below assume you have PowerShell v4 or later installed (if not, you can use the in-browser PowerShell session right from the Azure portal).
- In the Azure portal, open your Azure Active Directory resource. From here, click properties.
Take note of the Directory ID as you will need it later. (This will be entered as the
azure active directory idon the azure app insights provider page later).
Start a new PowerShell prompt, and type in the below (where
<AAD Tenant Directory ID>is the ID located in the previous step):
Connect-AzureAD -TenantId <AAD Tenant Directory ID> -Credential (get-credential)
- You will get a prompt to log in using your Azure credentials.
Execute the following command:
New-AzureADServicePrincipal -AppId f5c26e74-f226-4ae8-85f0-b4af0080ac9e -DisplayName "Application Insights API"
2. Create an Azure Active Directory Application
In this step, you will create an AAD application, which SquaredUp will use to authenticate against your AAD. If you have previously used the v3 OMS tile in this AD Tenant, you can use the existing application that was created for that tile (skip this section).
Open your Azure Active Directory resource in the Azure portal and click on App registrations.
Click New application registration.
Give your application a name (such as
SquaredUp). Make sure the application type is set to
Web app/API. Finally, enter a sign-on URL for SquaredUp. This must be unique, but is only used if someone clicks on a link to the application within Azure. If you do not wish to enter your URL here, you can put in a dummy value such as
- Open the Azure Active Directory resource and under the App registrations page, find your
SquaredUpapp, and click on it to open its details page.
- Take note of the Application ID as you will need it later. (This will be entered as the
active directory application idon the azure app insights provider page later).
- Click API permissions.
- On the Configured permissions page, click Add a permission.
- Select the Service Principal you created earlier in section A (i.e.
Application Insights API).
- Click Delegated Permissions, and tick Read Application Insights data as user. Click Add permissions at the bottom of the screen.
- Finally, you need to create a new client secret. From the menu click on Certificates & secrets (from Azure Active Directory > App registrations > your AD application) and then + New client secret.
- Enter a name and expiry date and click Add. Make sure to copy the new client secret value, as it cannot be retrieved once you navigate away from the page. (This will be entered as the
application keyon the azure app insights provider page later).
You now have an application that will allow you to authenticate against your Azure Active Directory!
In this step you will allow the Azure AD application to access App Insights applications. This step will need to be repeated on each App Insights app you want to query using SquaredUp.
- Find your Application Insights resource on the Azure portal.
- Click on API Access
- Take note of the Application ID, as you will need it later. (This will be entered as the
application id (app insights application to query)on the azure app insights provider page later).
- Next, click on Access Control (IAM) and then Add.
- Set the Role to
- On the Select dropdown list click on the AAD application created earlier, and make sure it appears under Selected members.
- Click Save.
How to create an Azure App Insights provider
Now that SquaredUp has an identity within Azure Active Directory that it can use to query App Insights apps, you need to provide the details to SquaredUp. A provider defines the App Insights Application that you wish to query, and the identity used for doing so (in this case, the Azure AD Application authenticates to query App Insights as the user who authorises the provider).
If you have multiple apps that you want to query, you can either create multiple providers (one per app) and/or create an empty App Insights app for use with the provider, and then use the additional applications option in each tile to query up to 10 apps simultaneously.
1. Create provider for a App Insights Application
In SquaredUp navigate to the right-hand menu ☰ > system > Integrations > Add An Integration
- Click on Azure App Insights and type in a suitable name, e.g.
- In the application id box enter the App Insights Application ID you noted down in section 4. Grant access from your Azure AD application to App Insights applications above.
- In the azure active directory id box enter the Azure Active Directory Tenant ID you noted down in section 1. Add App Insights as a new Service Principal in your Azure Active Directory above.
- In the active directory application id box enter the Azure Active Directory Application ID you noted down at the beginning of section 3. Allow the Application to access App Insights data above.
- In the application key box enter the application API access key you noted down at the end of section 3. Allow the Application to access App Insights data above.
- Click Save.
2. Add ReplyUrl to Azure AD Application and authorise provider
Once the provider is created, the final step is to authorise it within Azure AD. These credentials are sent to Azure AD and are not stored anywhere within SquaredUp.
Note down the reply url listed under the newly created provider.
In the Azure portal, click on the Azure Active Directory resource and under the App registrations page, find your SquaredUp app, and click on it to open it's details page.
Click on Reply URLs.
Add the URL from step 1 to the list of URLs and click Save.
Wait a few minutes for the Azure AD to process the update, then back in SquaredUp click perform authorization under the newly created provider.
If you do not want to repeatedly add a reply URL to the application for each new provider, you can specify a wildcard when configuring the reply URL using a * (e.g.
Attempts to authorise the provider fail
Ensure that you have added the Reply URL to the Azure AD application, and that you have given Azure enough time to replicate the configuration (often takes several minutes).