Seqrite XDR

Azure Active Directory Connector

Print Friendly, PDF & Email

Azure Active Directory Ingestion Connector Configuration Requirements

Follow these steps to set up the Azure Active Directory Ingestion Connector by registering a new application in the Microsoft Entra admin center and configuring necessary permissions.

Step 1: Register a New Application

  1. Sign in to the Microsoft Entra Admin Center:
  2. Create a New Application Registration:
    • Go to Identity > Applications > App registrations.
    • Select New registration.
  3. Enter Application Details:
    • Display Name: Provide a name for your application. This name will be visible to users during sign-in and can be changed later. Note that multiple app registrations can share the same name, but each app is uniquely identified by its Application (client) ID.
    • Supported Account Types: Select Accounts in this organizational directory only (<Tenant Name/domain> only – Single tenant).
  4. Skip Redirect URI:
    • Do not enter anything for Redirect URI (optional).

      AD Connector Step 1

  5. Register the Application:
    • Select Register to complete the initial registration.

      AD Connector Step 2

  6. View Application Details:
    • Once the registration is complete, the Overview pane for the app registration is displayed. Here, you can see the Application (client) ID.

Step 2: Configure Client Credentials

  1. Add a Client Secret:
    • In the app registration's Overview pane, select Certificates & secrets.
    • Under Client secrets, select New client secret.
  2. Enter Secret Details:
    • Description: Provide a description for the client secret.
    • Expiration: Choose an expiration period for the secret. The maximum lifetime for a client secret is 24 months.
    • Select Add.
  3. Record the Client Secret:
    • Make sure to copy and save the client secret value. This value will not be displayed again after you leave the page.

Step 3: Assign API Permissions

  1. Add User API Permissions:
    • Go to API permissions > Add a permission.
    • Select Microsoft APIs, then Microsoft Graph.
    • Choose Application permissions.
    • Under Select permissions, search for User, and select:
      • User.Read
      • User.Read.All
      • User.ReadWrite.All
  2. Add Audit Log Permissions:
    • Go to API permissions > Add a permission.
    • Select Microsoft APIs, then Microsoft Graph.
    • Choose Application permissions.
    • Under Select permissions, search for Audit, and select AuditLog.Read.All

      AD Connector Step 1

Step 4: Configure the Azure Active Directory Ingestion Connector in XDR

  1. Navigate to the Ingestion Connector:
    • Navigate to the Connector page in the XDR portal and select Ingestion.
  2. Configure the O365 Response Connector:
    • Select O365 Response Connector and click Configure.
  3. Enter Configuration Details:
    • Client Domain: Enter the client domain (e.g., quickheal.com).
    • Client ID: Enter the Application (client) ID obtained from the app registration.
    • Client Secret: Enter the client secret recorded earlier.
  4. Validate and Save:
    • Select Validate and Save to complete the configuration.
Was this page helpful?
Yes No