Azure Active Directory - Devices


Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service, which allows employees to sign in and access internal and external resources.

Why You Should Integrate

Integrating with a Directory Service like Microsoft Azure Active Directory will provide visibility and device presence awareness for an environment.

How Does the Integration Work

This integration pulls device objects from Azure AD that are either joined or registered to the domain. This can be controlled by identifying the TrustType Sevco will filter in or out within the configuration. By default, this integration will collect all three trustTypes but will not collect empty trustTypes. An empty trustType implies the device record comes from InTune, which is reported by the Microsoft InTune source.

This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.

Configuration Options

Include bring your own personal deviceIf selected will retrieve devices registered in Azure AD with a trustType of Workplacen/a
Include cloud only joined devicesIf selected will retrieve devices joined to Azure AD with a trustType of AzureAdn/a
Include on-premises domain joined devices joined to Azure ADIf selected will retrieve devices in Hybrid Azure AD with a trustType of ServerAdn/a

External Documentation

Creating credentials

See platform documentation for details on Microsoft Azure - Creating credentials

Required Permissions

Your Client ID/Secret) or OAuth2 workflow should authorize at least the following permissions:
Collect Devices

  • Type: Application permissions
  • Permission: Device.Read.All

See Azure - Creating Credentials for details on assigning the proper permissions.

Contact Us

If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].

Tags: cloud, directory service