About

Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service, which allows employees to sign in and access internal and external resources.

Why You Should Integrate

Integrating with a Directory Service like Microsoft Azure Active Directory will provide visibility and user presence awareness for an environment.

How Does the Integration Work

This integration pulls user objects from Azure AD domain.

This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.

⚠️
If you haven't already, please review our instructions for configuring the integration before proceeding with the instructions below.

Configuration Options

Field	Description
`Collect Groups`	Collect the groups that each user is a part of by calling the `/memberOf` endpoint for each user. Requires at least 1 additional API call per user
`Collect License Details`	Collect the licenses assigned to each user by calling the `/licenseDetails` endpoint for each user. Requires at least 1 additional API call per user
`Filter Deactivated Users`	Don't collect users with with status `DISABLED`

External Documentation

Creating credentials

See platform documentation for details on Microsoft Azure - Creating credentials

Required Permissions

Your Client ID/Secret or OAuth2 workflow should authorize at least the following permissions:

Type: Application permissions
Permission: User.Read.All

See Azure - Creating Credentials for details on assigning the proper permissions.

Optional Permissions

Permission	Purpose
`Directory.Read.All`	Required to expand the `extensions` attribute(s) on the user object
`AuditLog.Read.All`	Required to retrieve `signInActivity` for a user. Note: This also requires a Microsoft Entra P1 or P2 license

Contact Us

If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].

Tags: cloud, directory service