You'll be asked to provide a client secret that Sevco will use to connect to Microsoft Azure AD. This will require the creation of an application in Azure in order to provide API-based access. The following steps will walk you through creating a registered application and identify the necessary values to record for configuration. (Microsoft Documentation: Tutorial: Register an app with Azure Active Directory)

Creating an Application

Go to Azure Active Directory > App registrations*

Create a new registration

Give the app a user-friendly name and click Register

Obtain the Application (client) ID and Directory (tenant) ID for configuring the source.

NOTE: Directory ID, aka Tenant ID, can also be found in the Active Directory Properties. See How to find your Azure Active Directory tenant ID

Obtaining the proper Client Secret

Obtain a secret by going to Certificates and secrets within the newly created/registered application

Generate New client secret

Give the secret a Description and expiration that follows your password rotation policy.

Obtain (copy) the Client secret value

NOTE: Ensure to obtain the App Secret Value, not the Secret ID when configuring the plugin.

Configuring Permissions

The following steps will walk you through configuring the proper permissions

*Go to Azure Active Directory > App registration

Select the application created for Sevco when following the steps in Creating credentials - Client ID/Secret with asset filtering.

NOTE: Depending on who created the application, it could be present in All applications or Owned applications

Go to API Permissions

Add a permission

Select Microsoft Graph and add a Delegated permission

Check Device.Read.All and click Add permissions

Admin consent will be required. Grant the permissions by going to the Enterprise applications or requesting an admin to approve the request.

Contact Us

If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].