Entra ID and Azure Integration Guide

Amir Avitzur
Amir Avitzur
  • Updated

Azure can be integrated with Authomize so that Authomize will be able to analyze identity and access information held on Azure. Information such as users, groups, and roles are extracted once and updated regularly thereafter.

What does the integration Include?

  • Entra ID
    • Users
    • Groups
    • Roles and admins
    • Applications, Application Access and Azure Managed Identities
    • App Registrations
    • Sign in and Audit Log activities
    • SharePoint Sites
    • Office 365 Audit Log Activities
  • Azure
    • Subscriptions, Resource Groups and Resources
    • Roles and privileges
    • Management log Activities

Azure Integration Workflow

Microsoft Onboarding Diagrams.drawio.png

Choosing The Right Microsoft Entra ID Application to Install

Authomize supports a read-only mode of operation on Microsoft Entra ID:

  1. Read-only: Authomize security events are exportable via Webhooks and APIs.
  2. Write-operations: In addition to external tool integration via Webhooks and APIs , Authomize can provide built-in response workflows. For this to happen, it requires several write-enabling OAuth scopes.

Guide: Getting the Tenant ID from Azure

  1. Log into portal.azure.com as an admin:
  1_Azure_Login.png 2_Azure_Login.png 3_Azure_Login.png
  1. Click Azure Active Directory.

  2. On the Authomize|Overview page, copy the Tenant ID.

Guide: Setting up a reader role

  1. Log into Azure.
  2. Search for Management groups and click it when found.
  3. In Management groups click Tenant Root Group.
  4. In the Tenant Root Group, click Access Control (IAM) in the menu, then click to open the
    Role assignments.
  5. In the Tenant Root Group|Access control|Role assignments, click + to add a new role assignment.
  6. In the Add role assignment dialog | Role page, click Reader.
  7. In the Add role assignment dialog | Members page, click the Next button.
  8. In the Add role assignment dialog Click + Select members.
  9. Select Authomize from the Select member list.
  10. In the Add role assignment dialog | Review + assign page, click the Review + assign button if you see your new Member Role in the Members field.

API Calls Authomize Makes

The full list can be found in this link.

Share this

Was this article helpful?

0 out of 0 found this helpful