Integrations/Microsoft Entra ID (Azure AD) and Microsoft 365/Setup Guide
Setup Guide

Microsoft Entra ID (Azure AD) and Microsoft 365 Setup Guide

Follow the steps below to connect, authorize, verify, and schedule collection. If you want help mapping exports to your environment, book a walkthrough.

At a Glance
ConnectionDirect connection
CategoryIdentity
Guide5 steps
Need help?
We will map modules and reviewer-ready exports to your process.

Steps

Use these as a starting point, then verify collection inside Aurora.

  1. 1
    Create an Entra ID app registration (single-tenant).
  2. 2
    Grant required Microsoft Graph Application permissions and admin-consent them.
  3. 3
    Create a client secret and store it in your secret manager.
  4. 4
    Configure tenant_id, client_id, and client_secret.
  5. 5
    Validate, then run full sync; incremental sync advances a time watermark cursor.

Credentials

The inputs Aurora needs to authorize and collect proof.

client_idclient_secrettenant_id

Permissions

Aurora requests only the minimum access needed for collection and checks.

https://graph.microsoft.com/.default