Skip to content

Entra ID (AAD) UserSync Connector Prerequisites

Create Azure Entra ID application with access to Azure Graph API

Steps

  1. Login to Azure portal and click the Azure Entra ID from left panel.

  2. Navigate to App registrations and click on +New registration.

  3. Enter the following details as:

  4. Name: Privacera UserSync

  5. Supported account types: Accounts in any organisational directory (Any Azure AD directory - Multi-tenant) and personal Microsoft accounts (e.g. Skype, Xbox)

  6. Redirect URI. This is an optional field.

  7. Click Register.

  8. After the application is created, copy and note down the Application (client) ID and Directory (tenant) ID as this will required later for setup of User Sync.

  9. Now, click on Certificates & secrets and then click +New client secret.

  10. Enter the following details to generate client secret:

  11. Description: Privacera UserSync

  12. Expires: Never

  13. Click on Add and copy the value shown in Client secrets section under Value column. This will required for UserSync setup.

  14. Now, go to API permissions and then click +Add a permission and select the Microsoft Graph option.

  15. Select the Application permissions

  16. Under Select permissions, select the following details as:

    • Directory: Directory.Read.All
    • User: User.Read.All
    • Group: Group.Read.All

  17. Click the Add permissions. After permission has been added, The confirmation message displays with a Yes and No button.

  18. Click Yes. If you do not have privileges to grant consent, you can connect with Administrator to grant consent for the application.

  19. After the Successful consent grant, the screen will be displayed with all granted permissions.

Comments