Skip to content

Create Azure AD Application


  • Need Azure AD application with access to Azure Graph API


  1. Login to Azure portal and click the Azure Active Directory from left panel.

  2. Navigate to App registrations and click on +New registration.

  3. Enter the following details as:

    • Name: Azure AD User Sync

    • Supported account types: Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)

    • Redirect URI. This is an optional field.

    • Click Register.

  4. After the application is created, copy and note down the Application (client) ID and Directory (tenant) ID as this will required later for setup of User Sync.

  5. Now, click on Certificates & secrets and then click +New client secret.

  6. Enter the following details to generate client secret:

    • Description: Ranger UserSync

    • Expires: Never

  7. Click on Add and copy the value shown in Client secrets section under Value column. This will required for User Sync setup.

  8. Now, go to API permissions and then click +Add a permission and select the Microsoft Graph option.

  9. Select the Application permissions

  10. Under Select permissions, select the following details as:

    • Directory: Directory.Read.All

    • User: User.Read.All

    • Group: Group.Read.All

  11. Click the Add permissions. After permission has been added, The confirmation message displays with a Yes and No button.

  12. Click Yes. If you do not have privileges to grant consent, you can connect with Administrator to grant consent for the application.

  13. After the Successful consent grant, the screen will be displayed with all granted permissions.