Best Practices
7 Permissions are required when setting up Azure AD connection, they are listed below:
- Delegated permissions:
- User.Read
- User.Read.All
- User.ReadBasic.All
- Directory.AccessAsUser.All
- Directory.Read.All
- Application permissions:
- User.Read.All
- Directory.Read.All
We recommend using a service account when setting up (ex. tenant ID, client ID, client secret)
When connecting to Azure, we have separate applications when using for SSO or when using for a connector to pull data. Int he event you have Azure SSO and important information housed within Azure AD, SecurEnds will need two applications set up, one for each.
