Log in
Integrations/Microsoft Entra ID (Azure AD) and Microsoft 365/Setup Guide
Setup Guide

Microsoft Entra ID (Azure AD) and Microsoft 365 Setup Guide

Follow the steps below to connect (where supported) or set up an export-based workflow. Either way, Aurora tracks source, timestamps, ownership, and freshness so evidence stays reusable between reviews.

At a Glance
ConnectionDirect connection
CategoryIdentity
Guide5 steps
Need help?
We'll confirm what can be automated, what stays export-based, and how to keep evidence current between review cycles.

Steps

Use these as a starting point, then verify collection inside Aurora.

  1. 1
    Create an Entra ID app registration (single-tenant).
  2. 2
    Grant required Microsoft Graph Application permissions and admin-consent them.
  3. 3
    Create a client secret and store it in your secret manager.
  4. 4
    Configure tenant_id, client_id, and client_secret.
  5. 5
    Validate, then run full sync; incremental sync advances a time watermark cursor.

Credentials

The inputs Aurora needs to authorize and collect proof.

client_idclient_secrettenant_id

Permissions

Aurora requests only the minimum access needed for collection and checks.

https://graph.microsoft.com/.default