Skip to content
Integrations/Microsoft Entra ID (Azure AD) and Microsoft 365/Connection Guide
Connection Guide

Connect Microsoft Entra ID (Azure AD) and Microsoft 365 Without Breaking the Audit Trail

Use this guide to connect Microsoft Entra ID (Azure AD) and Microsoft 365 or confirm the export-based path that fits your environment. Aurora keeps source, timestamps, ownership, and collection history attached so the first run becomes reusable proof instead of one-off setup work.

Connector Summary
Connection typeDirect connection
CategoryIdentity
Checklist5 steps
Want help with rollout?
We'll confirm what can be automated, what stays export-based, and how to keep the first evidence record clean.

First-Run Checklist

Use this sequence to connect Microsoft Entra ID (Azure AD) and Microsoft 365 and make sure the first collection lands cleanly.

  1. 1
    Create an Entra ID app registration (single-tenant).
  2. 2
    Grant required Microsoft Graph Application permissions and admin-consent them.
  3. 3
    Create a client secret and store it in your secret manager.
  4. 4
    Configure tenant_id, client_id, and client_secret.
  5. 5
    Validate, then run full sync; incremental sync advances a time watermark cursor.

Credentials and Secrets

The keys, secrets, or tokens Aurora uses to authenticate and collect proof.

client_idclient_secret

Recommended Access

Aurora only asks for the minimum read access needed for collection and checks.

https://graph.microsoft.com/.default