Start Free Trial
Start Free Trial

How can we help?

  1. Auvik Support
  2. Welcome
  3. Auvik SaaS Management
  4. APIs and Integrations in Auvik SaaS Management
  5. SaaS Ops Integrations
  6. Microsoft Entra ID

Microsoft Entra ID SaaS Ops Integration

Avatar
Cristina Kean
Follow

Auvik SaaS Management’s integration with Microsoft Entra ID ( formally, Azure) allows you to automate common employee lifecycle tasks - granting and revoking access to the applications when needed to ensure compliance and give techs time to work on higher value tasks. See real-time, in-depth license data to help you maintain control over your software usage and spend. This includes a breakdown by license type, associated usage details, and last login timestamps.

For frequently asked questions on the Microsoft Entra ID SaaS Ops Integration, click here.

For how to uninstall the Microsoft Entra ID SaaS Integration, click here.

Prerequisites

Before installing the Entra ID integration, ensure that you have:

  • Required Auvik SaaS permissions to install integrations
    • From the Partner Hub: Default Admin
    • From the Client Hub: Client Admin
  • A valid account for Entra ID with any necessary administrative privileges required 
  • App Registration Key and Secret

We recommend using a dedicated account with all integrations. This allows you to set a role with minimal permissions. The integration will stop working if this user’s account in Microsoft Entra ID is deactivated.

Configuration & Setup

The Microsoft Entra ID integration can be configured using OAuth2 protocol. 

If Authenticating using OAuth 

The configuration process requires you to register an application with Microsoft to create a unique ClientID, Secret and Tenant ID that will be used to setup the integration.   

Registering an App with Microsoft

  1. Login to Microsoft > App registrations

  1. Select New Registry

  1. Fill out the Register an Application Form
    1. For the Name, input something that follows your organizations naming syntax and includes the name Auvik SaaS whenever possible to help differentiate
    2. For the Supported Account Types, select: Accounts in this organizational directory only (MSFT only - Single tenant) 
    3. For the Redirect Url, leave this blank
  2. Click Register
  3. You’ll be redirected to your App’s Overview page where you’ll take note of the Application (client) ID and Directory (tenant) ID to be used in the Integration Setup 

Create Client secret 

  1. On the side navigation select Manage > Certificates & secrets > New Client Secret
  2. Add a description and select the appropriate expiry that fits your organization’s policies 
  3. Copy and store the secret ID to be used in the Integration Setup the secret will only be available to be copied during the creation process 

Edit App Permissions

  1. On the side navigation Select Manage > API Permissions
  2. Select Add New Permission > Microsoft Graph API 

  1. For permission type select Application Permissions
    1. Search and select the following 
      1. Audit Log
        1. AuditLog.Read.All
      2. Directory
        1. Directory.Read.All
        2. Directory.ReadWrite.All
      3. LicenseAssignment
        1. LicenseAssignment.Read.All. 
        2. LicenseAssignment.ReadWrite.All
      4. Organization
        1. Organization.Read.All
        2. Organization.ReadWrite.All
      5. User
        1. User.ManageIdentities.All
        2. User.Read.All
        3. User.ReadWrite.All
  2. Once you’ve selected these permissions, click the Add Permissions

Complete Setup

  1. Select Configure 

  1. Input the required fields, sourced from your Azure Portal
  2. Select Connect 

If you have configured the integration successfully you will be taken back to Auvik SaaS Management and the Integration will showcase as ‘Connected’. 

How to Leverage Microsoft Entra ID with SaaS Ops

Microsoft Entra ID is identified as Microsoft Office 365 in our app catalog. 

Review step by step instructions and any additional information specific to this integration including some FAQs. 

  1. Onboarding
  2. Offboarding
  3. Leveraging License Data

Available Functionality

Offboarding

  • Deletion:Offboarding the user will delete them from Microsoft Entra ID.
  • Access Removal: Based on your configuration, access to other applications that leverage Microsoft Entra ID for identity and authorization may also be removed.

Onboarding

  • Add User

License Data 

  • License Type Breakdown: a breakdown of the total and unused accounts by license type 
  • Real-time Updates: On demand license data refresh 
  • Last Login Timestamp: Showcase the last login time per account

User Count: See which users have leveraged the licensed account 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Auvik System Status

Check system status

Need help?

Submit your question or comment and we'll be in touch.

Send a message

Related articles