Before you can import entities from Microsoft Entra ID into Security Center, you need to register an application and
give it the required permissions.
Before you begin
To integrate your Microsoft Entra ID with the Synergis™ Card Synchronization plugin:
- Ensure that you have a Microsoft Entra account with an active subscription and
an Entra ID tenant.
- Ensure that you have administrator rights to your Entra ID tenant.
- You must understand your organization's Entra ID architecture.
- You must consult with your organization's Entra ID specialist before proceeding.
CAUTION:
Entra ID is a Microsoft product. The steps below
provide guidelines for configuring your existing Microsoft Entra ID for use
with our Card Synchronization plugin. Incorrect configuration of Entra
ID settings can disrupt the other Entra ID services in your organization.
For this reason, it is a best practice to consult your organization's Entra
ID specialist before proceeding.
IMPORTANT: Content in this guide that references information found on
third-party websites was accurate at the time of publication, however, this
information is subject to change without prior notice from Genetec
Inc.
What you should know
The application registration in Microsoft Entra ID provides the Client ID and Key,
which are required to create the Entra ID data source in the plugin role.
NOTE: All
images show sample data.
Procedure
-
Go to the Azure portal and log in using your Office365 user account.
-
From the homepage, click Azure Active Directory.
-
Register the Card Synchronization
plugin as an app with the Microsoft identity platform.
-
Register an app.
NOTE: You do not need to add a redirect URI or configure the platform
settings.
-
Add a client secret and
record the secret's value for later use in the Card Synchronization
plugin role - the secret is never displayed
again after you leave this page. If the secret key is lost, you
need to create a new client app and secret key.
-
Configure an application to expose the
plugin's web API.
-
Grant read permissions to the web API as
follows:
- Microsoft Graph:
- Application.Read.All (Application)
- Group.Read.All (Application)
- User.Read.All (Application)
IMPORTANT: If you have updated your Card Synchronization plugin from
an earlier version, these privileges have changed since Card
Synchronization plugin 3.2. Verify your privileges to make sure the plugin
works properly.
-
Click Grant admin consent for [YourApp].
NOTE: You must grant admin consent for your app to get Entra ID access.
-
On the screen that opens, click OK.
Results
Your Azure data source is ready for synchronization with the
plugin.