Skip to content

How to Add an Azure AD Domain to Securden?

Prerequisite: Azure AD import requires internet connectivity. If your organization makes use of a proxy server to regulate internet traffic, you should have configured proxy server settings (from Admin >> General >> Proxy Server Settings).

Securden integrates with Azure AD domains to provisions domain users and domain computers on Azure and Hybrid environments in Securden Endpoint Privilege Manager.

Adding Azure AD domain to Securden is a two-step process.

1) Creating an Azure Client for Securden

2) Configuring Tenant ID and Client Credentials in Securden.

Important

The Azure Enterprise Application can be used for using different cloud-based services in Securden such as

  • Cloud Storage Services

  • Importing Azure registered users and devices

  • Using mail services through outlook

You can refer to the cloud services integration document for steps involved in configuring the Azure application.

The steps to add an Azure domain for the sole purpose of importing Azure Users and Devices have been explained in this document. We do recommend setting up the enterprise application by following the steps in the cloud services integration document for ease of setting up the other services

How to Create an Azure AD Client for Securden?

To add your Azure AD domain, you need to create an Azure AD client (Enterprise Application) for Securden in your Azure portal first.

Note

A tenant in Azure represents your organization in Azure AD. You can use an existing tenant or create a new one for Securden.

Follow the steps below to add an enterprise application for Securden.

  • Login to your Azure Portal. (https://portal.azure.com/)

  • Go to Azure Active Directory.

  • Select App Registrations and go to + New Registrations.

  • Provide a name for ‘Securden’ and select the preferences for restricting access to this application.

  • Navigate to Manage >> Authentication and select Yes for the option Treat application as a public client.

  • Click Save.

You have successfully created an application for Securden. Now the required permissions need to be associated with the application to allow Securden to interact with Azure Active Directory

  • Open the application and navigate to Manage >> API Permissions.

  • Click on Add Permissions >> Microsoft Graph.

  • Select Application Permissions.

  • Search and select Directory.Read.All and click Add Permissions.

  • Click the button named Grant Admin Consent and select Yes to grant the admin consent for adding the permissions selected in the previous step.

Once the permissions are granted to the application, we can generate a client secret to use when establishing connectivity between the Securden server and Azure. Follow the steps below to create a client secret and obtain the required credentials.

  • Go to Manage >> Certificates & secrets.

  • Click New Client Secret and set the expiry to Never.

  • The client secret will be generated. You need to copy the secret to your clipboard.

  • To obtain the Tenant ID and the Client ID, navigate to the Overview section of the application. Copy the three credentials for use in the next step.

How to Configure Connectivity between Azure AD and Securden?

Once the enterprise application is created in your Azure Portal, you need to use the Tenant ID, Client ID, and Client Secret generated to establish connectivity between Securden and Azure AD application.

1) Navigate to Admin >> Integrations >> Azure AD Domains and click Add Domain.

How To Integrate Azure AD Domain In EPM

2) Specify the application credentials copied from the Azure portal.

  • Tenant ID: Your organization’s ID registered with Azure.

  • Client ID: The client ID of the enterprise application.

  • Client Secret: Secret Key created for the enterprise application.

3) Click Add Domain.

This Azure AD domain can be used to import users, user groups, computers, and computer groups into Securden. You can also configure Azure AD groups synchronization for seamless access provisioning.

Frequently Asked Questions (FAQ)

How to use OneDrive and Outlook through this Azure AD domain?

You can configure cloud storage services for storing logs, reports, etc. From Securden and use Outlook to send emails to users by granting the required permissions to the Azure enterprise application created for Securden. You can refer to the steps here.

Securden Help Assistant
What's next?
Request a Demo Get a Price Quote
Thank you message

Thanks for sharing your details.
We will be in touch with you shortly.

Thanks for sharing your details.
We will be in touch with you shortly.