diff --git a/docs/platform-services/automation-service/app-central/integrations/azure-ad.md b/docs/platform-services/automation-service/app-central/integrations/azure-ad.md index e097aeaea0..38dd894938 100644 --- a/docs/platform-services/automation-service/app-central/integrations/azure-ad.md +++ b/docs/platform-services/automation-service/app-central/integrations/azure-ad.md @@ -6,8 +6,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; axonius -***Version: 1.11 -Updated: April 27, 2026*** +***Version: 1.12 +Updated: May 7, 2026*** Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service, which helps your employees sign in and access resources. @@ -29,32 +29,33 @@ Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access * **Remove Member From Group** *(Containment)* - Remove a user from a specific group. * **Reset User Password** *(Containment)* - Reset user password. * **Revoke Sign In Sessions** (*Containment*) - Invalidates all the refresh tokens issued to applications for a user (as well as session cookies in a user's browser). +* **Reset User MFA** *(Containment)* - Reset the MFA authentication methods for a user, with an option to require re-enrollment at next sign-in. ## Azure Active Directory configuration The following steps show how to create an Azure AD Application in order to work with Sumo Logic automation. -1. Log in to Azure portal with the user that has administrator privileges. +1. Log in to the Azure portal with the user who has administrator privileges. 1. Navigate to **Azure Active Directory** > **App registrations** > **New registration**.
Azure ad 1 1. In the registration form, choose a name for your application and then click **Register**.
Azure AD register 1. Write down the Application ID and Directory ID. You will need them later for the integration configuration.
Azure ad 3 -1. To configure Azure AD Application permissions, on the left choose **API permissions**. +1. To configure Azure AD Application permissions, on the left, choose **API permissions**. 6. Click the **Add a permission** button.
Azure AD add a permission 7. Select your application in App registrations in the Azure portal. * Delegated permissions are selected by default. * Delegated permissions are appropriate for client apps that access an API as the signed-in user, and whose access should be restricted to the permissions you select in the next step. - * Application permissions are for service or daemon-type applications that need to access API as themselves, without user interaction for sign-in or consent.
Azure AD permissions + * Application permissions are for service or daemon-type applications that need to access the API as themselves, without user interaction for sign-in or consent.
Azure AD permissions 1. Select the following permissions to add: - * **Delegated (work or school account)**. User.Read, User.ReadWrite, User.ReadBasic.All, User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All, Directory.AccessAsUser.All. - * **Delegated (personal Microsoft account)**. User.Read, User.ReadWrite. - * **Application**. User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All.
Azure AD application permissions -1. Once API permission are added then Admin must consent to a grant these permissions ([Learn more about permissions and consent](https://docs.microsoft.com/azure/active-directory/develop/v2-permissions-and-consent?WT.mc_id=Portal-Microsoft_AAD_RegisteredApps).)
Azure AD admin consent -1. Once Admin Consent is granted, API permissions configuration have been completed. Then we have to add a Client secret that will be used for the authentication, along with Client ID and Directory ID. To add Client secret, go to Certificates and secrets, and click **New client secret**.
Azure AD new client secret -1. Select description and expiry period for the created secret and create it. -1. Once it's created, make sure you save its value, since its only displayed once.
Azure ad 9 -1. Once you do these steps you will need to find the Tenant ID in order to use it on your resources file.
Azure AD tenant ID -1. Configuration of Azure AD application is completed, you will need application’s Client ID, secret, Tenant ID. -1. Assign the app the role of User Administrator. This is required to perform action "Reset User Password". + * **Delegated (work or school account)**. `User.Read`, `User.ReadWrite`, `User.ReadBasic.All`, `User.Read.All`, `User.ReadWrite.All`, `Directory.Read.All`, `Directory.ReadWrite.All`, `Directory.AccessAsUser.All`. + * **Delegated (personal Microsoft account)**. `User.Read`, `User.ReadWrite`. + * **Application**. `User.Read.All`, `User.ReadWrite.All`, `Directory.Read.All`, `Directory.ReadWrite.All`, `UserAuthenticationMethod.ReadWrite.All`.
Azure AD application permissions +1. Once API permissions are added, then Admin must consent to grant these permissions ([Learn more about permissions and consent](https://docs.microsoft.com/azure/active-directory/develop/v2-permissions-and-consent?WT.mc_id=Portal-Microsoft_AAD_RegisteredApps).)
Azure AD admin consent +1. Once Admin Consent is granted, API permissions configuration has been completed. Then we have to add a Client secret for authentication, along with the Client ID and Directory ID. To add a client secret, go to Certificates and secrets, and click **New client secret**.
Azure AD new client secret +1. Select the description and expiry period for the created secret and create it. +1. Once it's created, make sure you save its value, since it's only displayed once.
Azure ad 9 +1. Once you do these steps, you will need to find the Tenant ID in order to use it on your resources file.
Azure AD tenant ID +1. Once the Azure AD application is configured, you will need the application’s Client ID, secret, and Tenant ID. +1. Assign the app the role of User Administrator. This is required to perform the **Reset User Password** action. * **Azure Active Directory** > **Roles and administrators** > **User Administrator** > **Add assignments** > **Your app** > **Add**. ## Configure Azure AD in Automation Service and Cloud SOAR @@ -92,7 +93,7 @@ For information about Microsoft Entra ID (formerly Azure AD), see [Entra ID docu * April 28, 2023 (v1.3) + Updated integration: (Updated the integration Fields with Environmental Variables and improved error handling) + Remove action (**Filter Users**) as we already have a similar **List Users** Action - + Changed a few actions type from Containment to Enrichment + + Changed a few action types from Containment to Enrichment + Added New Action **List Groups** * June 26, 2023 (v1.4) - Changed multiline hints to single line * August 25, 2023 (v1.5) @@ -108,3 +109,4 @@ For information about Microsoft Entra ID (formerly Azure AD), see [Entra ID docu + List Of Group Members + Remove Member From Group * April 27, 2026 (v1.11) - Upgraded the `python3_generic` Docker image (Python 3.8) to `python3_12_generic` (Python 3.12) to address Python 3.8 end-of-life and improve security and performance. +* May 7, 2026 (v1.12) - Added New Action: Reset User MFA