How do I set up Microsoft 365 as a User Verification Source in SecurityGateway?

Register an application with Microsoft Identity platform:

1. Login to the Microsoft Entra ID administration center.
   • For accounts with multiple tenants, click the Settings icon and select the desired tenant.
2. In the Admin Center menu, select Identity > Applications > App registrations.
3. Select New Registration
   
4. Enter an application name in the name field.
5. Select Web under the Redirect URI (optional) drop down list.
6. Enter https://sg.company.test/auth as the Redirect URI. 
   • Replace 'sg.company.test' with the valid SecurityGateway hostname.
7. Select Register
8. Make note of the Application ID.
9. Select API Permissions
10. Select + Add a permission
11. Select Microsoft Graph
12. Select Application Permissions
13. Select Group.Read.All and User.Read.All
14. Select Add permissions
15. Click the Grant admin consent for... button.
16. Click Yes
17. Select Certificates & Secrets
18. Click + New Client Secret
19. Enter a description in the description field.
20. Select the radio button to determine how long the password will be valid for.
21. Make note of the generated password in the Value field as this password will not be viewable again.

In SecurityGateway:

1. Login to SecurityGateway as the global administrator.
2. Select Setup/Users
3. Select Accounts
4. Select User Verification Sources
5. Click New
6. Select Microsoft 365
7. Enter a description.
8. Enter the Microsoft 365 domain name in the Domain Name field.
9. Select the Type
• For most configurations, the option will be Global.
10. Enter the Application ID from Entra ID (Azure AD )in the Service Principle field
• This can be found on the Overview page of the app registration in Entra ID (Azure AD).
11. Enter the password generated in Entra ID (Azure AD) above in the Password field.
    
    
    
12. Click Save and Close