Microsoft Entra ID (Azure Active Directory) - Connector Builder
Connector Information
Microsoft Entra ID (Azure Active Directory) is a cloud-based identity and access management solution. It is a directory and identity management service that operates in the cloud and offers authentication and authorization services to various Microsoft services such as Microsoft 365, Dynamics 365, and Microsoft Azure.
ASM can connect via the Alemba Connector builder. The pull of information is controlled by the scheduling option within the System and the security set by your Azure Administrators.
Authentication and Security
In the Application Registration (for the Microsoft Graph Security), ensure you have application Permissions configured with:
User.Read.All
Directory.Read.All
Prerequisites
You must have at least ASM 10.6.5 installed with the connector builder functionality.
System Access Requirement
Application ID
Client Secret value (not the client secret ID)
Client_Credentials Access is required
Helpful Links
Known Issue: Incorrect Data is populated in ASM from Azure AD when using the Connector Builder
Root Cause: Enabling "Display Cached Resource Properties in Search Results" in the integration settings can cause issues where the cached values are not cleared when a value on the next record is empty or null.
Fix: Disable "Display Cached Resource Properties in Search Results" in the integration settings.
Configuring the Connector Builder for Entra ID/Azure Active Directory
Below are examples of the parameters you will want to populate in the connector builder for the Entra ID Azure Active Directory mapping.
Access the Connector Builder: System Admin>Integration>Connector Builder
Click "Add Connector" to add a new connector
Enter the details (See sections below for details and examples)
Connector Builder Name: Microsoft Entra ID
Authentication Type: OAuth
Configure Resource Settings, click the "+" to add a Resource
Click the "New Resource" Link to expand and enter the details
Resource Display Name: User
Resource Id: user_1
Resource Category: Person
Resource Description: User in Microsoft Entra
Complete the queries as follows:
All
Query: All
URL: v1.0/users?$select=id,createdDateTime,displayName,givenName,department,companyName,streetAddress,surname,city,userType,jobTitle,mail,mobilePhone,officeLocation,postalCode,streetAddress,state,userPrincipalName,accountEnabled &$expand=manager($levels=1;$select=id,displayName,userPrincipalName)
Nested Objects: value
Paged? True
Starting Page No: 0
Page Size: 100
Next Page Property: @odata.nextLink
Search
Query: Search
URL: v1.0/users?$select=id,createdDateTime,displayName,givenName,department,companyName,streetAddress,surname,city,userType,jobTitle,mail,mobilePhone,officeLocation,postalCode,streetAddress,state,userPrincipalName,accountEnabled&$expand=manager($levels=1;$select=id,displayName,userPrincipalName)&$filter=startswith(displayName,'@SEARCHTEXT')
Nested Objects: value
Paged? False
Retrieve
Query: Retrieve
URL:v1.0/users/@UNIQUEID?$select=id,createdDateTime,displayName,givenName,department,companyName,streetAddress,surname,city,userType,jobTitle,mail,mobilePhone,officeLocation,postalCode,streetAddress,state,userPrincipalName,accountEnabled&$expand=manager($levels=1;$select=id,displayName,userPrincipalName)
Nested Objects Paged? False
Complete the Resource Details
Setup fields, Click the "New Fieldset" link
Add fields to the fieldset, Click the "+" to add a new Field
Click the "+" to repeat and add a new row for all fields you need to add to this fieldset
Save your new Connector
Configure your Source
Navigate to System Admin>Integration>Sources
Click the Add icon to add a new source
Select the Connector you just defined, in this example we called it "Connector Builder Test", but yours will likely be some version of Entra ID_Azure AD, etc...
Complete the Source Properties.
Last updated
Was this helpful?