Skip to main content
All CollectionsOther Features & Settings
Microsoft 356 Integration Setup
Microsoft 356 Integration Setup

Installation steps for the Microsoft Integration. This integration enables the syncing of users and their MFA status into Apollo Secure.

Mark Gabriel avatar
Written by Mark Gabriel
Updated over 3 months ago

Step 1: Add an App Registration to Entra ID within Azure

First, we must register the Apollo Application within your Microsoft 365 environment to allow access to APIs that share information about your users.

  1. Navigate to Entra ID within Azure

  2. On the left menu select App Registrations.

  3. Click + New registration and fill in the following:

    1. Add the Name “Apollo Secure”

    2. Under Supported account types, select “Accounts in this organisational directory only (Default Directory only - Single tenant)“

    3. Under Redirect URI, select “Web” and enter: https://app.apollosecure.com/oauth2callback/microsoft

  4. Press the Register button.

  5. Copy the Application (client) ID and Paste it into the field within Apollo’s Integration Setup dialogue (See Step 4 below).

  6. Copy the Directory (tenant) ID and Paste it into the field within Apollo’s Integration Setup dialogue (See Step 4 below).

Step 2: Creating a secret for app authentication

  1. On the left menu, select Certificates & secrets.

  2. Under the Client secrets tab, click + New client secret

    1. Set the expiry to 365 days (12 months). Once this expires you will have to re-generate the secret and add the new value into Apollo Secure.

  3. Press the Add button to complete.

  4. Copy the Client secret value and Paste it into the field within Apollo’s Integration Setup dialogue (See Step 4 below).

Step 3: Setting up API permissions

We need to add the permissions Apollo requires to read users and their MFA statuses

  • User.Read.All

  • Reports.Read.All

  • AuditLog.Read.All

  • GroupMember.Read.All

  1. On the left menu, select API permissions.

  2. Click + Add permission

  3. Select the large Microsoft Graph button from the top right corner of the screen

  4. Then choose Delegated permissions

  5. Search for the first permission User.Read.All and tick the checkbox.

  6. Then repeat the process for the other permissions before pressing the Add permissions button to complete.

Step 4: Check and Complete Integration

  1. Back in the Apollo Secure application, check that you have pasted the 3 values correctly before Continuing to log in

  2. The final step is to sign in and consent to the Apollo App to use the permissions that you have just set up.

Did this answer your question?