Documentation

Microsoft 365

Suggest Edits

Overview

Microsoft 365 is a product family of productivity software, collaboration, and cloud-based services owned by Microsoft. It encompasses online services such as Outlook, OneDrive, Microsoft Teams, programs formerly marketed under the name Microsoft Office, and enterprise products and services associated with these products.

Entitle can manage Admin roles in Microsoft 365.

This page will provide you with instructions on how to integrate Entitle and Microsoft 365.

General guidelines

Note: In case you have already integrated Azure AD with Entitle using this guide, you can use the same Entra application configuration and continue to the Set Up in Entitle section.

To integrate your Microsoft 365 with Entitle, you will need to:

  • Create an application on Entra ID, and extract Client and tenant IDs.
  • Create a secret, and extract its value.
  • Provide Entitle with adequate permissions for the application.

Set up Microsoft 365 Directory to work with Entitle

Stage 1: Create an application

  1. Go to the Microsoft Azure portal.

  2. Click on Microsoft Entra ID.

  3. Click on the App registrations tab in the left-side menu.

  4. Then, click on New registration.

  5. Give your app a Name and leave the rest as is. Then, click on Register.

  1. Keep your Application (client) ID and Directory (tenant) ID for later. Then, click on Add a certificate or secret on the right side.
  1. Click on New client secret.
  1. In the pop-up window, choose a Description that you will remember and an expiration time of your choice. Keep in mind that you will have to create a new secret and hence a new integration when it expires. Once done, click Add.
  1. Click on the copy icon to copy your new Client Secret Value and keep it for later.

Stage 2: Assign permissions to Graph API

  1. Go to API permissions.
  1. Remove the existing permission by clicking on the "..." on the right, choose remove all permissions, and finally click on the blue Yes, remove button.
478
  1. Now, click on Add a Permission.
  1. Then pick Microsoft Graph.
  1. Choose Application permissions.
  1. Using the search bar that appears, find the following permissions and select them:
Directory.ReadWrite.All,
Directory.Write.Restricted,
Group.ReadWrite.All,
RoleManagement.ReadWrite.Directory,
TeamMember.ReadWrite.All,
User.ReadWrite.All

Example:

1479
  1. When you are done selecting all six permissions, click on Add permissions at the bottom of the screen.
  1. Your screen should now look the same as the following image. Then, click on Grant admin consent for Default Directory, and then click Yes.

Creating the integration in Entitle

All that is left to do is create an integration on the Entitle application.

  1. Log into Entitle and navigate to the Integrations page.
  2. After clicking the Add Integration button, type Microsoft 365 Admin Center in the Application field.
  3. Don’t forget to set the Save on field with your configuration, i.e. your own hosted agent or Entitle’s cloud.
  1. In the Connection JSON, client_id, secret, and tenant, paste the values of the Client ID, Client Secret, and the Directory (tenant) ID from the previous stages.

Example Connection JSON:

{
  "client_id": "The value of Application (client) ID",
  "secret": "The value of Client Secret",
  "tenant": "The value of Directory (tenant) ID"
}
  1. Click Save and you are done!🎉

Updated about 1 month ago

What’s Next