This article details the necessary steps to configure the connection between Microsoft Entra ID and SMARTFENSE, enabling authentication and secure information exchange through Microsoft Graph API.
Configuration available on our platform in the Settings > Integrations > Microsoft 365 Defender section.
Initial Setup in Microsoft Entra ID
Log in to the Microsoft Entra ID portal: https://portal.azure.com/.
In the left-hand menu, select Microsoft Entra ID.
Copy the domain name and paste it into the SMARTFENSE platform, inside the Domain field.
Application Registration
Return to the Microsoft Entra ID portal.
Select the option Manage > App registrations.
Click on New registration in the top menu.
In the Name field, enter SMARTFENSE.
Select the option Accounts in this organizational directory only (SMARTFENSE only: single tenant).
Press the Register button.
Once registration is complete, copy the value from the Application (client) ID field and paste it into the SMARTFENSE platform, inside the Application ID field.
Assigning API Permissions
In the left-hand menu, select API permissions.
Press the + Add a permission button to open the Request API permissions menu.
In the Request API permissions window, select Microsoft Graph.
-
Assign the following permission to the application:
SecurityAlert.Read.All
Click the Grant admin consent button to apply the permission.
Creating the Secret Key
In the left-hand menu, select Certificates & secrets.
Press + New client secret.
In the side window Add a client secret, enter a description and define an expiration time.
Click Add.
| Warning: once the expiration date is reached, the connection will stop working. You will need to generate a new key and verify connectivity again. During this period, campaigns requiring authentication will not allow user login. |
Copy the Generated Value. This value is shown only once and cannot be retrieved later.
Connection with SMARTFENSE
Paste the secret key value copied in the previous step into the SMARTFENSE platform, inside the Application secret key field.
Click the Check connection button within SMARTFENSE to verify that the configuration is correct.
| Warning: ad-blocking extensions such as Ad-Block Plus may interfere with the connection test. It is recommended to temporarily disable them before running this verification. |
💡 Best Practices
Keep a secure record of the Application ID, Domain, and Application secret key.
Before testing the connection, confirm that the SecurityAlert.Read.All permission has been correctly granted.
Schedule internal alerts to renew the secret key before it expires.
Temporarily disable any content-blocking extensions before running Check connection to avoid false errors.