How to setup Microsoft Office 365 as a User Verification Source in SecurityGateway

The steps below detail how to configure Microsoft Office 365 as a user verification source in SecurityGateway. 

In Azure Active Directory:

  1. Navigate to the App Registrations page in Azure AD
  2. Select New Registration
  3. Enter an application name in the name field (Eg. SecurityGateway)
  4. Select Register
  5. Make note of the Application ID
  6. Select API Permissions
  7. Select + Add a permission
  8. Select Microsoft Graph
  9. Select Application Permissions
  10. Select Group.Read.All and User.Read.All
  11. Select Add permissions
  12. Click the Grand admin consent for… button
  13. Click Yes
  14. Select Certificates & Secrets
  15. Click + New Client Secret
  16. Enter a description in the description field
  17. Select the radio button to determine how long the password will be valid for
    Note: Since this password will be stored in SecurityGateway, it’s important to note that if it expires in Office 365, SecurityGateway can no longer verify users
  18. Make note of the generated password

In SecurityGateway:

  1. Login to SecurityGateway as a global admin account
  2. Select Setup/Users
  3. Select Accounts
  4. Select User Verification Sources
  5. Click New
  6. Select Office 365
  7. Enter a description
  8. Enter the Office 365 domain name in the Domain Name field.
  9. Select the Type
    • For most configurations, the option will be Global.
  10. Enter the Application ID from Azure AD in the Service Principle field.
    • This can be found on the Overview page of the app registration in Azure AD
  11. Enter the password generated in Azure AD above in the Password field.