Blue Lance

Bluelance 2.0
Get a demo
View Categories

Registering the App in Microsoft Entra ID

2 min read

Before Azure Log Connector can collect data from your Azure and Microsoft 365 environment, you must create a dedicated App Registration in the Azure Portal. This article walks through the complete setup process step by step.

Before you begin:

Confirm the following:

  • You have access to the Azure Portal with Global Administrator or Application Administrator privileges
  • You have a secure location ready to store the Client Secret value โ€” it is only shown once
  • You have completed the prerequisites checklist in the Prerequisites for Azure Log Connector article

Step 1 โ€” Create the App Registration:

  1. Sign in to the Azure Portal
  2. In the search bar, type Microsoft Entra ID and select it
  3. In the left navigation menu, click App Registrations
  4. Click New Registration
  5. Configure the registration:
    • Name โ€” enter LT Auditor MP Azure Log Collector
    • Supported Account Types โ€” select Accounts in this organizational directory only (Single Tenant)
    • Redirect URI โ€” leave blank
  6. Click Register

Step 2 โ€” Record your Tenant ID and Client ID:

On the App Registration overview page, locate and copy the following values:

ValueField Name in Azure Portal
Client IDApplication (client) ID
Tenant IDDirectory (tenant) ID

Store these securely โ€” you will need them during the Azure Log Connector configuration step.

Step 3 โ€” Configure API permissions:

  1. In the left navigation menu, click API Permissions
  2. Click Add a Permission

Add Microsoft Graph permissions:

  1. Select Microsoft Graph
  2. Select Application Permissions
  3. Search for and add each of the following permissions:
Permission
AuditLog.Read.All
Directory.Read.All
Application.Read.All
Domain.Read.All
Files.Read.All
GroupMember.Read.All
IdentityProvider.Read.All
IdentityRiskyServicePrincipal.Read.All
IdentityRiskyUser.Read.All
Policy.Read.All
RoleManagementAlert.Read.Directory
User.Export.All
User.Read.All
UserAuthenticationMethod.Read.All
  1. Click Add Permissions

Add Office 365 Management API permission:

  1. Click Add a Permission again
  2. Select Office 365 Management APIs
  3. Select Application Permissions
  4. Add the following permission:
Permission
ActivityFeed.Read
  1. Click Add Permissions

After adding all permissions, the API Permissions page will list all 15 permissions with a status of Not granted.

Step 4 โ€” Grant Admin Consent:

All application permissions require Admin Consent from a Global Administrator before they become active.

  1. On the API Permissions page, click Grant admin consent for [Your Organization Name]
  2. Click Yes to confirm
  3. Confirm all 15 permissions update to show a green checkmark and status of Granted for [Your Organization Name]

If the Grant admin consent button is greyed out, you do not have sufficient privileges. Contact your Global Administrator to complete this step.

Step 5 โ€” Create a Client Secret:

  1. In the left navigation menu, click Certificates & Secrets
  2. Click New Client Secret
  3. Configure the secret:
    • Description โ€” enter LT Auditor MP Collector
    • Expires โ€” select an expiration period (recommended: 24 months)
  4. Click Add

Copy the secret Value immediately. It is only displayed once. If you navigate away before copying it, you will need to delete the secret and create a new one.

Store the Client Secret securely alongside the Tenant ID and Client ID recorded in Step 2.

Step 6 โ€” Verify the App Registration:

Before proceeding to installation, confirm the following:

  1. The application name shows as LT Auditor MP Azure Log Collector
  2. The Application (client) ID and Directory (tenant) ID are recorded
  3. All 15 API permissions are listed and show status Granted
  4. All permissions are listed as Application type โ€” not Delegated
  5. The client secret is listed with a future expiry date and the value has been copied and stored

Managing secret expiry:

Client secrets expire based on the duration selected at creation. To avoid service interruptions:

  • Note the secret expiry date and set a reminder 30 days before it expires
  • When renewal is needed, generate a new secret in Certificates & Secrets, update the Azure Log Connector configuration with the new value, and delete the old secret

[Your administrator should document the secret expiry date and assign ownership of the renewal process to ensure Azure Log Connector is not interrupted by an expired secret.]

Summary of values to retain:

ValueDescription
Application (Client) IDUnique identifier for the App Registration
Directory (Tenant) IDUnique identifier for your Entra ID tenant
Client Secret ValueSecret used to authenticate the App Registration
Secret Expiry DateDate the client secret expires โ€” for renewal planning

Powered by BetterDocs

Newsletter

Let's get started and
enjoy the power of LT Auditor MP

ยฉ Copyright , BLUE LANCE 2.0. All Rights Reserved.

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by