Trend Micro Email Security accesses and synchronizes Microsoft Entra ID data using an application ID and a client secret. Create and register your application on the Microsoft Entra ID admin center to obtain the application ID and client secret.

Procedure

  1. Register an application.
    1. Log on to your Microsoft Entra ID admin center (https://entra.microsoft.com/) as an admin user.
    2. Go to Microsoft Entra IDApp registrations, and click New registration.
    3. Type a name for your application, for example, TMES Microsoft Entra ID Sync.
    4. Under Redirect URI (optional), type the following URL of the Trend Micro Email Security administrator console:
    1. Click Register.
      A new application appears on the screen.
    2. Copy and save the application ID for future use.
  2. Add a client secret for your application.
    1. Access the application you created in Step 1.
    2. In the left navigation, click Certificates & secrets, and click New client secret under Client secrets.
    3. Type a description for the client secret, select a 2-year option from the Expires drop-down list, and click Add.
      A client secret generates in the Client secrets section. This value will not be visible after you leave this screen.
      Note
      Note
      Directory synchronization will fail if the client secret expires. If this occurs, generate a new client secret.
    4. Copy and save the client secret value for future use.
  3. Obtain API permissions for your application.
    1. Access the application you created in Step 1.
    2. In the left navigation, click API permissions and click Add a permission.
    3. Click Microsoft Graph on the Microsoft APIs tab page.
    4. From application permissions, select the Directory.Read.All permission under Directory, and click Add permissions.
    5. Click Grant admin consent for Your tenant name.
    6. Click Yes in the dialog box that appears.