Integrating Azure AD

Grant Trend Micro permission to access your Azure AD data for use in Trend Micro Vision One apps.

The Third-Party Integration > Azure AD screen provides an overview of Trend Micro Vision One apps that can access Azure AD data or trigger policy enforcement actions in Azure AD. Each app or group of apps is associated with a set of permissions that must be enabled within Azure AD to facilitate integration with Trend Micro Vision One.

Tip:

Unless otherwise specified, permissions are granted automatically by clicking Grant permissions, signing in to Azure AD with an administrator account, and clicking Accept.

The following table describes the information and actions available on the Azure AD screen.

Associated Apps

Description

Mobile Security

Grant Mobile Security access to Azure AD data to enable end users to authenticate with Azure AD during mobile device enrollment.

To enable, click Grant permissions and follow the onscreen instructions.

For more information, see Integration with Azure Active Directory.

Search

Grant Search permission to access Azure AD to perform policy enforcement actions, such as disabling user accounts and forcing password reset, through the Response Management app.

To enable, click Grant permissions and follow the onscreen instructions.

For more information, see Response Actions.

Risk Insights

Grant Risk Insights permission to access your Azure AD data to gain deeper insight regarding the apps and devices your users access, and the behaviors that contribute to users' risk analyses.

To enable, on the Data source for risk analysis screen in Risk Insights, click Azure AD and follow the onscreen instructions.

For more information, see Configuring the Data Source for Risk Analysis.

Zero Trust Secure Access

Grant Zero Trust Secure Access permission to access data and perform actions in Azure AD to analyze risk events and suspicious user activity, and perform policy enforcement actions, such as disabling user accounts and forcing password reset.

To start collecting data, click Grant permissions and follow the onscreen instructions.

Note:

Before Zero Trust Secure Access can use the collected data, go to the Identity and Access Management screen, enable Data upload or Policy enforcement and follow the onscreen instructions.

For more information, see Identity and Access Management.

Note:

If you see an error message in the "Status" column, such as "Permission error" or “Application disabled in Azure AD”, refer to Troubleshooting Azure AD Connections.