Skip to main content


Azure-Based Orchestrator Installation

In order for the Orchestrator to request information from Azure AD via MS Graph API, a sequence of steps are necessary:


If you have already set up an Azure Application Registration with Directory.Read.All permission, then you'll have the required permissions for Real-Time integration. If this is the case, then skip to Step 4 below, xxxx to Configure the SafeTitan portal.

  1. Create an application registration in Azure AD. Refer to the details provided in Register an Application in the Microsoft Azure App Registration Portal.

  2. Create an application secret. After you've created an Application Registration in Azure AD, you'll need to generate an application secret. Your SafeTitan instance will use this value to prove its identity when connecting to Azure. See Create an Application Secret for help.

  3. Configure Permissions for Microsoft Graph After you have generated an application secret, you'll need to configure the permission granted to the SafeTitan App, which is: Directory.Read.All access. You can follow the steps in Configure Permissions Required by SafeTitan, but note that for Real-Time integration, only Directory.Read.All is required.

  4. Configure the SafeTitan portal. After you've configured permissions for Microsoft Graph on your app, you can update your Orchestrator configuration in the SafeTitan portal.