Skip to main content

SafeTitan

Setting Up Permissions for PhishHuk

There are four sequences of steps you must follow to set up permission for the PhishHuk application between Microsoft 0365 and your SafeTitan portal. These steps are explained below in the following order:

  1. Follow the steps below to register the PhishHuk application in your Microsoft Azure App Registration portal.

    1. First, navigate to your Azure portal external_link.png.

    2. Open Azure Active Directory, by selecting it on the left in the Navigation pane, or here.

    3. Select App registrations > New registration.

    4. In the Register an application window that opens, complete the following sections:

      • Name: Enter an identifiable name, such as: SafeTitan-PhishHuk-GraphApi.

      • Supported Account Types: Use the Default option, which is Accounts in this organizational directory only (Cyber Risk Aware Ltd only - Single Tenant).

      • Redirect URL (optional): Select Web from the dropdown menu, and then enter https://localhost/PhishHuk in the next field.

        Note

        Note that entering information here is optional but a value is required for authentication purposes. The Redirect URL can be changed later.

      SFT-Register-PhishHuk-Microsoft.jpg

  2. The steps below explain how to create an Application Secret. Your SafeTitan instance will use this value to prove its identity when connecting to Azure.

    1. Select the Certificates & secrets tab.

      SFT-Certs-And-Secrets.jpg

    2. On the next screen, select New client secret and add a description.

      SFT-Secret-PhishHuk.jpg

    3. Select an expiration date and then select Add to create the client.

    4. Once you've created the client, take note of the Client Secret Value, as you will need this when you configure permissions in the SafeTitan Portal.

  3. Configure the permissions required by SafeTitan as follows:

    1. From your Azure portal, select API permissions and then Add a Permission.

      SFT-API-Permissions.jpg

    2. In the dialog that appears, select Microsoft APIs and then Microsoft Graph.

    3. Under API Permissions add the following permissions:

      SFT-Config-Permissions-PhishHuk10.jpg

    4. Select Grant Admin Consent for permissions that require it.

  4. Configure permission in the SafeTitan portal as follows:

    1. In your SafeTitan portal, go to your PhishHuk menu (or SOARDPhish if enabled) and in the window that opens, select Settings > Graph API.

      SFT-Graph-API.jpg

    2. Using the toggle, turn on Use Graph API Connection.

      SFT-Graph-API-Use-Connection.jpg

    3. Enter your Client ID value and your Client Secret in the appropriate fields. (Note that in Azure the Client Secret is referred to as Secret Value.)

    4. Select Update.

The Microsoft Outlook Add-in for PhishHuk will automatically be updated to use the Graph API, following completion of these steps.

In this section: