Microsoft Entra
  • 18 Mar 2025
  • 3 Minutes to read
  • Dark
    Light

Microsoft Entra

  • Dark
    Light

Article summary

Microsoft Entra ID tracks user activity and creates reports that help you understand how your users access and use Entra services.   

Directory audits

The directory audit report provides you with access to the history of every task performed in your tenant. The directory audit report provides you with records of system activities for compliance. Amongst others, the provided data enables you to address common scenarios such as: 

  • Who granted admin group access to a directory user? 

  • Which users are signing in to a recently acquired app? 

  • How many passwords resets were made within the directory? 

More information can be found at Microsoft Entra Website page.

Integration Method: API Ingest

Tables: Entity Management (3004), Group Management (3006), Account Change (3001), User Inventory (5003)

This integration supports the following events.

Event

Description

Directory Audits

Fetches logs every task performed in your tenant, either by a user or a service.

This integration supports the following versions

Microsoft Entra API version

V 1.0

Note:

Microsoft Entra is a continuously updated cloud service. As of this document preparation, latest release was on Dec 2025. 

Prerequisites 

  • The user should have access to the Azure portal with an account that has the Global Administrator privileges.

  • The user should have access to the DataBee console.

Configuration Overview 

  1. Create an application with required permissions to fetch the data. 

  2. Create Microsoft Entra Data Feed in the DataBee console with the required Client credentials. 

    DataBee Parameter

    Azure Parameter

    Client Key

    Application (client) ID

    Client Secret

    Client Secret Value

    Token URL(<tenant_id>)

    Directory (Tenant) ID

Azure Configuration

Create an application

  1. Log on to Azure portal  with an account that has the Global Administrator privileges.   

  2. In the search bar, search for App Registrations and select it.
     A screenshot of a computer  AI-generated content may be incorrect. 

  3. On the “App registrations” page, select New registration, theRegister an application” window will appear. 
     A screenshot of a computer  AI-generated content may be incorrect. 

  4. On the “Register an application” window: 

    Under ‘Name’ enter your Application Name then click on Register to create the application.


    A screenshot of a computer  AI-generated content may be incorrect.

  1. On the app Overview page, copy the Application (client) ID and Directory (tenant) ID for later use. 
     A screenshot of a computer  AI-generated content may be incorrect.  

Add Endpoint Access

Once the application is created, two permissions should be provided to fetch data. The appropriate permissions for the application are needed to access these endpoints. The following section details how to configure and add permissions to the required endpoints.   

Add Permissions

From the Azure Active Directory portal:   

  1. Select the application registered in the previous step. 

  2. Under Manage, click API Permissions and then click Add a Permission, the Request API permissions window will appear.  
     A screenshot of a computer  AI-generated content may be incorrect. 

  3. On Request API permissions window, Click on Microsoft APIs then on Microsoft Graph. 
     A screenshot of a computer  AI-generated content may be incorrect. 

  4. Click on Application Permissions. 
     A screenshot of a computer  AI-generated content may be incorrect. 

  5. The following permissions need to be granted for the endpoint to function properly:

    Event

    Type

    Permission

    Directory Audits

    Application

    AuditLog.Read.All

    Directory Audits

    Application

    Directory.Read.All

    In the Select permissions search bar, enter the permission shown above, and check the box to include them.

  6. Click the Add permissions button after selecting all required permissions.  
      

  7. On the API permissions page, click Grant Admin Consent for <tenant>.  
     A screenshot of a computer  AI-generated content may be incorrect.
     

  8. Click the Yes button on the consent confirmation.  
     A screenshot of a computer  AI-generated content may be incorrect.
     

  9. The required permissions are now added for the endpoints.  
     A screenshot of a computer  AI-generated content may be incorrect.

Create the Client Secret 

The final step in accessing the APIs is creating a Client Secret. To create it from the Azure Portal:   

  1. Select the application created above. 

  2. Under Manage, Click Certificates and Secrets, and then Client Secrets.  
     A screenshot of a computer  AI-generated content may be incorrect. 

  3. Click New client secret. Then Add a client secret window appears.  
     A screenshot of a computer  AI-generated content may be incorrect. 

  4. On Add a client secret window: 

  5. Enter a Description for this client secret and select the desired expiry period from the Expires drop-list. 

  6. Then click on Add to create the client secret. 
     A screenshot of a computer  AI-generated content may be incorrect.

    Note:

    The user needs to re-create the client secret when it expires

  7. Copy the Value fields for later use.
     

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     A screenshot of a computer  AI-generated content may be incorrect.

  2. Search for the Microsoft Entra and click it as shown below.
     

  3. Click on the API Ingest option for collection method.

     A screenshot of a computer  AI-generated content may be incorrect.

  4. Enter feed contact information and click Next.

     

  5. In the configuration page, enter the following: 

  • Authorization Method: OAuth2

  • Client Key: paste the Application (Client) ID generated earlier in the Azure portal. 

  • Client Secret: paste the Client Secret value generated earlier in the Azure portal. 

  • Token URL: replace <tenant_id> with your Directory (Tenant) ID.

  • Event Types: preselected for all the event types that integration pulls.
     

    6. Click Submit.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence