Configuration

To integrate Entra ID account with the Delinea Platform:

  1. Navigate to Discovery>Sources>Create source.

  2. Select the Entra ID and Azure source.

  3. Select Continue. The Integrate Entra ID and Azure page opens.

  4. (Optional) Select the Enable Azure cloud checkbox to fetch Azure Cloud Data along with the Entra ID data.

    • Select the Enable Azure Cloud checkbox to fetch Azure Cloud data along with Entra ID data.

    • Leave it unselected if you are only integrating Entra ID. In this case, Azure permissions are not required.

  5. Select the Consent to the Delinea app hyper linked text link to install and consent to the Delinea app in the Entra ID consent screen.

    6. After consenting to the application, you will be redirected back to the Delinea Platform Source page where the connector is now created and the Tenant ID is auto populated.

  6. Select Save.

  7. The Entra ID option is displayed as a connected app. The synchronization process begins, and its status will be shown when completed.

To integrate Azure with the Delina Platform:

  1. Follow the same steps required for Entra ID.

  2. Add a Reader role in Entra ID:

    1. Log in to Azure and in the search bar, search for Management groups, then select it.

      If you cannot select the Managed Groups option, even with global admin permissions, it might be because the "global admin can change Azure subscription" flag is turned off. For more details, refer to this Microsoft Q&A.

    2. In the Management groups page, select Tenant Root Group.

    3. In the Tenant Root Group page, select the Access Control (IAM) menu item, and then select the Role assignments tab.

    4. Select + Add and then select Add role assignment.

    5. In the Role tab of the Add role assignment dialog, go to Reader, and the select Next.

    6. Select the Members tab of the Add role assignment dialog, then select + Select members.

    7. In the Select members list, search for and select Delinea, then go to Select.

    8. Optional: You can add the built-in Azure AI User role to collect Azure AI agents, services, and LLMs within Azure.

    9. Select the Review + assign tab to verify if the role was created successfully. In the Add role assignment dialog, the selected member is displayed in the Members section.

      The Enable Azure Cloud checkbox and the Azure AI User role are optional and should be selected based on your organization's requirements. If you choose not to enable Azure Cloud data fetching or assign the Azure AI User role, the integration will still function with Entra ID data.