Azure Active Directory
AuthTeams
Summary
Azure AD is an identity service that provides SSO and authentication. You can use Azure AD to drive insights into values such as:
- Authentication
- Ownership
caution
For SSO, read our Azure AD SSO Guide.
Setup
In order to connect Cortex with Active Directory, you’ll need to add your information in Settings → Azure Active Directory.
caution
If you do not see the Settings page you're looking for, you likely don't have the proper permissions and need to contact your admin.
- Start by registering a new single tenant Active Directory application.
- In Active Directory, navigate to your new application, and then to API Permissions. Add the following permissions:
- Microsoft APIs → Microsoft Graph → Application permissions → User → User.Read.All
- Microsoft APIs → Microsoft Graph → Application permissions → Group → Group.Read.All
- Click "Grant Admin Consent" to grant permissions for all accounts in the directory.
- Next, navigate to Certificates & secrets and click "New client secret". Set the expiration/description to whatever you see fit, but you'll have to remember to rotate the secret within Cortex for the Active Directory integration to continue working.
- Take your newly created client secret, and your tenant ID and client ID, found in the application Overview page, and enter below.
Registration
Cortex can pull team memberships from Azure AD groups.
Entity descriptor
You can define the following block in your Cortex entity descriptor to add your Azure AD group as an owner.x-cortex-owners:
- type: group
name: Engineering # group name in Azure AD
provider: ACTIVE_DIRECTORY
The group name is case-sensitive and should be exactly the same as in Azure AD.