Microsoft (MS 365 etc)

Microsoft Integrations

Dropzone AI integrates with Microsoft 365/Microsoft Defender, as well as Microsoft Sentinel. This document serves as an overview for performing certain steps of their integration. Further information on how to perform the integrations for Microsoft 365/Defender and Microsoft Sentinel can be found on their separate pages.

Integration Overview

To enable these integrations you will perform the following actions:

  • Register a new application in Microsoft Entra Admin Center

  • Locate your Client ID, Tenant ID, and create a Client Secret

  • Assign the necessary API permissions to the application

Register a New Application in Microsoft Entra Admin Center

Microsoft's documentation for registering an application is available at https://learn.microsoft.com/en-us/graph/auth-register-app-v2

  • Sign into your Entra home as an administrator

  • In the left sidebar, navigate to Identity > Applications > App Registrations

Navigate to App Registrations
  • Click "New Registration"

  • Name the new application something memorable, such as "Dropzone AI"

  • Under "Supported account types," select "Accounts in this organizational directory only (Single tenant)"

  • Leave the "Redirect URI (optional)" section blank

  • Click "Register"

Registering the Dropzone AI Application

Client ID, Tenant ID, and Client Secret

Once the application has been created, it will redirect you to the application's Overview page.

Microsoft's documentation for creating client credentials for an application is available here

  • In the Overview page, copy the Application ID and the Directory ID for use later in the Dropzone UI, where they are called "Client ID" and "Tenant ID" respectively

Copy the integration details
  • Next to "Client credentials," click "Add a certificate or secret"

Add a certificate or secret
  • Under the Client secrets heading, click "New client secret"

Create a new client secret
  • Enter a description for the client secret, such as "Dropzone AI Integration Secret," and choose an appropriate expiration date. Click "Add"

Add client secret
  • Under "Value," copy the Client Secret Value for use later in the Dropzone UI, where it is called "Client Secret"

Copy the Client Secret Value

Set Application Permissions

  • In the application's sidebar, navigate to Manage > API permissions

Navigate to API permissions
  • Click "Add a permission"

Add a permission

Depending on the integration you are performing, you will need to add different permissions. See (Microsoft 365/Microsoft Defender or Microsoft Sentinel for more details). For the purpose of this overview, the Microsoft Graph API has been used.

  • In the search bar, input the desired API, such as "Microsoft Graph" and select it

Select Microsoft Graph
  • Click "Application permissions"

  • In the search bar, input the name of the permission your integration requires, then check the box next to it. Continue to do so until all permissions have been added, then click "Add permissions"

For example, add the SecurityEvents.Read.All permission

Once back in the Application API permissions page, you should now see the permissions, such as the following:

(Example permissions)
  • Click "Grant admin consent for [mycompany.net]"

Grant admin consent
  • Click "Yes"

Grant admin consent

You should now see all the required permissions listed with a green check mark

(Completed permissions)

Last updated

Was this helpful?