Microsoft Azure AD provider

Relativity can import Entity (Employee/Custodian) data from Microsoft Azure Active Directory through Integration Points. In Relativity, you will need to install Integration Points into your workspace. Once Integration Points is installed, you’ll then need to install the Integration Points AD provider application. Completing these installations adds Integration Points to your workspace and adds Azure AD as a source within Integration Points.

The next step is to set up an application in Microsoft Azure which can be used to configure an Integration Point in Relativity. Only an Application Administrator with access can create an application, find credentials, and delete an application. If you don’t have permissions, contact your admin. For more information on Application Administrators, see Microsoft’s documentation.

Registering an Azure application and credentials

To create your application ID and secret, you must have Application Administrator privileges to log into your Azure Portal and register an app.

Start registering your app by following the steps below:

Note: The application registration process needs to be done by an Azure Administrator with sufficient privileges.

  1. Open your Azure Portal.
  2. In the left-navigation menu, click App registrations.
  3. Click New Registration.
    This will open the Register an application page.
  4. Enter an application name in the Name field.
  5. Select Accounts in this organizational directory only as the supported account type.
  6. Click Register.

For more information on registering an application in Azure, see Microsoft's documentation or How to authenticate an EWS application by using OAuth..

From the app's page, add permissions to the web API. To add permissions, follow the steps below:

  1. Click API Permissions.
  2. Click Add a permission.
  3. Click Microsoft Graph.
  4. Select Application Permissions.
  5. Select the following options from the Application Permissions section:
    • Directory – Directory.Read.All

    • Group – Group.Read.All

    • User – User.Read.All
        Notes: Note: This permission is required if Filter by Group functionality is used.
  6. Click Add Permission.

  7. Click Grant Permission.

Finally, grant Admin consent for the API by following the steps below:

  1. Click the API Permissions tab.
  2. Click Grant admin consent for [tenant].
  3. In the pop-up window, click Accept.

Finding Azure credentials

If an application is already created and you need to find the application information to complete the Source Connection step, follow the steps below:

In the Azure Portal,

  1. Click Azure Active Directory.
  2. In the left-navigation menu, click Enterprise applications.
  3. In the list of applications, locate your application by filtering or sorting.
  4. Click your application.
    This will open the application page.
  5. In the left-navigation menu, click Properties.
  6. Copy the Application ID.

Removing application access

Removing access to an application can be done outside of Relativity in Azure AD. To remove access, you need to log into Azure AD. Locate and open the application. In the application, click Delete.