Microsoft Entra ID provider

Note: As of October 2023, Microsoft renamed Azure Active Directory (Azure AD) to Microsoft Entra ID. This site has been updated to reflect the name change, where applicable. Refer to Microsoft documentation for more information.

Relativity can import Entity (Employee/Custodian) data from Microsoft Entra ID (formerly known as Azure Active Directory) through Integration Points. The following perquisites must be established:

  1. In Relativity:

    1. You will need to install Integration Points into your workspace. See Installing Integration Points for details.

    2. Once Integration Points is installed, you will then need to install the Integration Points AD provider application. To do so, go to the Files tab in Community, click the Relativity Applications library, and locate the appropriate Microsoft Entra ID for Integration Points ZIP file.

    Completing these two installations adds Integration Points to your workspace and adds Microsoft Entra ID as a source within Integration Points.

  1. In Microsoft Azure:

    • Set up an application in Microsoft Azure which can be used to configure an Integration Point in Relativity. Only an Application Administrator with access can create an application, find credentials, and delete an application. If you do not have permissions, contact your admin. For more information on Application Administrators, see Microsoft’s documentation.

  1. The final step is to import Microsoft Entra ID into Relativity. For more information, see Importing from Microsoft Entra ID.

Registering an Azure application and credentials

To create your application ID and secret, you must have Application Administrator privileges to log into your Azure Portal and register an app.

Start with registering your app by following the steps below:

Note: The person completing the application registration process needs to be an Azure Administrator with sufficient privileges.

  1. Open your Azure Portal.

  2. Navigate to the App registrations page.

  3. Click New Registration to display the Register an application page.

  4. Enter an application name in the Name field.

  5. Select Accounts in this organizational directory only as the supported account type.

  6. Click Register.

For more information on registering an application in Azure, see Microsoft's documentation or Microsoft's authentication documentation.

Next, from the app's page, add permissions to the web API by following the steps below:

  1. Click API Permissions.
  2. Click Add a permission.
  3. Click Microsoft Graph.
  4. Select Application Permissions.
  5. Select the following options from the Application Permissions section:

    • Directory – Directory.Read.All

    • Group – Group.Read.All

    • User – User.Read.All
        Notes: This permission is required if Filter by Group functionality is used.

  6. Click Add Permission.

  7. Click Grant Permission.

Finally, grant Admin consent for the API by following the steps below:

  1. Click the API Permissions tab.
  2. Click Grant admin consent for [tenant].
  3. In the pop-up window, click Accept.

Finding Azure credentials

If an application is already created and you need to find the application information to complete the Source Connection step, follow the steps below in the Azure Portal:

  1. Click Azure Active Directory.
  2. In the left-navigation menu, click Enterprise applications.
  3. In the list of applications, locate your application by filtering or sorting.
  4. Click your application.
    This will open the application page.
  5. In the left-navigation menu, click Properties.
  6. Click the copy icon next to the Application ID.

Removing application access

Removing access to an application can be done outside of Relativity in Microsoft Entra ID. To remove access, follow the steps below:

  1. Log into Microsoft Entra ID.

  2. Locate and open the application.

  3. In the application, click Delete.