Microsoft Azure AD provider

Relativity can import Entity (Employee/Custodian) data from Microsoft Azure Active Directory through Integration Points. In Relativity, you will need to install Integration Points into your workspace. Once Integration Points is installed, you’ll then need to install the Integration Points AD provider application. Completing these installations adds Integration Points to your workspace and adds Azure AD as a source within Integration Points.

The next step is to set up an application in Microsoft Azure which can be used to configure an Integration Point in Relativity. Only an Application Administrator with access can create an application, find credentials, and delete an application. If you don’t have permissions, contact your admin. For more information on Application Administrators, see Microsoft’s documentation.

When setting up Azure AD application, the following permissions are required:

  • User.Read.All
  • Directory.Read.All
  • Group.Read.All - when filter by Group is used

Creating an Azure application and credentials

To create your application credentials, you must have Application Administrator privileges to log into your Azure Portal. Follow the steps below to create an application ID and a secret.

  1. Navigate to Azure Portal.
  2. In the left-navigation menu, click All services.
  3. Locate and click App registrations in the menu.
  4. On the App registrations page, click New application registration to open the Create form.
  5. Enter the name of the application (Example: Integration Points AD Provider)
  6. Select http://localhost as the Sign-on URL.
  7. Select Application Type as the Web App/API.
  8. Click Create.
      Notes: When an app is created so is a secret. This is the only time when this secret is visible and accessible. Save it for future use in AAD Provider.

  9. Click Settings to open a right-navigation menu.
  10. Click Required Permissions.
  11. Click Add.
  12. Click 1. Select an API.
  13. Click Microsoft Graph.
  14. Click Select.
  15. Select the following options from the Application Permissions section:
    1. Read all users' full profiles.
    2. Read directory data.
    3. (Optional) Read all groups.
        Notes: Note: This permission is required if Filter by Group functionality is used.
  16. Click Select.
  17. Click Done.
  18. In the Settings menu, click Required permissions.
  19. Click the Permissions tab.
  20. Click Grant admin consent for TENANT.
  21. In the pop-up window, click Accept.

Finding Azure credentials

If an application is already created and you need to find the application information to complete the Source Connection step, follow the steps below:

In Azure AD,

  1. Click Admin.
  2. In the left-navigation menu, click Admin Center icon.
  3. Click Azure Active Directory.
  4. In the left-navigation menu, click Enterprise applications.
  5. In the list of applications, locate the application by filtering or sorting.
  6. In the application, click Properties.
  7. Copy the Application ID.

Removing application access

Removing access to an application can be done outside of Relativity in Azure AD. To remove access, you need to log into Azure AD. Locate and open the application. In the application, click Delete.