Integrating Azure AD for Importing Custodians

To import custodians into Relativity, you also need the following applications to be installed in your workspace:

  • Integration Points
  • Integration Points AAD provider
  • Relativity Legal Hold
  • At least one Integration Points agent configured.

For more information, see Importing hold data to Relativity Legal Hold.

Registering an Azure application and credentials

Integrating Azure AD for Importing Custodians requires a reference to a dedicated Azure application that has the appropriate permission. This needs to be done on the client side by an Azure user with sufficient rights.

Register the Relativity application to gain access to Microsoft Azure AD. Access to Azure AD gives Relativity the ability to complete multiple tasks.

Start registering your app by following the steps below:

Note: This needs to be done on the client side by an Azure user with sufficient rights.

  1. Open your Azure Portal.
  2. Click More Services.
  3. Search for and select Azure Active Directory.
  4. In the left-navigation menu, click App registrations.
  5. Click New Registration.
    This will open the Register an application page.
  6. Enter an application name in the Name field.
  7. Select Accounts in this organizational directory only as the supported account type.

  8. Enter the redirect URL, http://localhost/, as the sign-on URL.

  9. Click Register.

For more information on registering an application in Azure, see Microsoft's documentation.

Creating a client secret

A client secret from Microsoft Azure AD is needed to integrate Microsoft and Relativity.

To create a client secret:

  1. In the left-navigation menu, click Certificates & secrets.

  2. Navigate to the Client secrets tab.

  3. Click the New Client Secret button.

    Note: Do not navigate away from the page once the client secret is created.

  4. Populate the Description and Expires fields. You can leave the default, or recommended, values.

  5. Click the Add button.
    If the client secret was successfully created, you will see the Client Secret displayed on the table and the Value field should be displayed in plain text.

  6. Copy the Value field and store it safely.

If you leave the page and comeback to get the value the Value field will be masked and you will not be able to copy it

You can repeat steps 4-5 to generate a new client secret.

Adding permissions

The permissions of the Azure application you registered needs to be updated for the AAD provider.

To update the permissions:

  1. In the left navigation menu, click the API permissions link.

  2. Click Add a Permission.

  3. In the side menu, select Microsoft Graph.

  4. Select Application Permissions.

  5. Add the following permissions:

    • Directory - Read.All

    • Group - Read.All

    • User - Read.All

  6. Click Add permissions.

    Clicking this button returns you to the API permissions page.

  7. Click Grant Admin consent for Relativity.

  8. In the confirmation window, click Yes.

AAD Provider setup and run

For more information, see Importing from Microsoft Entra ID.

Note: This part is not needed for the setup, but is recommended to ensure that the entities match the information that is in Azure Active Directory.