Integrating Azure AD for Importing Custodians

To import custodians into Relativity, you also need the following applications to be installed in your workspace:

  • Integration Points
  • Integration Points AAD provider
  • Relativity Legal Hold
  • At least one Integration Points agent configured.

For more information, see Importing hold data to Relativity Legal Hold.

Registering an Azure application and credentials

Integrating Azure AD for Importing Custodians requires a reference to a dedicated Azure application that has the appropriate permission. This needs to be done on the client side by an Azure user with sufficient rights.

Register the Relativity application to gain access to Microsoft Azure AD. Access to Azure AD gives Relativity the ability to complete multiple tasks.

Start registering your app by following the steps below:

Note: The application registration process needs to be done by an Azure Administrator with sufficient privileges.

  1. Open your Azure Portal.
  2. In the left-navigation menu, click App registrations.
  3. Click New Registration.
    This will open the Register an application page.
  4. Enter an application name in the Name field.
  5. Select Accounts in this organizational directory only as the supported account type.
  6. Click Register.

For more information on registering an application in Azure, see Microsoft's documentation or How to authenticate an EWS application by using OAuth..

Creating a client secret

A client secret from Microsoft Azure AD is needed to integrate Microsoft and Relativity.

To create a client secret:

  1. In the left-navigation menu, click Certificates & secrets.

  2. Navigate to the Client secrets tab.

  3. Click the New Client Secret button.

    Note: Do not navigate away from the page once the client secret is created.

  4. Populate the Description and Expires fields. You can leave the default, or recommended, values.

  5. Click the Add button.
    If the client secret was successfully created, you will see the Client Secret displayed on the table and the Value field should be displayed in plain text.

  6. Copy the Value field and store it safely.

If you leave the page and comeback to get the value the Value field will be masked and you will not be able to copy it

You can repeat steps 4-5 to generate a new client secret.

Adding permissions

The permissions of the Azure application you registered needs to be updated for the AAD provider.

To update the permissions:

  1. In the left navigation menu, click the API permissions link.

  2. Click Add a Permission.

  3. In the side menu, select Microsoft Graph.

  4. Select Application Permissions.

  5. Add the following permissions:

    • Directory - Read.All

    • Group - Read.All

    • User - Read.All

  6. Click Add permissions.

    Clicking this button returns you to the API permissions page.

  7. Click Grant Admin consent for Relativity.

  8. In the confirmation window, click Yes.

AAD Provider setup and run

For more information, see Importing from Microsoft Entra ID.

Note: This part is not needed for the setup, but is recommended to ensure that the entities match the information that is in Azure Active Directory.