How can we help you?

IMPORTANT: Please note that when creating an API connection to Microsoft, you must be prompted for MFA during the connection. If an MFA prompt does not occur please sign out of all Microsoft session and try again. We suggest using a new incognito Google Chrome session for best results as this should prevent cached credential interference.

License Requirements

Our recommendation is to use a minimum of Business Basic or E1 license and a suggested but not required Microsoft Entra ID P1 licensing.  Microsoft Entra ID Premium (P1 or higher) provides more detail for alerts.  Microsoft Entra ID Premium P1 can be added to any subscription as a standalone add-on.  If you want Microsoft Entra ID P1 included in the subscription you must sell Business Premium or E3. Be aware that while one Microsoft Entra ID Premium P1 per tenant works, Microsoft's policy is that every user must have a Microsoft Entra ID Premium P1. 

When connecting a Customer to Microsoft, it's important to note three things:

•  Microsoft licensing requirements.

•  Microsoft requires 2 API connections and two popups to be accepted, the first is for the Entra API and the second is for the MS Graph API

•  Ensure that each organization connection is created with a
   unique local-global admin (that will not be deleted) and not with a master CSP account or a user admin which could later be deleted should that user be terminated.  The account is required to be an "interactive" account and NOT a non-interactive account.

Accepting the API Connection Modal

In order to successfully connect with Microsoft a popup window will display and require acceptance and credentials to confirm. Unfortunately, browsers may block this popup, If this window is blocked the Microsoft Connection will not complete. Please note that after entering credentials it may take up to a minute and a half to complete the process.   

• When clicking the connect button and no popup window is displayed, look to the browser's URL bar on the right for the "popup blocked" message

• Click on the link as shown in the image to launch the popup and accept

• To prevent this issue in the future, select "Always Allow" and "Done"

Additionally when making this connection the GA account in question must be prompted for MFA during this process. If an MFA check does not occur the connection will fail. In this case the next step would be to delete the organization instance (if it does not have any other applications connected) and then logging into SaaS Alerts using an incognito Google Chrome session and try making an new instance of the organization and connecting to Microsoft again.