This tutorial explains how to synchronize an Azure AD with Sophos Central so that it can work with users or groups.
Microsoft Azure Active Directory (Azure AD) is a cloud-based identity and access management solution from Microsoft.
It provides organizations with a platform to manage user identities and access permissions for various resources, including cloud applications, on-premises applications, and networks.
Azure AD provides comprehensive security features such as single sign-on (SSO), two-factor authentication (2FA), and risk checks to help organizations improve IT security and meet compliance requirements. It is integrated with the Azure cloud platform and provides a set of tools and features to manage user identities and access permissions for organizations of all sizes.
There is already a tutorial in the Sophos KB that explains this procedure, but a few more steps or high resolution screenshots will help if you are doing this for the first time. Sophos KB: Set up directory service
First you log in to Sophos Central and go to the Global Settings > Directory service.
You now log in to the Azure Portal.
After that, you add a new Enterprise Application.
After adding this enterprise application, register the application and add appropriate API permissions. Sophos Central requires the following permissions to read the users and groups. Microsoft Graph API permissions.
Select Delegated permissions and add the following entries…:
- profile (profile is in the openID set of permissions)
Select Application permissions and add the following entries:
After everything is set up on Azure, you can add the connection on Central page by adding the client ID, client secret, domain and expiration date of the secret and have the data verified.