Docs
Configuration
Discover
How to Configure an Azure Data Source

How to Configure an Azure Data Source

This article provides detailed steps to set up an Azure data source for discovery.

Prerequisites

Azure credentials are required to configure an Azure Data Source.

Before you begin, you must configure an App Registration under Microsoft’s Entra ID service to have a tenant ID, client ID and secret for the Hydden Data Source and Hydden Connection Credentials. The following steps guide you through the necessary steps.

  1. Open your Azure portal and into the search bar at the top, type App registrations.

  2. On the top menu bar, click + for New registration.

  3. Select the scope of the APP - this will also control the scope of the Hydden collector.

  4. On the overview page of the app locate the:

    • Directory (tenant) ID, which is the tenant ID required on the main Data Source configuration page in the Hydden portal.
    • Application (client) ID, which is your client ID needed for the first part of the Hydden Add credential page.

  5. Select Add a certificate or secret.

  6. Click + New client secret.

    • Give it a name and duration.
    • Click add.
    • Copy and save the ‘Secret’ value. Once you move away you will not be able to see this secret value again. This secret value is the second part of the Hydden Add credential page.

  7. Vault your tenant ID, client ID, and a secret.

  8. Verify your permissions settings for the app:

    • Via the left-hand menu, select your application’s API permissions. Your app needs at least the following set of permissions:
       Directory.Read.All                             Application    Read directory data
   Domain.Read.All                                Application    Read domains
   EntitlementManagement.Read.All                 Application    Read all entitlement management resources
   Group.Read.All                                 Application    Read all groups
   GroupMember.Read.All                           Application    Read all group memberships
   IdentityProvider.Read.All                      Application    Read identity providers
   User.Read                                      Delegated      Sign in and read user profile
   UserAuthenticationMethod.Read.All              Application    Read all users' authentication methods

Configure Your Hydden Azure Data Source

  1. Login to your Hydden tenant.
  2. To access the data sources page, navigate to Configuration > Discover and select Data Sources or use the data source URL: https://portal.hydden.com/configuration/datasource.
  3. To add the Azure data source, click + Add Data Source.
  4. From the drop-down, select Azure.
  5. For Name enter an easy-to-identify name for the data source.
  6. For tenant ID use the Azure Tenant ID previously saved/vaulted when setting up the Azure app registration.
  7. You may ignore Preset and Schedule for now.
  8. To the right of Credentials, click +.
    1. The Add credential modal opens and the drop-down selection should show Cloud credential. If not, change it to Cloud credential.
    2. Enter a name for your Azure credential.
    3. Enter the client ID and Secret from your Azure app as previously saved/vaulted.
    4. Click Add.
  9. On the Add Data Source modal, click Add to save the newly created data source.

At this point, you can run a collection from the Data Sources page and shortly after, you will see your Azure users listed on the Identity Posture dashboard, in Global Search and the Search Library.

How to Configure an AWS Data SourceHow to Configure an Okta Data Source