Adding users to CyberHoot’s Power Platform via Azure AD Sync (using Graph API)
If your company uses Microsoft Azure, you can use it as a simple and effective way to manage users within CyberHoot. Follow the steps below:
Step-by-Step Instructions:
1- Upon login, you will find yourself on the Dashboard screen. Click on “Users” or “Admin” then “User-Group-Manager” on the top right of the screen.
2- Click on the “Azure Sync” button.
3- Click on “Azure Settings”.
4- Click on “Enable Azure Sync”.
5- Enter the Azure credentials.
6- Click on Azure Users & Groups, from there you can exclude (1) unlicensed and/or (2) external users from synchronization. (Note: Some companies choose to train unlicensed users as well as external consultants or subcontractors.)
7- You must choose between two options: (1) Sync by users, or (2) Sync by groups.
8. Under the “Action” Column, users show as “Skipped” or “Syncd“. Click either word to switch users between “Skipped” or “Syncd”.
9- Click “Sync Now” to synchronize users manually. Users auto-sync every 4 hours.
10- Click on Close.
High Compliance Tip:
This article explains how to add Employee Managers to their Azure AD profile.
Defining managers for each employee in CyberHoot is very important. Employee managers are Carbon Copied (CC’d) on reminder emails sent to employees. This only happens when an Employee has not completed an assignment by the due date.
Please note: Azure AD Government Community Cloud (GCC) environments must register an Enterprise Application to synchronize users. Those instructions are found here.
This short video shows how to set up Microsoft Azure sync in CyberHoot.
What are the permissions used by CyberHoot to access Azure AD/Entra ID? Does CyberHoot store my password?
Permission Authorization flow:
Step 1- Permission and Consent: Administrator logs into Microsoft and CyberHoot is assigned read-only permissions using the principle of least privilege, assigning the permissions listed below.
Step 2 – Token Acquisition: CyberHoot requests an OAuth 2.0 token from Azure AD. Note that CyberHoot will not know nor store the password used by the admin.
Step 3 – Token Grant: Azure AD validates the request and, if successful, issues an access token. This token encapsulates the permissions granted to CyberHoot.
Step 4 – Accessing Resources with the Token: CyberHoot uses this token to access the information on the table above. This information is used to add users to CyberHoot.
Image Sources: DALL-E – OpenAI
CyberHoot has many resources available to you. Below are links to all of our resources; please check them out and use them whenever you like:
- Blog
- Cybrary (Cyber Library)
- Infographics
- Newsletters
- Press Releases
- Instructional Videos (HowTo) – very helpful for our MSP Multi-tenant administrators!
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.