HowTo: How to Add Users via Azure Sync (Entra ID)

Add Azure Users

Adding users to CyberHoot’s Power Platform via Azure AD/ Entra ID Sync (using Graph API)

If your company uses Microsoft Azure / Entra ID, you can use it as a simple and effective way to manage users within CyberHoot. Follow the steps below:

Step-by-Step Instructions:

1- Upon login, you will find yourself on the Dashboard screen. Click on “Users” or “Admin” then “User-Group-Manager” on the top right of the screen.

2- Click on the “Entra ID Sync” button.

3- Click on “Grant Entra ID Access”.

4- Click on  either “Public Cloud Access” if entering a regular business account or “Government Cloud Access” if your environment is hosted on the Gov cloud.

5- Enter the Entra ID credentials.

6- Click on Next.

7- This will put you on Entra ID Users & Groups, from there you can exclude unlicensed and/or external users from synchronization.  (Note: Some companies choose to train unlicensed users as well as external consultants or subcontractors.)

8- You must choose between two options:  (1) Sync by users, or  (2) Sync by groups.

9- Under the “Action” Column, users show as “Skipped” or “Syncd“. Click either word to switch users between “Skipped” or “Syncd”.

9- Click “Sync Now” to synchronize users manually.  Users auto-sync every 4 hours.

10- Click on Close and click on Back

High Compliance Tip:

This article explains how to add Employee Managers to their Azure AD profile.

Defining managers for each employee in CyberHoot is very important.  Employee managers are Carbon Copied (CC’d) on reminder emails sent to employees.  This only happens when an Employee has not completed an assignment by the due date.

Please note: Azure AD Government Community Cloud (GCC) environments must register an Enterprise Application to synchronize users.  Those instructions are found here. 

This short video shows how to set up Microsoft Azure sync in CyberHoot.

What are the permissions used by CyberHoot to access Azure AD/Entra ID? Does CyberHoot store my password?

Permission Authorization flow:

 Step 1- Permission and Consent: Administrator logs into Microsoft and CyberHoot is assigned read-only permissions using the principle of least privilege, assigning the permissions listed below.

Step 2 – Token Acquisition: CyberHoot requests an OAuth 2.0 token from Azure AD / Entra ID. Note that CyberHoot will not know nor store the password used by the admin.

Step 3 – Token Grant: Azure AD / Entra ID validates the request and, if successful, issues an access token. This token encapsulates the permissions granted to CyberHoot.

Step 4 – Accessing Resources with the Token: CyberHoot uses this token to access the information on the table above. This information is used to add users to CyberHoot.

Image Sources: DALL-E – OpenAI

CyberHoot has many resources available to you. Below are links to all of our resources;  please check them out and use them whenever you like: 

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.

Secure your business with CyberHoot Today!!!

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.