TABLE OF CONTENTS

Azure ADI

Azure Active Directory Integration (AADI) allows you to synchronize your Active Directory Users and Groups to your Phish Insight account. This feature uses an Azure Application to retrieve and upload the information from your Active Directory securely. You can visit our Data Privacy Policy F.A.Q. article to learn more about how Phish Insight protects your data.


After the integration, you can use the synchronized Users and Groups' information in your phishing simulation and training campaigns.


How does Azure ADI Work?

  1. Register an Azure Application for Phish Insight in your Azure Active Directory.
  2. Enter the Azure Application Config details on the Phish Insight Azure Sync Settings page and save it.
  3. Retrieve your Azure Users and Groups' information and sync it to your Phish Insight account.
  4. View Users and Groups' information in your Phish Insight account.

Things to prepare before using Azure ADI

  1. Azure Active Directory
    Note: We support Single Tenant only.
    • Ensure you have access and adequate permission to sync from your Azure AD.
    • We will only ingest users with an email address in the active directory.
    • We will only ingest groups with the type "Office 365" in the active directory.
  2. Application Registration in Azure
    • Register the Azure Application (create link on the page)
    • Create an Azure Application Secret (create link on the page)
    • Retrieve the following information (create link on the page)
      1. Application (client) ID.
      2. Directory (tenant) ID.
      3. Application (client) secret.


Register Azure Application

  1. Go to the Azure portal and log in.
  2. Search for `App Registration` and click it.

  3. Click  + New registration.
  4. Add Phish Insight as your application name.

  5. Scroll down a little and copy and paste this link https://cloud.phishinsight.trendmicro.com/api/es/azure/token in the Redirect URI.
  6.  Click Register.



Create an Azure Application Secret

  1. In the Azure portal > App registrations page, click the Phish Insight application you just created.
  2. On the side menu, click Certificates & secrets.
  3. Click + New Client Secret.

  4. Add Phish Insight Secret as your client secret description.

  5. Click Add.

  6. Copy the Phish Insight Secret Value right away and save it for later use. This will serve as your Application (client) secret.
    Note: The Azure portal will only let you see the secret value once.

 

Retrieve Azure AD Information

  1. In the Azure portal > App registrations > Phish Insight page, click Overview.
    Here you can retrieve the Application (client) ID and Directory (tenant) ID.


Synchronizing your Azure Active Directory (AD)

  1. Log in to your Phish Insight account then click Settings > AD Synchronization
     
  2.  Click Azure AD.

  3. Click Set active user & group data source.

  4. Fill out the Azure AD Information that you prepared earlier.
  5. Click Save.


  6. Click Sync.

    After clicking sync, the page will redirect you to Microsoft's permission request page. You need to allow Read all groups, Read all users' full profiles and Maintain access to data you have given it access to permission so Phish Insight can retrieve your Azure AD Users and Groups. You can visit our Data Privacy Policy F.A.Q. article to learn more about how Phish Insight protects your data.


    Expand the permissions to see corresponding details:


    After giving Phish Insight permission, you will re redirected to Azure AD page where you can see the sync status.

    Azure Sync Information

    1. Status
      • PENDING - Azure sync job is queued
      • STARTED - Azure sync job has started
      • RETRIEVING - Azure sync job is retrieving AD information from Azure
      • PROCESSING - Azure sync job is parsing the AD information
      • SAVING - Azure sync job is uploading the AD information to the Phish Insight database
      • COMPLETED - Azure sync job is now completed
      • CANCELED - Azure sync is canceled after you schedule a new Azure sync job
      • FAILED - Azure sync job cannot continue
    2. Sync ID - Unique identifier of the Azure sync job
    3. Last sync date - Date of last Azure sync job with a Completed status.

Note: Please contact the Phish Insight team if your sync has failed.


Additional things to know about the Azure Sync 

  1. Azure sync does not support automatic regular sync yet but you can still update your Azure AD information manually by doing the step below:
    1. Click Sync.