Azure Integration

2 min. readlast update: 02.22.2024
Note: This integration requires the use of ThreatLocker Agent Version 8.0 or above.

How to Configure the Azure Integration

This includes the breakdown of permissions required to set up the Azure Integration.

To begin, navigate to the ThreatLocker portal.

From the left-hand navigation menu, click ‘Integrations’ and select 'Azure' from the integrations dropdown menu.

Enter a valid Tenant ID from your Azure Directory and click ‘Open Consent Screen’.

Note: This next step requires a Microsoft administrator account.

Login as an administrator and accept the permissions requested.

If done correctly, the Admin Consent will now state ‘Granted’. You will now have the ability to edit the 'Group Configuration' section.

Select the 'Jedi Knights' and 'Standard Users' from the drop-down menu.

Once you have your Azure groups added, click ‘Save’.

A notification will pop up to confirm you have successfully saved the Azure integration and you will see the Azure Integration listed on your Integrations page.

 

How to Apply the Azure Integration to Your Policies

To begin, navigate to the ThreatLocker portal, expand the Application Control menu on the left hand side, and click ‘Application Policies’. Click on the '+ New Policy' button.

Add a new application policy or edit an existing policy. In the popup window, scroll down to the 'Applies To’ section and select the Azure group(s) this policy should apply to from the drop-down menu, and click ‘+’. 

Please note: It is recommended to select the group name from the drop-down menu to avoid any type-os. The Azure group name must match exactly.

Click ‘Create’.

The final step is to select 'Deploy Policies' at the top right of the portal.

You have successfully integrated your Azure AD with ThreatLocker along with establishing a policy to target specific Azure Groups. 

Note: Our enterprise application used for the integration requires specific pieces of information from the Azure groups and their members in order to function properly. The permissions required for this integration are necessary. ThreatLocker will not read any information other than what is truly required and will not be writing any data. 

 

Was this article helpful?