Skip to main content

Apps - Identity Management - Azure AD

Hiro
Updated

Overview 

This guide provides an overview of the Azure Identity Management app that facilitates connectivity between Nuclei Capture and Azure Active Directory. Azure AD connectivity enhances Nuclei Capture with the following additional capabilities: 

  • Selective Capture (based on AD group membership) 
  • Selective Archiving (based on AD group membership) 
  • Extended Metadata Tagging (with AD user metadata) 

 

Prerequisites 

The following prerequisites are required to enable successful deployment of the app:  

  • Azure Active Directory (cloud, or hybrid environment) 
  • Azure administrator rights with correct role assignments 

 

Quick Guide

Getting Setup

  1. Login to the Microsoft Azure Portal
  2. Navigate to "Azure Active Directory"
  3. Select "App registrations"

Create a new App Registration

  1. Select "New registration"
  2. Configure app 
    1. Name: "Azure AD for Nuclei Firehose"
    2. Supported Account Types: "Accounts in any organizational directory"
    3. Select "Register"
  3. Copy the "Application (client) ID" and the "Directory (tenant) ID"

Create Client Secret

  1. Select "Certificates & secrets", and then select "New client secret"
    1. Description: "Azure AD for Nuclei Firehose"
    2. Expires: "24 months"
  2. Copy the "Value" of the new Client secret 

Configure API permissions 

  1. Select "API permissions", and then select "Add a permission"
    1. Select "Microsoft Graph"
    2. Select "Application Permissions
    3. Add the following app permissions below "Select permissions":
      1. Users: User.Read.All
      2. Groups: Group.Read.All
      3. GroupMember: GroupMember.Read.All
    4. Select "Add permissions"
    5. Select "Grant admin consent", and then select "Yes".

Submit Information to Nuclei

  1. Navigate to https://support.nuclei.ai/hc
  2. Select "Submit a request"
  3. Select: "Provisioning (Azure Identity Management)"
  4. Complete all fields
    1. Application (client) ID (mandatory)
    2. Directory (tenant) ID (mandatory)
    3. Client Secret Value (mandatory)
  5. Select "Submit"

 

More Information

For support deploying Azure AD for Nuclei into your Azure environment, please contact Nuclei's support team at support@nuclei.ai

Related articles

Comments

0 comments

Please sign in to leave a comment.