Integrating Microsoft Defender requires the following Microsoft Entra ID information:
-
Tenant ID: The existing Directory ID for the Entra customer.
-
Application ID: A configured application Client ID for the Entra customer.
-
Client Secret: A configured authentication for content sharing between OneSite Patch and Entra.
To integrate Microsoft Defender with OneSite Patch, begin with registering an application with Microsoft Entra ID and creating a service principle.
-
Sign in to your entra.microsoft.com account as an administrator.
-
Browse to , and then select .
-
Enter the following details into the form:
-
Enter a Name that identifies the Adaptiva integration.
-
Select Accounts in this organization directory only under .
-
Skip both Redirect URI and Service Tree ID. If you must enter something for the Redirect URI, select .
-
-
Select to create the application.
After creating the new Entra application, use the following steps to add the Vulnerability.Read.All permission from Add registrations. Make sure you are logged in as an administrator.
-
Access the API Permissions workspace from the App registrations page:
-
Select the Name of the newly created application on the App registrations page. This opens the application and a new list of menu options.
-
Select on the left navigation menu, and then select Add a Permission.
This opens the Request API Permissions workspace.
-
-
Select APIs my organization uses, and then locate WindowsDefenderATP in the list.
-
Select , and then select Application permissions.
-
Scroll down to and expand , and then select Vulnerability Read All.
-
Select . If prompted, follow the required steps to provide administrator consent to make the change.
-
Create a Client Secret ID for the application.
After creating an application and adding permissions, use the following steps to create a shared secret ID. The secret ID enables authentication between OneSite Patch and Defender for the application you created.
-
Select on the Manage menu for the open application.
-
Select Client secrets.
-
Select + New client secret. This opens the Add a client secret dialog:
-
Enter a Description of the secret.
-
Select an Expires timeline.
-
Select Add to save your changes and return to the Certificates & secrets workspace.
-
-
Copy and save the Value and Secret ID information.
Important
The system does not save this information when you leave this window. Be sure to record these numbers and save them to an accessible location for later use.
-
Gather the integration details you have created.
-
Sign in to your entra.microsoft.com account as an administrator.
-
From the Home page, navigate to Applications > App Registrations, and then open the application you created for integration.
-
Select Overview on the left navigation of the application workspace, and then expand the Essentials section.
-
Record the following identification information:
-
Client ID
-
Tenant ID (Directory (tenant) ID)
-
Secret ID
-
-
Complete the integration with Adaptiva OneSite Patch.
-
Select Windows Defender Endpoint on the left navigation menu of the OneSite Patch dashboard.
This opens the Defender Access Settings workspace.
-
Enter the ID information gathered from Microsoft Entra, and then click Save on the upper left.
View, create, or modify Administrators and Roles, enable OIDC or SAML providers, and assign permissions to Roles. Changes made here affect all licensed OneSite products. How to assign Class Permissions to a role is coming soon.
You can view your list of Defender users and their assigned roles.
-
Select
on the upper-right of the Admin Portal dashboard.
-
Open the Settings page with the Administrators tab selected to manage accounts, roles, OIDC Providers, SAML Providers, and Class Permissions.
-
Select the Roles tab of Security Settings.
-
Select the Roles tab of Access Security Settings to view the list of roles.
Comments
0 comments
Article is closed for comments.