Configure Entra ID basic settings

Set up Entra ID realm authentication to enable the Cloud-Delivered Firewall Management Center to download and periodically update users and groups from Entra ID.

This configuration enables SAML realm authentication for Entra ID (formerly Azure AD) in Secure Firewall Management Center, allowing integration with Microsoft Graph services and audit logging capabilities.

Before you begin

Follow these steps to configure Entra ID basic settings:

Procedure

Step 1

Give your application the Microsoft Graph permission.

Grant your Entra ID application (formerly called Azure AD) the following permissions to Microsoft Graph as discussed in Authorization and the Microsoft Graph Security API on the Microsoft site:

Reader role
User.Read.All permission
Group.Read.All permission

This permission enables the Cloud-Delivered Firewall Management Center to download users and groups from Entra ID the first time.

Required information from this step for setting up the Entra ID realm in the Cloud-Delivered Firewall Management Center:

Name of the app you registered
Application (client) ID
Client secret
Directory (tenant) ID

Step 2

Set up an event hub.

Set up the event hub as discussed in Quickstart: Create an event hub using Azure portal on the Microsoft site. The Cloud-Delivered Firewall Management Center uses the event hub audit log to download periodic updates to users and groups.

More information: Features and terminology in Azure Event Hubs.

Important

You must choose the Standard pricing tier or better. If you choose Basic, the realm cannot be used.

Required information from this step for setting up the Entra ID realm in the Security Cloud Control:

Namespace Name
Connection string—primary key
Event Hub Name
Consumer group Name

Step 3

Enable the audit log.

Enable the audit log as discussed in Tutorial: Stream Azure Active Directory logs to an Azure event hub on the Microsoft site.