What You'll Need
- Global Administrator or Application Administrator role in Microsoft Entra ID
- A Microsoft 365 E5 or Defender for Office 365 P1/P2 license
- ~5 minutes to complete setup
- Your Clariti account with adapter management permissions
Get Your Credentials
If you have already set up the Microsoft Entra ID adapter, you can reuse the same app registration — just add the additional API permissions listed below and re-grant admin consent. See the Microsoft Entra ID guide for the full app registration walkthrough.
In the Azure portal, go to App registrations and select your Clariti app. Under API permissions > Add a permission > Microsoft Graph, add this Application permission:
ThreatAssessment.Read.All
Click Grant admin consent for your tenant. Copy the Application (client) ID, Directory (tenant) ID, and a valid Client secret value.
Enter Credentials in Clariti
| Value from vendor console | Paste into Clariti field |
|---|---|
Directory (tenant) ID | Tenant / Directory ID |
Application (client) ID | Client ID |
Client secret value | Client Secret |
Verify Connection
Click Test Connection in Clariti. A successful connection returns a green checkmark. The first data sync typically completes within a few minutes.
Troubleshooting
- 401 Unauthorized — The client secret may have expired. Generate a new secret in Azure and update it in Clariti.
- 403 Forbidden — Ensure admin consent was granted for ThreatAssessment.Read.All and that a Defender for Office 365 license is active.
- Timeout — Threat assessment data volumes can be large in active tenants. Clariti retries automatically.