Help Document

Manual Microsoft 365 tenant configuration

  1. Sign in to the Azure AD portal using the credentials of a Global Administrator account.
  2. Select Azure Active Directory from the left pane.
  3. Select App registrations.
  4. Click New registration.
  5. Provide a Name for the Log360 cloud application to be created.
  6. Select a supported account type based on your organizational needs.
  7. Leave Redirect URI (optional) blank; you will configure it in the next few steps.
  8. Click Register to complete the initial app registration.
  9. You will now see the Overview page of the registered application.
  10. Click Add a Redirect URI.
  11. Click Add a platform under Platform configurations.
  12. In the Configure platforms pop-up, click Web under Web applications.
  13. In the Redirect URI field, enter
    http://<log360cloud-url>/webclient/VerifyUser
    For example, https://log360cloud.manageengine.com/webclient/VerifyUser
  14. You can leave the Logout URL and Implicit grant fields empty. Click Configure.
  15. On the Authentication page, under Redirect URIs, click Add URI.
  16. Enter http:///webclient/GrantAccess as the Redirect URI For example, https://log360cloud.manageengine.com/webclient/GrantAccess
  17. Similarly using Add URI option add,
    http://<log360cloud-url>/AADAuthCode.do
    http://<log360cloud-url>/AADAppGrantSuccess.do
    For example,
    https://log360cloud.manageengine.com/AADAuthCode.do
    https://log360cloud.manageengine.com/AADAppGrantSuccess.do
  18. Again click Add URI to add the below REDIRECT URIs in the subsequent rows.
    https://identitymanager.manageengine.com/api/public/v1/oauth/redirect
  19. Manual Microsoft 365 tenant configuration

  20. Click Save.
  21. Click Manifest from the left pane.
  22. Look for requiredResourceAccess array in the code.
  23. Copy the entire contents from this file and paste them into the section highlighted in the image below. If you want to modify the permissions to be provided, skip this step and follow the steps mentioned in this section.
  24. Note: Application scopes mentioned in the file

    Microsoft Graph scopes

    Directory.ReadWrite.All
    AuditLog.Read.All
    ActivityFeed.ReadDlp
    ActivityFeed.Read
    ServiceHealth.Read
    Domain.ReadWrite.All

    To know more about minimum scopes, click here.

    Manual Microsoft 365 tenant configuration

    Note: Copy-paste content only from the open square bracket to the closed square bracket. Ensure that all punctuation marks are retained correctly. Once you have pasted the file, it should look like the image below.

    Manual Microsoft 365 tenant configuration

  25. Click Save.
  26. Click API permissions from the left pane.
  27. In the Configured permissions section, click ✓ Grant admin consent for <your_company_name>.
  28. Click Yes in the pop-up that appears.
  29. Click Certificates & secrets from the left pane.
  30. Under the Client secrets section, click New client secret.
  31. This section generates an app password for Log360 Cloud. In the Description field of the pop-up, provide a name to identify the app to which the password belongs.
  32. Choose when the password should expire.
  33. Click Add.
  34. Copy the string under Value and save it. This is the Application Secret, which you will require later.
  35. Manual Microsoft 365 tenant configuration

  36. Now go to the Overview section in the left pane.
  37. Copy the Application (client) ID and Object ID values and save them. You will need these values to configure your tenant in the Log360 Cloud portal.
  38. Manual Microsoft 365 tenant configuration

  39. Refer to this table to learn about the roles that must be assigned to the application.

Steps to configure an Azure application in Log360 Cloud

  1. Return to the Log360 Cloud console where you have the following screen.
  2. Manual Microsoft 365 tenant configuration

  3. Select the Cloud Type as Microsoft 365, and enter your Tenant Name, for example, test.onmicrosoft.com.
  4. Paste the Application ID and Application Object ID values copied in Step 34 into the respective fields.
  5. For the Application Secret, paste the value copied in Step 32.
  6. Click Save.