.png?fit=max&auto=format&n=tsMQJyneJ1xquFUo&q=85&s=4d401cc03b547d99b6f75a6bd170c334){kind=spacer}
Documentation Index
Fetch the complete documentation index at: https://help.dsalta.com/llms.txt
Use this file to discover all available pages before exploring further.
Overview
Microsoft Entra ID (formerly Azure Active Directory) is Microsoft’s cloud-based identity and access management service. It provides single sign-on, multi-factor authentication, and conditional access to thousands of cloud SaaS applications.Read-only access. DSALTA never modifies, creates, or deletes resources in your Microsoft Entra ID environment. All API access is strictly read-only.
Integration Details
| Property | Value |
|---|---|
| Category | Identity Provider |
| Data Library Modules | Access, People |
| Authentication | OAuth 2.0 — requires Global Administrator or Privileged Role Administrator |
| Sync Frequency | Every 24 hours (manual sync available) |
| Permissions | Read-only |
What Data DSALTA Collects
When you connect Microsoft Entra ID, DSALTA automatically collects the following data on every sync cycle:- User accounts and email addresses
- MFA registration status
- Role and group assignments
- Account status and last sign-in dates
- Conditional access policy status
Key Use Cases
- Verify MFA is enforced for all users
- Detect unauthorized access to critical systems
- Monitor offboarded employee access revocation
How to Connect
Navigate to Integrations
Go to Settings → Integrations in your DSALTA dashboard and find Microsoft Entra ID in the catalog.
Authenticate
Follow the on-screen instructions to authenticate with your Microsoft Entra ID account. Admin-level access is required for the initial setup.
Configure Scope
Select which accounts, projects, or resources DSALTA should monitor. You can adjust this later from the integration settings.
Automated Compliance Tests
When you connect Microsoft Entra ID, DSALTA automatically generates the following compliance tests. Each test runs every 24 hours and produces pass/fail evidence for your auditor.| Test | Description |
|---|---|
| MFA should be enabled for all users | Checks that MFA is enabled for all Microsoft Entra ID users. |
| User access to Critical System should be valid | Checks that users with access to critical systems are authorized in Microsoft Entra ID. |
| Offboarded users should not have active access | Checks that offboarded users no longer have active Microsoft Entra ID access. |
Tests run automatically every 24 hours. Failed tests generate alerts and appear in your compliance dashboard with remediation guidance. All test results are stored as audit evidence with timestamps.
Compliance Frameworks
This integration provides evidence for the following compliance frameworks:SOC 2
Access controls, monitoring, and change management evidence.
ISO 27001
Asset management, access control, and operations security evidence.
GDPR
Access records and data processing evidence.
Troubleshooting
Integration shows Disconnected
Integration shows Disconnected
Re-authenticate by going to Settings → Integrations → Microsoft Entra ID and clicking Reconnect. This usually happens when API tokens expire or permissions change.
Data is not syncing
Data is not syncing
Verify that the connected account still has the required admin permissions. Try a manual sync from the integration settings page. If the issue persists, check your Microsoft Entra ID API rate limits.
Tests are not generating
Tests are not generating
Tests generate after the first successful data sync. If sync completed but tests are missing, ensure the relevant features are configured in Microsoft Entra ID (e.g., GuardDuty must be enabled in AWS for GuardDuty tests to appear).
Some users are missing from the sync
Some users are missing from the sync
DSALTA syncs all users visible to the connected admin account. If users are missing, verify they are within the scope you configured during setup. Suspended or deleted accounts may not appear.