# Microsoft Entra (Azure AD) Integration ## **OVERVIEW** **Azure Active Directory integration** allows users to log in to [Oobeya](https://oobeya.io/) with their AD credentials. When a user logs in to Oobeya via Azure AD connection, the account of the user is created on Oobeya with the **least privilege**. Then you need to define the required permissions for the users. You can also **import users from Azure AD**. [*See the documentation*](https://docs.oobeya.io/administration/user-management-single-sign-on-auth-settings/importing-a-new-user-from-ldap-ad) for detailed information. You can deactivate user accounts that you do not want to log in to the Oobeya. Click [here ](https://docs.oobeya.io/administration/user-management-single-sign-on-auth-settings/deactivating-a-user)to learn how to deactivate a user account. ## 1. CREATING THE OOBEYA APPLICATION IN AZURE AD 1. Open the directory page, select the "**App Registration**" in the sidebar (left) and then click "**New Registration**". ![](https://firebasestorage.googleapis.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MGIlBSTjQtZxUoFwUx4%2Fuploads%2FqDmOkIUM37rsXrKXt3Uh%2Ffile.png?alt=media) 2\. Fill in the required areas and click to "**Register**" button. ![Inserting image...](https://firebasestorage.googleapis.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MGIlBSTjQtZxUoFwUx4%2Fuploads%2FdZnDEhS5wOH5h6uCVuri%2Ffile.png?alt=media) 3\. Click on the details of the registration you have just created, and then note the "**Tenant ID**" and "**Client ID**" to use in Oobeya later. ![](https://firebasestorage.googleapis.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MGIlBSTjQtZxUoFwUx4%2Fuploads%2FcjlgHZCTNLezAt8p7We2%2Ffile.png?alt=media) 4\. Now, click on the "**Certificates & Secrets**" in the sidebar, and then click the "**New Client Secret**" button. You will use "**Value**" as the third parameter in Oobeya (**Client Secret**). ![](https://firebasestorage.googleapis.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MGIlBSTjQtZxUoFwUx4%2Fuploads%2FEyOa1IdTdsZDZZKhk1eV%2Ffile.png?alt=media) 5\. Check and configure the **API permission:** ![](https://firebasestorage.googleapis.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MGIlBSTjQtZxUoFwUx4%2Fuploads%2Fb8oMZrGBPrHd11aVds3X%2Ffile.png?alt=media) ## 2. CONFIGURING AZURE AD ON OOBEYA 1. Everything is ready. Now, open the Oobeya and then click the **Administration** in the sidebar as in the following: ![](https://firebasestorage.googleapis.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MGIlBSTjQtZxUoFwUx4%2Fuploads%2FwjbbvAnuBDqVAGEBYbay%2Ffile.png?alt=media) 2\. Click the "**Go to Admin Settings**" button. ![](https://firebasestorage.googleapis.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MGIlBSTjQtZxUoFwUx4%2Fuploads%2F2NNyPx0Hya8DwrnwLKO0%2Ffile.png?alt=media) 3\. In the "**General settings**" click the "**Azure AD Settings**" tab, enable the configuration by turning the switch on, fill in the required areas and then click the "**Save**" button. ![](https://firebasestorage.googleapis.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MGIlBSTjQtZxUoFwUx4%2Fuploads%2FkeNcCp8wFjw7a13PyXZw%2Ffile.png?alt=media) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.oobeya.io/administration/user-management-single-sign-on-auth-settings/azure-ad-integration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.