Help Document

Manual Microsoft 365 tenant configuration

  1. Sign in to the Microsoft Entra admin center using the credentials of a Global Administrator account.
  2. In the left pane, select Identity > Applications.
  3. Select App registrations.
  4. Click New registration.
  5. Provide a Name for the Log360 cloud application to be created.
  6. Select a supported account type based on your organizational needs.
  7. Note: It is recommended to select the "Single Tenant" option.
  8. Leave Redirect URI (optional) blank; you will configure it in the next few steps.
  9. Click Register to complete the initial app registration.
  10. You will now see the Overview page of the registered application.
  11. Click Add a Redirect URI or go to Manage > Authentication
  12. Click Add a platform under Platform configurations.
  13. In the Configure platforms pop-up, click Web under Web applications.
  14. In the Redirect URI field, enter https://identitymanager.manageengine.com/api/public/v1/oauth/redirect
  15. You can leave the Logout URL and Implicit grant fields empty. Click Configure.
  16. Manual Microsoft 365 tenant configuration

  17. Click Manifest from the left pane.
  18. Look for requiredResourceAccess array in the code.
  19. Copy the entire contents from this file and paste them into the section highlighted in the image below. If you want to modify the permissions to be provided, skip this step and follow the steps mentioned in this section.
  20. Note: Application scopes mentioned in the file

    Microsoft Graph scopes:

    Directory.Read.All
    AuditLog.Read.All
    ActivityFeed.ReadDlp
    ActivityFeed.Read
    Domain.Read.All

    To know more about minimum scopes, click here.

    Manual Microsoft 365 tenant configuration

    Note: Copy-paste content only from the open square bracket to the closed square bracket. Ensure that all punctuation marks are retained correctly. Once you have pasted the file, it should look like the image below.

    Manual Microsoft 365 tenant configuration

  21. Click Save.
  22. Click API permissions from the left pane.
  23. In the Configured permissions section, click ✓ Grant admin consent for <your_company_name>.
  24. Click Yes in the pop-up that appears.
  25. Click Certificates & secrets from the left pane.
  26. Under the Client secrets section, click New client secret.
  27. This section generates an app password for Log360 Cloud. In the Description field of the pop-up, provide a name to identify the app to which the password belongs.
  28. Choose when the password should expire.
  29. Click Add.
  30. Copy the string under Value and save it. This is the Application Secret, which you will require later.
  31. Manual Microsoft 365 tenant configuration

  32. Now go to the Overview section in the left pane.
  33. Copy the Application (client) ID and Object ID values and save them. You will need these values to configure your tenant in the Log360 Cloud portal.
  34. Manual Microsoft 365 tenant configuration

  35. Refer to this table to learn about the roles that must be assigned to the application.

Steps to configure an Azure application in Log360 Cloud

  1. Return to the Log360 Cloud console where you have the following screen.
  2. Manual Microsoft 365 tenant configuration

  3. Select the Cloud Type as Microsoft 365, and enter your Tenant Name, for example, test.onmicrosoft.com.
  4. Paste the Application ID and Application Object ID values copied in Step 29 into the respective fields.
  5. For the Application Secret, paste the value copied in Step 27.
  6. Click Save.