IDR Integration Guide

Once Taegis™ IDR has been enabled for your tenant, select Identity from the Taegis Menu to begin configuring your integration with Microsoft Entra ID.

Set Up Overview

The setup process uses the Sophos Master Application in Azure to automatically create the required application and grant the necessary permissions within your Azure tenant.

Important

A Taegis user with the Tenant Administrator role is required to perform this set up. IDR requires Microsoft Entra ID P1 or P2.

Set up the Microsoft Entra ID Integration

1. From the Taegis Menu, go to Identity.

2. Click Set Up on the Microsoft Entra ID card.

   

   Click Set Up

3. Enter a name for the integration and click Next.

   

   Name the Integration

4. Click Authorize to be redirected to Microsoft's identity provider.

   

   Click Authorize

5. When prompted, sign in with a user account that lets you grant organization-wide consent for integration with the Entra ID tenant. Then approve the listed permissions to give IDR access to Entra ID. For more information, see the Microsoft documentation.

6. When setup is complete, click Close.

Retry Integration Authorization

If the Admin Consent process fails with an error that states the applications weren’t found, Microsoft replication delays usually cause the issue. Use the following steps to complete the setup:

1. Wait 15–30 minutes for the service principals to replicate across Microsoft’s infrastructure. You can continue working on other tasks while you wait.

2. Go to Identity > Settings.

3. Click the Ellipsis icon in the Actions column and select Grant Admin Consent, which redirects you to Microsoft’s identity provider to complete authorization.

   

   Click Grant Admin Consent

4. When prompted, sign in with an account that can grant organization-wide consent for the Entra ID tenant. Approve the listed permissions to grant IDR access to Entra ID. For more information, see the Microsoft documentation.

5. After you grant consent, click the Refresh icon to re-provision the integrations.

   

   Reprovision Integration

Tip

Provisioning retries automatically for up to 60 minutes. Click Refresh only if more than 60 minutes have passed since you started the integration.

Set Up Automations

If you would like to use response actions with IDR, you can configure the necessary actions, playbooks, and connectors.

• Knowledge Base Article: How To: Setting Up IDR Automation Playbooks
• Knowledge Base Article: How To: Configure Entra ID Force Password Reset Automation

Note

If you have previously configured Azure AD or Entra ID connectors and playbooks, you do not need to do this step again. Automation playbooks are available across the platform once configured.