Skip to main content

Azure Integration

This guide outlines the step-by-step process to connect your Microsoft Azure environment to ComplyJet.

Upendra Varma avatar
Written by Upendra Varma
Updated over a week ago

Prerequisites

Before starting, ensure the following requirements are met:

Azure Access

You must have Contributor or Owner permissions in your Azure subscription to create app registrations, generate secrets, and assign IAM roles.

Azure Portal Access

You’ll perform the setup using the Azure portal.

Step 1: Enter Azure Subscription ID

ComplyJet needs to know which Azure subscription to monitor.

  • Where to find it:

    Go to Azure Subscriptions, select your subscription, and copy the Subscription ID.

  • Why this is needed:

    This links ComplyJet to the correct Azure resources under your account.

Paste this value into the Azure Subscription ID field in ComplyJet.

Step 2: Register a New Application in Azure

You will now create an application registration to grant ComplyJet secure access to your Azure account.

  1. In the Azure portal, go to App registrations and click New registration.

  2. Enter a name, e.g., ComplyJetIntegrationApp, and click Register.

  3. After registration:

    • Navigate to Certificates & secrets (in the left-side menu).

    • Click New client secret.

    • Add a description and set expiration to 24 months.

    • Click Add.

    • Important: Copy the Value (not Secret ID) and save it. You will not be able to view it again later.

  4. From the Overview tab of the App Registration, copy the following:

    • Application (client) ID

    • Directory (tenant) ID

Paste these values into the ComplyJet setup form.

Step 3: Add API Permissions

To enable ComplyJet to read directory information, grant API permissions to the registered application.

  1. In the App Registration, navigate to API permissions.

  2. Click Add a permission and choose Microsoft Graph.

  3. Select Application permissions.

  4. Use the search bar to find Directory.Read.All, check it, and click Add permissions.

  5. Click Grant admin consent for [Your Directory Name] and confirm.

  • Why this is needed:

    These permissions enable ComplyJet to read user and group data from your Azure AD tenant for access reviews and compliance checks.

Step 4: Store the Client Secret in ComplyJet

  1. Go back to the App Registration’s Certificates & secrets section.

  2. Ensure you've copied the secret value (not the Secret ID) that was created in Step 2.

  3. Paste the client secret into the ComplyJet setup form.

  • Why this is needed:

    The client secret allows ComplyJet’s backend to authenticate with Azure and access the Graph API securely.

Step 5: Assign IAM Role to the Registered App

You will now assign read-only access to the ComplyJet app in your Azure subscription.

  1. Visit the Azure Subscriptions page, select your subscription.

  2. Go to Access control (IAM).

  3. Click Add > Add role assignment.

  4. Select the Reader role.

  5. Under Assign access to, select User, group, or service principal.

  6. Click + Select members, then search for ComplyJetIntegrationApp and select it.

  7. Click Review + assign and confirm the assignment.

  • Why this is needed:

    The Reader role gives ComplyJet read-only access to the subscription, allowing it to monitor resources without making changes.

Completion

Once all values are filled in and permissions are granted, click Connect in the ComplyJet interface. The system will verify your credentials and begin syncing Azure infrastructure data.

You should see data populate in your dashboard shortly after the first sync is complete.

If you encounter any issues during setup, feel free to contact our support team through the in-app chat. We’re here to help.

Related Articles
AWS Integration
GCP Integration
Google Workspace Integration
SWIF Integration
Azure SOC 2-Ready Configuration Guide
Did this answer your question?