How to configure Azure AD with TSAT.

1. To begin, access the Azure Portal using your Azure account by visiting the URL: https://portal.azure.com.
   

1. Next, proceed to "Azure Active Directory" or utilize the search bar to locate "App registrations."
   

1. Click on the "New registration" option to initiate the creation of a new app registration.
   

1. Provide a suitable name for the app and choose "multi-tenant" as the account type. Additionally, specify the Redirect URL for user authentication.
   

1. Once you have named the app, you will be prompted to determine the user group or access permissions for this application or API.
   

1. After configuring the API access for the application, proceed to fill in the Redirect URI section with the URL: https://tsat.threatcop.com/

1. To complete the registration process, click on the "Register" tab located at the bottom left corner of the page.
   

1. Following a successful registration, navigate to the overview section and locate the "Redirect URI's" link.
   

1. Scroll down to the section that says “Single-page application” and paste the following URI https://tsat.threatcop.com/department/groups.

1. Save the changes after adding the redirect URI's to the application.
   

1. After registration, navigate to the API Permissions Section on the sidebar menu on the dashboard.
   

      

1. On the API Permissions page, proceed to select the "Add Permissions" option.
   

1. Following the previous step, a pop-up window will appear, resembling the screenshot below. From the "Microsoft APIs" section, choose "Microsoft Graph."
   

1. Post this you need to select the “Delegated Permissions” as shown below.
   

1. Within the "Select Permissions" section, utilize the search bar to look for "Group.Read.All".
   

1. Once the "Group Read All Permission" is displayed in the search results, please proceed to select it.
   

1. After the above step, navigate to the overview section.
   

1. Copy the Client ID. After doing so, open a new tab and navigate to the following URL: https://tsat.threatcop.com/settings. 
   

1. Alternatively, you have the option to access the settings from the TSAT Dashboard. For clearer guidance, please refer to the image provided below.
   

1. Inside the settings menu, navigate to the Azure Settings and paste the previously copied Client ID (from Step -12).
   

1. Upon pasting the Client ID onto the Azure Settings in the TSAT portal, click on "Save" to apply the changes.
2. To import users from Azure Active Directory into the TSAT dashboard, go to the User and Department section on the dashboard.
   

1. Select "Groups" from the available options.
   

1. Choose "Import with Azure."
   

1. A pop-up will appear, prompting you to Sign Up using Azure. Provide the necessary admin account credentials.
   

1. Upon successful Sign Up, a user list named "azure-directory-users" will be automatically generated on the dashboard.
   

1. In case the user list is not created automatically, you can click on the refresh tab provided, and the list will then be displayed, along with the other groups.
   

• Related Articles

• TSAT User Guide

  TSAT tool is used for various simulations for the purpose of raising awareness among the users. These simulations can be done using various attack vectors such as Phishing ,QR code,Attachment, Ransomware, Smishing, Vishing & Whatsapp Phishing. Here’s ...

• How does AD work in Group ?

  When bringing users from Active Directory (AD) into Threatcop tool, follow these steps: Open the TSAT portal using the link: https://tsat.threatcop.com/. Navigate to "Users & Groups" in the sidebar menu and click on "Groups" in the sub-menu. There ...

• What is the difference between Users And Groups in TSAT ?

  Within the TSAT dashboard, there are several methods available for adding users. This allows us to subsequently execute campaigns targeted towards these users. Below, you will find the available options for adding users within the TSAT dashboard. ...

• How to Integrate Gsuite AD with TSAT

  1. Access the Console by navigating to console.cloud.google.com. 2. Begin by creating a new project. 3. Go to APIs & Services and select OAuth consent screen. 4. Add the necessary domains. 5.Click on save and continue. 6.Scope section will open,click ...

• Whitelist TSAT in Cisco Ironport

  If you’re using Cisco Ironport for spam filtering, you might want to whitelist certain sources to ensure important emails and notifications get through to your end users. This guide will walk you through the process of whitelisting in Cisco Ironport, ...