# Azure Services

## Connection Requirements

{% stepper %}
{% step %}

### Login URL

Url Address:

> 🔵 **Default:**\
> login.microsoftonline.com
> {% endstep %}

{% step %}

### Tenant ID

Follow these steps to retrieve the ID for an Azure AD tenant in the Azure portal.

* Sign in to the Azure portal.
* Confirm that you are signed into the tenant for which you want to retrieve the ID. If not, switch directories so that you're working in the right tenant.
* Under the Azure services heading, select Azure Active Directory.
* Find the Tenant ID in the Basic information section of the Overview screen.
* Copy the Tenant ID.
  {% endstep %}

{% step %}

### Client ID

* Login into your azure account.
* Select azure active directory in the left sidebar.
* Click Enterprise applications.
* Click All applications.
* Select the application which you have created.
* Click Properties.
* Copy the Application ID.
  {% endstep %}

{% step %}

### Client Secret

* Navigate to your app registration in the Azure portal.
* Select the Certificates & secrets setting.
* Under Client secrets, click New client secret to create a new secret.
* Provide a description for the secret, and choose the desired expiration interval.
* Immediately copy the value of the new secret to a secure location. The full value is displayed to you only once.
  {% endstep %}

{% step %}

### Subscription ID

Follow these steps to get the identity of a subscription in the Azure portal.

* Sign in to the Azure portal.
* Under the Azure services heading, select Subscriptions.
* Find the Subscription ID for the subscription shown in the second column.
* Copy the Subscription ID.
  {% endstep %}

{% step %}

### Proxy

Proxy url. (optional)
{% endstep %}

{% step %}

### Is Secure?

Enable this option if the connection will be established over HTTPS.
{% endstep %}
{% endstepper %}

{% hint style="warning" %}
⚠️ **Permissions**\
In order to successfully connect to Microsoft Azure Services, the user that you created must be granted the following API permissions (resource paths):

* `/Microsoft.Compute/virtualMachines`
* `/Microsoft.DesktopVirtualization/applicationGroups`
* `/Microsoft.Storage/storageAccounts`
* `/Microsoft.Network/loadBalancers`
* `/Microsoft.Network/azureFirewalls`
* `/Microsoft.Network/networkSecurityGroups`
* `/Microsoft.Web/containerApps`
* `/Microsoft.ContainerRegistry/registries`
* `/Microsoft.Network/privateDnsZones/{zone}/virtualNetworkLinks`
* `/Microsoft.Network/privateEndpoints`
* `/Microsoft.Network/publicIPAddresses`
* `/Microsoft.ManagedIdentity/userAssignedIdentities`
* `/Microsoft.Web/sites/{site}/functions`
* `/Microsoft.Network/networkWatchers`
* `/Microsoft.Network/virtualNetworks`
* `/resourcegroups`
* `/Microsoft.DBforPostgreSQL/flexibleServers`
* `/Microsoft.KeyVault/vaults/read`
* `/Microsoft.DevCenter/*/read`
* `/Microsoft.Network/privateDnsZones`
* `/Microsoft.Logic/workflows`
  {% endhint %}

{% hint style="warning" %}
⚠️ **Attention**\
Please perform a **connection test** to ensure there is a valid connection to the host.\
When the discovery operation is finalized, you will be able to see the details on the **Assets** page.
{% endhint %}