> ## Documentation Index
> Fetch the complete documentation index at: https://docs.truu.ai/llms.txt
> Use this file to discover all available pages before exploring further.
# Entra ID Directory
> This guide outlines the necessary configurations to successfully integrate your Microsoft Entra ID directory with the TruU platform. By establishing this connection, your organization can synchronize user data and maintain consistent identity management across both environments.
Before beginning, ensure that you have:
1. Administrative permissions for both the Microsoft Entra admin center and the TruU Admin Console
2. Both portals open in separate browser tabs to facilitate the transfer of credentials.
### Microsoft Entra ID Configuration
1. Navigate to your Microsoft Entra ID admin center and select the **App Registrations** tab under the *Applications* drop down menu
2. Go to **New Registration**
3. Set the user-facing display *TruU* and click **Register** at the bottom when done. Note: This can be changed later.
4. Now, navigate back to the Entra ID Admin page and select **API permissions**
5. Next, select **Add a permission** and choose **Microsoft Graph**
6. Select **Application Permissions**
7. Select Application permissions and grant admin consent for the following specific requirements:
* **Device.Read.All**
* **Group.Read.All**
* **Directory.Read.All**
* **User.Read** (User.Read is enabled by default, as **Delegated** , ensure admin consent is granted. If missing, add with Delegated permission.)
* **User.Read.All**
* **UserAuthenticationMethod.Read.All**
* **Application.Read.All**
* **User.AuthenticationMethod.ReadWrite.All.**\*
Please ensure all Permissions Names, Types, and Status match the following screenshot.
8. Navigate to **Certificates & secrets**, select **New client secret**, and enter "TruU" as the description. Set the expiration to your preference; a 12-month duration is recommended.
9. After adding the secret, immediately copy the entry in the **Value** column and save it. This value is required for the integration in the TruU Admin Console and will not be accessible again once you leave the page.
### TruU Admin Console Configuration
1. In the TruU Admin console, go to *Directory*
2. On the top left, click the blue '+' option to add a directory.
3. Navigate to the drop-down menu and select **Entra ID**.
4. Set a Configuration Name along with the domain name (your Entra ID domain) of the directory that you will be integrating
5. Select if all your users have UPN suffixes that end with the domain name
6. Go back to the Entra ID Admin Center and locate the Application (client) ID and the Directory (tenant) ID on the application's overview page. Copy and paste the:
* Directory(Tenant ID)
* Application Client ID
* Application Client Secret Value (copied and saved from Step 9)
7. Choose True or False to determine if the system should automatically unenroll or remove devices based on user status changes in the directory, then click Save
8. You will be prompted with the following pop-up, which will redirect you to the *Global Attributes* Tab. Select **Go Now**
9. Click on the **Gear icon** on the top right. Select your **Primary User Identifier** (typically "mail") to be used for lookups and diagnostics, then click Save.
10. Navigate to **"Identity Servers"**> **Cluster**. Under Directory Connection, select your directory and Click Save.
**Verification:**
Allow the system 2–3 minutes to run diagnostics. Once the status displays as "Healthy," the integration is complete
[Configure User Source Directory Overview](/docs/configure-user-source-directory-overview)
[Entra ID Configuration Automation](/docs/entra-id-configuration-automation)