How do I connect the Adoptech Portal to Microsoft Azure?

Go to https://portal.azure.com/ in your browser, log in as an administrator and then click the icon for Microsoft Entra ID.

From the left-hand side menu, choose App Registrations.

From the top menu, select New registration.

Enter a name for the application. You can choose any name, but we recommend that you call it Adoptech. The supported account type should be set to Single tenant. Then click Register.

Now take a copy of the Application (client) ID and the Directory (tenant) ID. If you hover your pointer over the string, you'll get a Copy to clipboard icon. You will need these strings later to connect the Adoptech Portal to Azure. You should store these in a secure place, such as in your password manager. Then click Certificates and secrets.

Click New client secret. Enter Adoptech in the Description field and choose 730 days (24 months) in the Expires dropdown. Then click Add.

Make a note of the string in the Value field. This is your client secret, and it should be stored in a secure place, such as your password manager.

From the left-hand side menu, choose API permissions. Then click Add a permission. Now click on Microsoft Graph in the right-hand pop-up window.

Then choose Application permissions. In the Select permissions box, enter Directory. Flip down the Directory dropdown and enable the checkbox labelled Directory.Read.All. This gives the Adoptech Portal permission to read your directory, but not to modify it. Finally, click Add permissions.

Now click Grant admin consent and confirm in the following pop-up box by selecting Yes.

Go back to the main Azure Portal page and navigate to Subscriptions. Click on your subscription.

Click on Access control (IAM), and on the right-hand side, choose Add role assignment from the Add menu.

Enter reader in the search box, and then highlight the Reader row in the search results.

Select the Members tab, ensure Assign access to is set to User, group or service principal, and then click Select members. In the pop-up, search for the Adoptech app and select it. then press the Select button and finally the Review + assign button.

Now open the Adoptech Portal (https://portal.adoptech.co.uk/) in your browser, click Apps & Integrations on the left-hand side menu and find the Azure card in the list of integrations. Press the Connect button on the card.

Now paste in the three strings that you saved from your earlier steps on Azure, and click Connect.

Using the “Groups to sync” field (optional)

When you connect the Adoptech Portal to Azure, you will now see an additional optional field in the Connect to Azure window: Groups to sync (comma-separated IDs or Names)

This field allows you to limit which people are brought into the Adoptech Portal from Microsoft Entra ID.

How it works  
If you leave this field blank, Adoptech will synchronise all users from your directory (this is the existing behaviour).If you enter one or more groups, Adoptech will only synchronise users who are members of those groups.

You can enter:
- The group’s Display name (for example: `Adoptech Users`, `InfoSec Team`)  
- Or the group’s ID (GUID) copied from Entra ID

If you want to sync more than one group, separate them with commas, for example:
Adoptech Users, IT Department, 12345678-abcd-1234-abcd-1234567890ab

Notes and tips  
- Group names are not case sensitive, but they must match the name shown in Entra ID.  
- Both security groups and Microsoft 365 groups are supported, as long as they are visible via Microsoft Graph.  
- If you enter a group that does not exist, that group will be ignored and its members will not be synchronised.  
- If all specified groups are invalid or empty, no users will be synchronised until the groups are corrected or the field is cleared.

If you are unsure which groups to use, we recommend asking your Microsoft 365 / Azure administrator to either provide the correct group names or IDs, or to help you set up a dedicated group (for example “Adoptech Users”) for this integration.