AiStrike Documentation

Microsoft 365

Microsoft 365 integrates with AiStrike through an Azure App Registration, sharing the same Microsoft Graph setup used for other Microsoft services. AiStrike pulls email and collaboration security signals and audit telemetry.

Prerequisites

Global Administrator (to create the App Registration) and User Access Administrator or higher at the Management Group level (to assign roles).

Setup

Follow the Azure App Registration steps (see the Azure page under Cloud for the full walkthrough):

  1. Create an App Registration in Microsoft Entra ID > App registrations.

  2. Under API Permissions > Microsoft Graph > Application permissions, add: MailboxSettings.Read, Sites.Read.All, Files.Read.All, AuditLog.Read.All, Reports.Read.All, plus the security scopes SecurityEvents.Read.All, SecurityAlert.Read.All, SecurityIncident.Read.All.

  3. Click Grant admin consent and confirm.

  4. Create a client secret under Certificates & secrets and copy the value.

Connector configuration

Add the Client ID, Client Secret, and Tenant ID to the AiStrike Integrations connector.

Microsoft 365, Defender, and Entra share one App Registration — grant all required scopes on a single registration.