# Microsoft AD

As an Admin with integrations permissions, you can sync your occupancy data or directory via Snowflake. 

When using Microsoft AD for Directory this means your active directory can be seamlessly populated in gospace AI, so you can start to automate for all your users, and map them to teams without any manual inp

To begin, click on "Microsoft Active Directory - user management" for directory on the integrations page. You'll then see the below.

<figure><img src="https://2315052346-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FOW0EmyC5IqyMiB4AxcLq%2Fuploads%2FX466cbwI5S7yPgejqs1I%2FCleanShot%202024-04-30%20at%2022.51.40%402x.png?alt=media&#x26;token=c0c4ced5-31fc-4c61-9492-c5829e31ec3d" alt=""><figcaption></figcaption></figure>

<details>

<summary>Client ID and secret</summary>

When it comes to getting your Client ID and Client Secret, you can find this within the Azure Portal under the App Registration's blade.

1\) Login to the `Azure Portal`\
2\) Navigate to `Azure Active Directory`\
3\) Select `App Registrations`, locate the Azure AD App that you're trying to find the Client ID and Client Secret Key for \
4\) Within the Azure AD App, select `Certificates & Secrets`

**Note:** Once a Secret is created and you navigate away from the Certificates & Secrets page, the Secret value is no longer available to be seen or copied.

<img src="https://learn-attachment.microsoft.com/api/attachments/207625-image.png?platform=QnA" alt="207625-image.png" data-size="original">

For more detailed steps on how to get these values you can reference - [Get tenant and app ID values for signing in](https://learn.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#get-tenant-and-app-id-values-for-signing-in)<br>

</details>

<details>

<summary>Tenant ID</summary>

To get your Azure AD B2C tenant ID, follow these steps:

1. Sign in to the [Azure portal](https://portal.azure.com/).
2. If you have access to multiple tenants, select the **Settings** icon in the top menu to switch to your Azure AD B2C tenant from the **Directories + subscriptions** menu.
3. In the Azure portal, search for and select **Microsoft Entra ID**.
4. In the **Overview**, copy the **Tenant ID**.

<img src="https://learn.microsoft.com/en-us/azure/active-directory-b2c/media/tenant-management/get-azure-ad-b2c-tenant-id.png" alt="Screenshot demonstrates how to get the Azure AD B2C tenant ID." data-size="original">

For more please see [here](https://learn.microsoft.com/en-us/azure/active-directory-b2c/tenant-management-read-tenant-name).

</details>

If everything looks good, click "Continue" to create your SFTP integration. gospace AI will then test the connection to your SFTP server and verify that it can successfully authenticate and access the specified file path. If the connection test is successful, your SFTP integration is ready to start mapping to import your users, teams or both.

#### Permissions:

&#x20;gospace AI needs permissions to all the below

| Resource          | Delegated (user-auth) | Application (client-credentials) |
| ----------------- | --------------------- | -------------------------------- |
| **Users**         | User.Read.All         | User.Read.All                    |
| **Groups**        | Group.Read.All        | Group.Read.All                   |
| **Group Members** | GroupMember.Read.All  | GroupMember.Read.All             |

&#x20;Similarly, in **Azure AD**

* Go to **App registrations ▶ Your app ▶ API permissions**.
* Under **Microsoft Graph**, add **Application** or **Delegated** permission `Group.Read.All` (or the broader `Directory.Read.All` if you need it).
* Click **Grant admin consent**.

### Next steps:

{% content-ref url="../mapping-your-data/map-your-directory" %}
[map-your-directory](https://docs.gospace.com/integrations/mapping-your-data/map-your-directory)
{% endcontent-ref %}

{% content-ref url="broken-reference" %}
[Broken link](https://docs.gospace.com/integrations/connecting-an-integration/broken-reference)
{% endcontent-ref %}