1. Sign in to the Microsoft Admin Console.
2. If you are using:
   • Microsoft Entra ID — In the navigation menu, in the Admin centers section, click Identity.
   • Microsoft 365 — Click Apps > Admin > Show all > Identity > Applications > App registrations.

   Tip:

   You can also access this from the Microsoft Admin Console.

3. In the navigation menu, click Identity > Applications > App registrations.
4. Click + New registration.
5. On the Register an application page, configure these settings:
   • Name — Enter the name that you want displayed for your application. For example, Arctic Wolf Managed Security Awareness Integration.
   • Supported account types — Select Accounts in this organizational directory only (Single tenant).
     Note:

     Multi-tenancy is not supported.

6. Click Register.

   The Overview page for the newly registered application opens.

1. In the navigation menu, in the Manage section, click API permissions.
2. Click + Add a permission.
3. Click Microsoft Graph.
4. Click Application permissions.
   Note:

   Do not click Delegated permissions. This does not provide the API permissions required for Managed Security Awareness® (MA) setup, so it will cause an insufficient permissions error message.

5. In the Select permissions search bar, enter Directory.Read.All, expand Directory, and then select the Directory.Read.All checkbox.
6. In the Select permissions search bar, enter User.Read.All, expand User, and then select the User.Read.All checkbox.
7. Click Add permissions.
8. In the Configured permissions section, click Grant admin consent for company_name.
9. On the Grant admin consent confirmation dialog, click Yes.

   Your Microsoft Graph permissions should look like this:

   

1. In the navigation menu, click Manage > Certificates & secrets.
2. Click the Client secrets tab.
3. Click + New client secret.
4. On the Add a client secret page, configure these settings:
   • Description — Enter a description for the client secret. For example, Arctic Wolf Secret.
   • Expires — Select 730 days (24 months).
5. Click Add.

   Your new client secret appears on the Client secrets tab.

6. In the Value column, click Copy to clipboard to copy the client secret, and then save it in a safe, encrypted location.
   Note:

   • The client secret value is time-sensitive. It is only viewable during the application registration, so it must be saved now.
   • Do not share the client secret with anyone outside of authorized personnel.
   • If Arctic Wolf requires a copy of the client secret, we will provide you with a secure transfer link. For example, Egnyte.

1. In the navigation menu, click Overview.
2. For these fields, copy their associated values and save them in a safe, encrypted location:
   • Application (client) ID
   • Directory (tenant) ID

The Arctic Wolf Managed Security Awareness® (MA) program uses an AD group to assign sessions to users.

1. In the navigation menu, click Identity > Groups > All groups.
2. Determine if you have an existing group for MA users:
   • If you have an existing group — Confirm this information about your AD group, and then proceed to the next step.
     • Make sure your AD group contains the users that you want to include in the MA program. A user is defined as a single licensed user associated with one email account.
     • Make sure your AD group includes all MA Portal administrators as active users.
     • If you select an existing group, make sure the group does not contain non-human users. For example, fax machines, copy machines, conference rooms, or distribution email groups.
     • Make sure your AD group is a Microsoft 365 or Security group. You cannot use a distribution list or mail-enabled security group.
   • If you do not have an existing group:
     1. Click + New group.
     2. On the New Group page, configure these settings:
        • Group type — Select Security.
          Note:

          you can also use a Microsoft 365 group.

        • Group name — Enter an easily identifiable name for the AD group. For example, Arctic Wolf Managed Security Awareness, AW MSA, or AW Managed Awareness.
        • Members — Click No members selected, and then select users to add to your AD group.
     3. Click Create.

1. In a new browser tab, sign in to the MA Portal.
2. Click Settings > User Management.
3. In the New Integration section, in the Integration Type list, select Microsoft Entra ID.
4. In the Integration Nickname field, enter a name for the integration.
5. Configure these settings:
   • Application (Client) ID — Enter the application (client) ID value created in Obtain the ID values for your MA integration.
   • Directory (Tenant) ID — Enter the directory (tenant) ID value created in Obtain the ID values for your MA integration.
   • Client Secret Value — Enter the client secret value created in Generate a client secret for your MA integration.
   • Client Secret Value Expiration Date — Enter the Expires value in MM/DD/YY format that you selected in Generate a client secret for your MA integration.
6. Return to the User Management tool of the MA Portal, and click Sync Now under Saved Credentials to synchronize your changes.
   Note: If the changes are not seen in the MA Portal after 24 hours, submit a ticket in the

   Arctic Wolf Unified Portal.

1. Click Test Connection, and then do one of these actions:
   • If the "Connection Successful" message appears, click Acknowledge, and then click Save Credentials.
   • If errors persist, see Troubleshoot Managed Security Awareness for more information.
2. In the Awareness Group section, in the Select a group list, select the AD group that you created for MA.
3. Click Query Group.
   Note:

   Record the AD Group name and the total number of users. You will use this number later to make sure the intended users are active in the MA Portal.

4. Click Save Integration.
5. On the User Integration page, in the Saved Credentials section, click Sync Now.

   Active users are pushed to the MA Portal .

   Note: If the changes are not seen in the MA Portal after 24 hours, submit a ticket in the

   Arctic Wolf Unified Portal.

6. If you receive an error message similar to “You are trying to access a page that is restricted,” verify in the Entra ID admin portal that you are a member of the AD Group that you selected for user synchronization. If you are a member and still receive an error message, submit a ticket in the Arctic Wolf Unified Portal.

1. Click Administration Dashboard.
2. Click the User Information tab.
3. Make sure the number of entries at the bottom of the user table matches the total number of users you recorded earlier.