Before you begin

• Tenant ID
• Client ID
• Client secret
• Credentials: Choose between user credentials or shared credentials.
  • User credentials: The account you use must have administrative permissions.
  • Shared credentials: Optionally, you can use shared credentials from your credential provider (CyberArk is the only credential provider currently supported by Next-Gen Trust Security). To use this option, first set up the connection to CyberArk.
• At least one active VSatellite
• CyberArk permissions for Azure: You must specify these permissions when defining the role's permission policy.

1. Create an Application Registration in your Azure portal.
2. Create a Client Secret for the application registration. This secret will be used for authentication in the Next-Gen Trust Security connector.
3. Add the required API permission:
   1. Navigate to API permissions in your application registration.
   2. Click Add a permission > Microsoft Graph > Application permissions.
   3. Add the Application.Read.All permission.
4. Grant admin consent for the tenant to activate the permission.

1. Enter the Tenant ID.
2. Select a Credential Type.
3. Enter the Client ID.
4. Enter the Client Secret.
5. Click Test Access, then click Continue.Continue is available only after a successful test.
   Note: If Test Access fails, verify that the client secret value (not the secret ID) is entered and ensure the Azure Application Registration has sufficient permissions.