Microsoft Apps (Including Copilot): Configuring the App Activities Integrations

This article explains how to configure the App Activities integration for Microsoft Apps.

The same process is required to configure the integration for all these applications.

Overview

App Activities provides you with an API-based solution for out-of-band visibility of all activity made by any user in a connected SaaS application. To provide App Activities with visibility of data within an app, you need to set up an integration with the required application. Once you create the integration, if a field has changed or expired, you can edit it from the Resources >Integrations > Integrated Apps page. For more information, see What is Application Control via API with App Activities.

To configure the App Activities integration, you need to:

  1. Configure the integration within the SaaS application

  2. Create the API connector in the CMA

A CASB license is required for App Activities. This license includes app and data control and App Activities via API. For more about purchasing a CASB license, please contact your Cato representative.

All activities (called Operations in Microsoft Exchange) are fetched.

Supported Applications

The following Microsoft Applications are supported:

  • Entra ID

  • Exchange

  • Microsoft 365 Copilot

  • Microsoft 365 - All Microsoft 365 apps are supported, including:

    • Excel

    • Intune

    • PowerPoint

    • Word

  • SharePoint

  • OneDrive for Business

Configuring the Microsoft Apps Integration

To configure the integrations, create an API app.

Prerequisites

  • You must have a Microsoft 365 E3 license

  • You have admin permissions for your Microsoft Entra admin center

Step 1: Configure the Integration in the Microsoft Entra Admin Center

In the Microsoft Entra admin center, identify the Directory (tenant) ID and the Client Secret Value to enter into the CMA. The screenshots below are for the SharePoint app, however they apply to all apps.

To configure the Microsoft Apps integrations:

Note: If you have already created an app, jump to step 4. The same Microsoft app registration can be used to integrate all Microsoft products.

  1. In your Entra admin center tenant, navigate to Identity > Applications > App registrations.

  2. Click New registration.

  3. On the Register an application page, enter a Name for the application and click Register.

  4. Navigate to Identity > Applications > App registrations and select the app to be used for the integration.

  5. On the app's Overview page, copy and save the Application (client) ID and Directory (tenant) ID so they can be added into the CMA.

    Entra_details.png

  6. From the side bar, select Certificates & Secrets.

  7. Click the Client secrets tab.

  8. Click New client secret.

    secret.png

  9. Enter a Description and select Add.

  10. Copy and save the client secret Value so it can be entered into the CMA.

    Note: The secret value cannot be viewed again. Ensure you save the secret before you leave the page.

  11. From the side bar, select API permissions.

  12. Click Add permissions > Office 365 Management APIs > Application Permissions and add these ActivityFeed permissions:

    • ActivityFeed.Read

    • ActivityFeed.ReadDlp

    Note: You must have admin permissions to complete this step.

  13. Click Grant admin consent for MSFT.

    Note: You must have admin permissions to complete this step.

Step 2: Create the API Connector in the CMA

After you have set up an integration with the required application, add the details in the CMA.

To create the API connector in the CMA:

  1. From the navigation menu, click Resources > Integrations.

  2. Click the Integrated Apps tab.

  3. Click New.

    The New Integration panel opens.

  4. Select the SaaS Application you want to add.

  5. In the Capability drop down select App Activities.

  6. Add the details created during step one.

  7. Click Save.

  8. The app is visible on the Integrated Apps table with a Connected status.

After connecting your APIs, you can track the App activities in the Cloud Activities dashboard. Data may take a few minutes to appear.

Sources

  • POST https://login.microsoftonline.com/{{tenant_id}}/oauth2/v2.0/token - Login

  • GET https://manage.office.com/api/v1.0/{{tenant_id}}/activity/feed/subscriptions/list - Confirming audit is enable

  • POST https://manage.office.com/api/v1.0/{{tenant_id}}/activity/feed/subscriptions/start?contentType={{audit_name}} - Enabling the audit (if required):

  • GET https://manage.office.com/api/v1.0/{{tenant_id}}/activity/feed/subscriptions/content?contentType={{audit_name}}&startTime={{start_time}}&;endTime={{end_time}} - Listing the audit

  • GET to the event URIs obtained from the previous response

Was this article helpful?

0 out of 0 found this helpful

0 comments