Nudge Security analyzes data from your Microsoft 365 domain to discover and inventory your entire SaaS footprint, including users and OAuth grants. All it takes is a quick setup that gives Nudge Security read-only access to your organization's users, groups, and email.
First, you will sign up for Nudge Security with a Microsoft 365 account. This account does not require Microsoft global administrator privileges, but it must have a mailbox enabled for email verification purposes.
Then, you will take the following steps to configure Nudge Security for your organization in Azure AD. You will need access to a Microsoft global administrator account or work with someone who does to complete these steps.
Step 1: Sign up for Nudge Security with your Microsoft 365 account.
If you haven't done so already, navigate to nudgesecurity.io/trial to create a Nudge Security account. Follow the sign-up wizard and click "Continue with Microsoft."
Sign in with your corporate email account (personal email accounts are not allowed) and complete the email verification steps.
Step 2: Log in to Azure Active Directory as an administrator
Navigate to Enterprise Applications and find the Nudge Security application.
Step 2: Click on the name "Nudge Security" to open details
On the left-column menu, navigate to Security > Permissions.
Step 3: Click on the big blue button "Grant admin consent for"
This will grant the necessary permissions for Nudge Security to do the analysis.
Step 4: Head back over to Nudge Security
You're all set, click the 'Verify' button to confirm the configuration is complete and your analysis will start. As soon as your initial analysis is complete, you will be able to see a full picture of your current and historical SaaS footprint.
Run into issues?
Depending on your organization's Azure AD configuration, you may run into the following common issues during signup:
Issue #1: I didn't receive an email confirmation code during the initial sign-in.
Make sure to sign up with a Microsoft 365 account that has a mailbox enabled. This does not have to be a Microsoft global administrator account.
If you started the sign-up process with a Microsoft 365 account that does not have a mailbox, simply log out of that account in your browser, use a different browser, or use a new incognito browser window, and then restart the sign-up process with a different mailbox-enabled account.
Nudge Security will not create an account until the email verification process is completed successfully.
Issue #2: I received an error message that reads, "Sorry, but we're having trouble signing you in."
During the initial sign-in step, you may receive a Microsoft 365 error message similar to this:
"Sorry, but we're having trouble signing you in [...] Your administrator has configured the application Nudge Security to block users unless they are specifically granted ("assigned") access to the application..."
If this occurs, then you must first grant users the ability to create a Nudge Security account with their Microsoft 365 accounts. To do this, use your Azure AD global administrator account or (work with an administrator) to first assign the Nudge Security enterprise application to the user accounts that will be used to sign up for Nudge Security.
For more information on this setting and on how to take these steps in Azure AD, please refer to https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/assign-user-or-group-access-portal?pivots=portal.
Issue #3: My initial analysis is taking a long time to complete.
When you first configure Nudge Security for your organization, it builds an inventory of all SaaS applications, accounts, users, and OAuth grants ever created in your organization. For smaller and younger organizations, this process often takes just a few minutes to complete. However, for larger and older organizations with deep email archives, this process may take longer.
You can exit the analysis screen while Nudge Security builds your inventory. We actively monitor progress and the system will email you when your initial analysis is complete. If you do not receive any email confirmation within 24 hours, please reach out to us.
If you run into any issues in this process or if you have any questions, please reach out. You can live chat with us in the product or on our website. Or, you can book an onboarding call with us to troubleshoot or walk through your initial results.