Skip to main content
All CollectionsGetting started with Nudge Security
Configure access to Microsoft Entra ID
Configure access to Microsoft Entra ID

Here's how to connect Nudge Security to your Microsoft Entra ID environment

Danielle avatar
Written by Danielle
Updated over a week ago

Nudge Security analyzes data from your Microsoft Entra ID domain to discover and inventory your entire SaaS footprint, including users and OAuth grants. All it takes is a quick setup that gives Nudge Security read-only access to your organization's users, groups, and email.

First, you will sign up for Nudge Security with a Microsoft Entra ID account. This account does not require Microsoft global administrator privileges, but it must have a mailbox enabled for email verification purposes.

Then, you will take the following steps to configure Nudge Security for your organization in Azure AD. You will need access to a Microsoft global administrator account or work with someone who does to complete these steps.

What you'll need:

  • A mailbox-enabled Microsoft Entra ID account to create your Nudge Security account

  • Global administrator access to configure Nudge Security in your Azure AD

  • About 5 to 10 minutes to complete the setup

Note:

You need to perform these steps once during your initial account setup. You may also need to repeat these steps periodically to accept changes in OAuth scopes as requested by Nudge Security.

Step 1: Sign up for Nudge Security with your Microsoft Entra ID account.

With global administrator access, find Nudge Security in the Azure Marketplace. Alternatively, find it in the Microsoft Entra App Gallery. In your Microsoft Entra account, under Identity > Applications > Enterprise Applications > + New Application > search for Nudge Security.
โ€‹

Follow the "Sign up for Nudge Security" link to initiate a trial start.
โ€‹

Alternatively, navigate to nudgesecurity.io/trial to create a Nudge Security account. Follow the sign-up wizard and click "Continue with Microsoft."

Sign in with your corporate email account (personal email accounts are not allowed) and complete the email verification steps.

Step 2: Log in to Azure Active Directory as an administrator

Navigate to Enterprise Applications and find the Nudge Security application.

Step 2: Click on the name "Nudge Security" to open details

On the left-column menu, navigate to Security > Permissions.

Step 3: Click on the big blue button "Grant admin consent for"

This will grant the necessary permissions for Nudge Security to do the analysis.

Step 4: Head back over to Nudge Security

You're all set, click the 'Verify' button to confirm the configuration is complete and your analysis will start. As soon as your initial analysis is complete, you will be able to see a full picture of your current and historical SaaS footprint.

Run into issues?

Depending on your organization's Azure AD configuration, you may run into the following common issues during signup:

Issue #1: I didn't receive an email confirmation code during the initial sign-in.

Make sure to sign up with a Microsoft Entra ID account that has a mailbox enabled. This does not have to be a Microsoft global administrator account.

If you started the sign-up process with a Microsoft Entra ID account that does not have a mailbox, simply log out of that account in your browser, use a different browser, or use a new incognito browser window, and then restart the sign-up process with a different mailbox-enabled account.

Nudge Security will not create an account until the email verification process is completed successfully.

Issue #2: I received an error message that reads, "Sorry, but we're having trouble signing you in."

During the initial sign-in step, you may receive a Microsoft Entra ID error message similar to this:

"Sorry, but we're having trouble signing you in [...] Your administrator has configured the application Nudge Security to block users unless they are specifically granted ("assigned") access to the application..."

If this occurs, then you must first grant users the ability to create a Nudge Security account with their Microsoft Entra ID accounts. To do this, use your Azure AD global administrator account or (work with an administrator) to first assign the Nudge Security enterprise application to the user accounts that will be used to sign up for Nudge Security.

For more information on this setting and on how to take these steps in Azure AD, please refer to https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/assign-user-or-group-access-portal?pivots=portal.

Issue #3: My initial analysis is taking a long time to complete.

When you first configure Nudge Security for your organization, it builds an inventory of all SaaS applications, accounts, users, and OAuth grants ever created in your organization. For smaller and younger organizations, this process often takes just a few minutes to complete. However, for larger and older organizations with deep email archives, this process may take longer.

You can exit the analysis screen while Nudge Security builds your inventory. We actively monitor progress and the system will email you when your initial analysis is complete. If you do not receive any email confirmation within 24 hours, please reach out to us.

If you run into any issues in this process or if you have any questions, please reach out. You can live chat with us in the product or on our website. Or, you can book an onboarding call with us to troubleshoot or walk through your initial results.

Did this answer your question?