/
Prerequisites for Azure Active Directory

Prerequisites for Azure Active Directory

Permissions required in Azure Active Directory (AD): The service principal provided for the Kyvos application will need the following permissions to access the Azure AD.

API / Permissions name

Type

Description

Admin consent required

Directory.Read.All

Application

Read directory data

Yes

 User.Read

Delegated

Sign in and read user profile

No

To grant this permission to the client ID, the following steps can be followed:

  1. On the Azure portal, navigate to Home > App Registration and select the App for Kyvos.

  2. Under API permissions, click Add a permission, and then click Microsoft Graph.

    image-20260206-114519.png

  3. On the Request API permissions dialog box, select the Application Permissions option.

    image-20260206-114643.png

  4. On the Select Permissions area, search for directory and select the Directory.Read.all option from the results.

  5. Click Add Permissions. The permission is required for Kyvos to read from the Azure AD.

    1. Directory.Read.All: To read directory data

      image-20260206-114947.png

    2. User.Read: To sign in and read user profile

      image-20260209-075815.png

Copyright Kyvos, Inc. 2025. All rights reserved.