User data import
In order to set up user data import, the application registration for the previously created enterprise application needs to be updated.
The exact import semantics (which users to import, which attributes to copy into the
Prerequisites (provided by Datafisher):
- (none)
Results (to be provided to Datafisher):
Application (client) IDDirectory (tenant) IDSecret ID- Secret
Value - User group
Object Id(optional)
Assign permissions
First,
- find the application from the enterprise applications list,
- under
Security→Permissions, click on theapplication registrationlink to go to the application registration.
Alternatively, you can find the application registration from Applications → App registrations and open the Manage → API permissions page.
Next, click on the Add a permission button.
Next, select the Microsoft Graph API.
Next,
- select
Application permissionsas the type, - search for
user.read.all, - tick the
User.Read.Allpermission, - click
Add permissions.
Next, in the Configured permissions list click Grant admin consent for $company.
Next, click Yes in the popup that appears.
The client secret
Next, you need to create credentials for the application by going to Manage → Certificates & Secrets and clicking New client secret.
Next,
- add
LMSas theDescription, - select the maximum expiration time as
Expires(currently 24 months), - press
Add.
Next, send the Secret ID and Value to Datafisher. The Value is sensitive information.
Application and Directory IDs
Finally, open the Overview section and send the Application (client) ID and Directory (tenant) ID to Datafisher. This is not secret information.
User groups
Sometimes only certain users need to be imported. The filtering may be done on Datafisher side based on user attributes (e.g. only fetch users from Finland, or only users that are not marked as system accounts), but it is also possible to manage the inclusion or exclusion by using user groups.
In order to do this, you need to provide Datafisher with the Object Id of the relevant user group(s).
