Azure Integration

The Microsoft Azure integration allows Sprinto to read resources and monitor security configurations across your Azure subscription. Once connected, Sprinto continuously evaluates your Azure environment against applicable compliance requirements and surfaces findings on the platform.

Sprinto requires read-level access to your Azure subscription in order to:

• Monitor cloud resources and configurations

• Evaluate security posture

• Map evidence to relevant controls

• Track compliance status in real time

You can integrate Azure using either:

1. Azure PowerShell (recommended) – Automated setup using generated scripts

2. Manual configuration – Create and configure the Azure application yourself

Available integration methods

When you click Connect next to Azure under Cloud Providers, you can choose one of the following:

• Use Azure PowerShell (Recommended)

• Create application manually

Both methods create a dedicated Azure app (sprinto-auditor-app) with the required read permissions.

Method 1: Integrate using Azure PowerShell (Recommended)

This method automatically creates the required Azure application and assigns the necessary permissions.

Step 1: Start the integration in Sprinto

1. Log in to the Sprinto dashboard.

2. Navigate to Settings → Integrations.

3. In the All tab, search for Microsoft Azure.

4. Under Cloud Providers, click Connect next to Microsoft Azure.

1. Review the permissions required and click Next.

2. Select Use Azure PowerShell.

3. Enter your Azure Subscription Name. (You can find it in Azure under Account → Subscriptions.)

4. Click Continue.

Step 2: Run the PowerShell script

1. Under Step A, click Copy PowerShell Code.

1. Open Azure Cloud Shell or your local Azure PowerShell terminal.

2. Paste and execute the copied script.

This script:

• Creates an application named sprinto-auditor-app

• Assigns the required Microsoft Graph permissions

• Configures the appropriate role access

Step 3: Grant admin consent

1. In Azure, go to App Registrations.

2. Search for and select sprinto-auditor-app.

3. Navigate to API Permissions.

4. Click Grant admin consent for Default Directory.

Admin consent is required for Sprinto to read directory data.

Step 4: Add Role Assignment in Azure Console

1. Go to Subscription in the Azure console.

2. Click on Access control (IAM).

3. Click Add role assignment.

1. Select Reader Role and click Next.

2. Click on Select members.

3. Search for sprinto-auditor-app and select it.

4. Click Review + Assign.

1. Refresh the role assignment list to see the assignment for sprinto-auditor-app .

Step 5: Generate and copy JSON output

1. In Sprinto, move to Step C.

2. Copy the provided PowerShell code.

3. Run it in PowerShell to generate a JSON output.

4. Copy the JSON result.

5. Paste the JSON into the Step 2 box in Sprinto.

6. Click Connect.

The Azure integration will now be configured.

Method 2: Integrate Azure manually

Use this method if you prefer to configure Azure access manually.

Step 1: Create a new App Registration

1. Log in to the Azure Portal.

2. Go to App registrations.

3. Click New registration.

1. Enter the name: sprinto-auditor-app.

2. Leave Supported account types as default.

3. Click Register.

Save the following values:

• Application (Client) ID

• Directory (Tenant) ID

You will need these in Sprinto.

Step 2: Create a Client Secret

1. Open the newly created app.

2. Go to Certificates & secrets.

3. Click New client secret.

4. Enter a description (for example: Sprinto Secret).

5. Set expiry to 24 months.

6. Click Add.

1. Copy and securely save the Secret Value.

Step 3: Configure API permissions

1. Go to API permissions.

2. Click Add a permission.

3. Select Microsoft Graph.

1. Choose Application permissions.

2. Under the Directory section, select:

   • Directory.Read.All

3. Click Add permissions.

1. Click Grant admin consent for Default Directory.

Step 4: Assign Reader role to the app

1. Navigate to Subscriptions.

2. Select your subscription.

3. Click Access Control (IAM).

4. Click Add role assignment.

1. Select Reader role.

2. Click Next.

3. Click Select members.

4. Search for sprinto-auditor-app.

1. Click Select.

2. Click Review + assign.

Step 5: Complete setup in Sprinto

1. Return to Sprinto.

2. Click Connect next to Azure.

3. Select Create application manually.

4. Click Continue.

1. Enter the following details:

   • Tenant ID

   • Application ID

   • Application Client Secret

   • Subscription ID

1. Click Connect.

2. Check the confirmation box: I have registered a new app and gave appropriate permissions.

3. Click Connect with Azure.

Post-integration behaviour

After successful setup:

• Sprinto begins syncing Azure data.

• Initial sync may take up to 24 hours.

• Compliance findings and resource posture will appear in the dashboard automatically.

Troubleshooting

Admin consent button is disabled

Ensure you are logged in as an Azure Global Administrator or Application Administrator.

Permission errors during sync

Confirm that:

• Directory.Read.All is granted

• Admin consent has been approved

• Reader role is assigned at the subscription level

JSON validation fails (PowerShell method)

Re-run the Step C script and ensure:

• The correct subscription is selected

• The full JSON output is copied without modification

Sync not reflecting data

Wait up to 24 hours for the first sync cycle. If issues persist, contact Sprinto Support.

Once the above steps are completed the integration will be up and running and in the next 24 hours Sprinto will be able to sync data and start reporting the same on the platform, please feel free to reach out to Sprinto Support at [email protected] in case you face any challenges.