Office 365 Vendor Discovery Integration

The Office 365 Vendor Discovery integration enables Sprinto to automatically discover third-party vendors accessed through Microsoft 365 single sign-on (SSO). Sprinto identifies vendors by analysing application and sign-in data available in Microsoft Entra ID (formerly Azure Active Directory).

This integration helps you maintain an accurate vendor inventory and supports continuous compliance monitoring. It requires Office 365 to be connected as an Identity Provider before Vendor Discovery can be enabled.

Sprinto uses read-only Microsoft Graph permissions and does not modify any data in your Office 365 tenant.

Prerequisites

• Office 365 connected to Sprinto as an Identity Provider

• Any paid Microsoft 365 business plan

• Global Administrator access to the Microsoft Entra ID tenant

• Admin access in Sprinto

Permissions required

Sprinto follows the principle of least privilege and requests only the permissions required to identify vendors accessed through Microsoft 365 SSO.

On Office 365 (Microsoft Entra ID)

The following Microsoft Graph permissions are requested during authentication:

Important

• All permissions are read-only.

• Sprinto does not create, update, or delete applications, users, or configurations.

• Admin consent is required during authentication.

On Sprinto

• Admin access is required to configure integrations.

How it works

Once enabled, Sprinto authenticates with Microsoft Entra ID using OAuth and analyses:

• Enterprise applications configured for Microsoft 365 SSO

• Sign-in and usage reports

• User access patterns associated with third-party applications

Sprinto uses this information to:

• Automatically discover vendors accessed through Office 365 SSO

• Populate and maintain your vendor inventory

• Support vendor risk assessment and compliance workflows

Sprinto performs an initial discovery after connection and continues to refresh vendor data automatically.

Connect Office 365 Vendor Discovery to Sprinto

Steps in Sprinto

1. Sign in to the Sprinto dashboard.

2. Go to Settings → Integrations.

3. Search for Office 365.

1. Ensure Office 365 – Identity Provider shows as Connected.

2. Under Office 365 – Vendor Discovery, select Connect.

1. Review the permissions and data usage details, then select Next.

1. Confirm that you have admin access to Office 365.

2. Select Connect Office365 to initiate authentication.

Steps in Microsoft Entra ID

1. When redirected, sign in using a Global Administrator account.

2. Review the requested Microsoft Graph permissions.

3. Grant admin consent to allow Sprinto to read application and sign-in data.

After authorisation, you are redirected back to Sprinto.

Confirm successful connection

Once the connection is complete:

• The integration status updates to Connected

• Sprinto begins analysing Microsoft 365 SSO usage

• Vendor discovery checks become active

Post-integration behaviour (PCF flow)

After the integration is enabled:

• Sprinto discovers vendors accessed through Office 365 SSO

• Newly identified vendors appear in the vendor inventory

• Vendor data is refreshed automatically based on Microsoft Entra ID reports

• You can proceed with risk assessment and due diligence workflows for discovered vendors

Initial discovery may take several minutes, depending on tenant size and SSO usage.

Troubleshooting

Unable to connect Vendor Discovery

Cause: Office 365 Identity Provider is not connected. Resolution: Connect Office 365 as an Identity Provider first, then retry the Vendor Discovery integration.

Vendors not appearing after connection

Cause: Insufficient permissions or limited SSO activity. Resolution: Verify that all requested permissions were granted and allow time for initial discovery to complete.

Admin consent prompt does not appear

Cause: The signed-in user does not have Global Administrator privileges. Resolution: Sign in using a Global Administrator account and retry the integration.