Integrations Hub
6 min
the integrations page provides a single place to view what’s connected, view the status, and trace activity through audit logs it helps you answer what entra id or okta integrations are configured? what alert channels are available? are they working correctly? what changes were made, and by whom? you can navigate to the integrations hub by accessing the settings menu in the top right corner, and then clicking integrations this page lists all configured integrations with their status, giving you quick visibility into your connected systems only organization administrators have permissions to add new integrations key features integration list displays all configured integrations with their names and statuses (active, disabled, or error) add integration adding an integration navigate to the settings menu in the top right corner, and then click integrations click add integration in the modal, select microsoft entra id as the integration type fill in the required fields integration name a descriptive name for the integration (e g , entra id ) entra id client id enter the application (client) id from your entra id app registration’s overview page entra id client secret enter the secret value from the app registration certificates & secrets page entra id tenant id enter your organization’s directory (tenant) id from your app registration’s overview page (optional) identity creation automatically create identity identifiers for my synced identities toggle on to sync identities group object id (optional) enter a group id to restrict which identities are created if left blank, all identities will be created identities may take up to 24 hours to appear ⚠️ identity identifiers are created only up to the limit of your package if you’ve reached your identifier limit, entra id synchronization continues, but additional identities are not created contact your customer success manager for more details about this (optional automation) configure credential browser enabled features if available automated validation this will automatically validate new credentials found related to your authorized identity identifiers automated mitigation disable accounts this will automatically test new credentials, if they are confirmed valid, flare will disable the account automated mitigation mark as compromised this will automatically test new credentials, if they are confirmed valid, flare will mark the account as compromised note flare recommends creating a conditional access policy where the user risk is high to remediate these events automated mitigation revoke sessions this will automatically test new credentials, if they are confirmed valid, flare will revoke the sessions of the account with the exception of validation all the above can also be enabled for manual in addition to automated test integration before saving click test integration to validate the configuration if the test passes, you’ll see a confirmation message flare will return an error if the integration is not properly configured common errors include the following invalid parameters the entra id client id, entra id client secret or entra id tenant id may be incorrect the secret has expired or is wrong missing permissions you will need to grant additional permissions to the application you have registered in entra id see table x located at y for list of permissions required by feature the application has not been assigned the proper permissions untested integrations can be saved, but they remain disabled by default click save changes to finalize the configuration always test your integration before saving to ensure it is properly configured and active permissions revoke session user revokesessions all disable account user enabledisableaccount all mark user as compromised identityriskyuser readwrite all (for mark as compromised; this feature also requires a p2 or higher licence for microsoft entra id) if active directory is performing writeback to entra id, it will re enable a disabled account on each writeback therefore if you are using a hybrid deployment with active directory and entra id it is recommended to use a different remediation capability audit logs every entra id integration includes an audit log tab in its details drawer audit logs record events such as creation, deletion, configuration updates, and runtime activity you can search and filter logs by event type, user, date here you can see when a password validation attempt occured and the associated message permissions and control for the integration flare also offers the ability to disable or delete the integration these settings can be selected by the hamburger menu on the integration