# AzureAD/365

Enabling this allows ImmyBot to

Sync all users from your partner tenant
Sync all users from your customer's tenants
Install the 365 applications a user is licensed for (Apps for business/Apps for entrprise/Project/Visio)
Deploy software to Teams, On-Premises Security Groups (Ex. Everyone in the Engineering Team gets AutoCAD 2022)

# Create an App Registration

Navigate to: https://aad.portal.azure.com/

# Grant Permissions

# Target devices in Azure Groups

If you would also like to target devices from your Azure groups, you will need to include the Microsoft Graph - Devices.Read.All permission.

See the screenshots below for the minimum permissions.

# Create Client Secret

# Granular Delegated Admin Permissions (GDAP)

Create a Security Group in Azure AD called "ImmyBot Security Group"
Add the ImmyBot Service Principal to that group
For each customer in the Partner Center, add the "ImmyBot Security Group" and add the "Directory readers" and "Global Reader" role.

# Add to Admin Agents Group (Legacy DAP)

# Copy the `Application (client) ID` and `Client Secret Value` into the form in ImmyBot.

← N-Central Integration