Skip to main content

Sync people data from Entra ID

Use this workflow to sync people data from Microsoft Entra ID.

Prerequisites

Before you begin, make sure you have the following:

  • Global, Application or Cloud Application Administrator access in Microsoft Entra ID
  • Admin or Setup Admin access in Glean
  • The following user fields populated in Entra ID:
    • First name
    • Last name
    • Email
    • Title
    • Department
    • Manager (optional, but recommended if you want to build org charts and improve people data quality)

Configure Entra ID as the people data source in Glean

Complete the following steps to configure Entra ID as the people data source in Glean:

  1. Create an app registration in Entra ID
  2. Configure Microsoft Graph application permissions
  3. Grant admin consent
  4. Create a client secret
  5. Get application and directory IDs
  6. Upload keys to Glean

1. Create an app registration in Entra ID

  1. In Microsoft Azure, navigate to the App registrations page.
  2. Create a new app registration.
  3. Register a new application with the following details:
    • Name: Glean People
    • Supported account types: Single tenant only
    • Redirect URI: Leave blank
  4. Click Register.

For more information on how to register an application in Entra ID, see Register an application in the Microsoft documentation.

2. Configure Microsoft Graph application permissions

  1. In Microsoft Azure, navigate to the App registrations page.
  2. In All applications, find and select the Glean People app registration you created.
  3. Navigate to the Manage → API permissions page.
  4. Add the folllowing API permissions for the Microsoft Graph API as Application permissions:
    • User.Read.All
    • GroupMember.Read.All

For more information on how to add permissions to an application, see Add permissions to an application in the Microsoft documentation.

  1. In Microsoft Azure, navigate to the Enterprise applications page.
  2. Find and select the Glean People app registration you created.
  3. Navigate to the Manage → Permissions page.
  4. Review the permission and click Grant admin consent.
  5. Complete the authentication prompt to grant admin consent.

For more information on how to grant admin consent, see Grant tenant-wide admin consent in Enterprise apps pane in the Microsoft documentation.

4. Create a client secret

  1. In Microsoft Azure, navigate to the App registrations page.
  2. In All applications, find and select the Glean People app registration you created.
  3. Navigate to the Manage → Certificates & secrets page.
  4. Create a new client secret with the description Glean People.
  5. Add the secret.
  6. Copy the secret Value.
important

The client secret value shows only once. If you don't copy it, you cannot access it again and you will need to create a new client secret.

For more information on how to create a client secret, see Certificates and client secrets in the Microsoft documentation.

5. Get application and directory IDs

  1. In Microsoft Azure, navigate to the App registrations page.
  2. In All applications, find and select the Glean People app registration you created.
  3. On the Overview page, note the Application (client) ID and Directory (tenant) ID.

5. Upload keys to Glean

  1. In Glean, navigate to Admin console → Users & permissions → People data.
  2. Select Manage data source.
  3. Under Select a data source to sync people data from, select Azure.
  4. With the keys you obtained in the previous steps, paste the following into the corresponding fields in Glean:
  • Client secret
  • Application (client) ID
  • Directory (tenant) ID
  1. (Optional) Provide a comma-separated list of user fields to crawl in addition to the default fields:
  • id
  • createdDateTime
  • userType
  • displayName
  • givenName
  • surname
  • jobTitle
  • manager
  • department
  • officeLocation
  • city
  • mobilePhone
  • businessPhones
  • onPremisesExtensionAttributes
  • imAddresses
  • mail
  • mailNickname
  • otherMails
  • proxyAddresses
  • usageLocation
  • userPrincipalName
  1. Click Save. Glean prompts you to schedule a crawl.
  2. Select Enable crawl and click Save.

Troubleshooting

If you encounter issues, see the following troubleshooting steps.

Missing permissions error

If you encounter a "Missing permissions" error, check that the app registration has the correct Microsoft Graph permissions and that you've granted admin consent for the required permissions.

Review Configure Microsoft Graph application permissions and Grant admin consent for more information.

Users are missing from Glean

If you notice that users are missing from Glean, check that:

  • The required user fields are populated in Entra ID
  • The app registration has the correct Microsoft Graph permissions
  • Admin consent has been granted
  • The client ID, tenant ID, and client secret are correct

People data looks incomplete

If names, titles, departments, or managers are missing, review the corresponding fields in Entra ID and confirm they're populated for affected users.

See also

Was this page helpful?
Last updated on
© 2026, Glean Technologies, Inc.