Ideabug

Sign in with Microsoft and connect Azure for automated evidence

Sign in with Entra ID work accounts, and plug a single service principal into your Azure tenant to auto-collect compliance evidence across subscriptions.

We've shipped two complementary Microsoft features. The first puts a "Sign in with Microsoft" button on the login page for any organization on Entra ID. The second turns your Azure tenant into an evidence source — Humadroid reads your subscriptions and Entra directory
and continuously gathers what auditors ask for.

What's new

Sign in with Microsoft (Entra ID)

  • One-click sign-in for Microsoft work/school accounts on the login page
  • Multi-tenant — any organization's Entra tenant is supported, no per-customer setup on our side
  • Existing users only — Entra binds the identity, but the user must already be invited or signed up in Humadroid
  • Same email-based matching as Google SSO; users keep their existing role and permissions
  • Personal Microsoft accounts (Outlook.com, Xbox) are intentionally not supported

Azure integration for automated evidence

  • One service principal, many subscriptions — register the SP once, then connect each Azure subscription with a click; rotate the client secret in one place
  • 13 evidence collectors covering Entra and ARM:
    • Entra MFA status, Conditional Access policies, Privileged role assignments
    • Activity Log diagnostic settings, Monitor alert rules
    • Storage encryption, public access, Disk encryption, SQL encryption, SQL firewall
    • Network Security Group rules, Key Vault key rotation, Defender for Cloud secure score
  • Auto-verification — every collected source is checked against compliance rules and surfaces pass / fail / warning on the control
  • Read-only by design — Reader, Key Vault Reader, Log Analytics Reader on the subscription, and read-only Microsoft Graph application permissions
  • Setup options for every team — guided portal walkthrough, copy-paste az CLI script, or Bicep / ARM JSON templates for IaC-first teams
  • Health checks and connection validation run automatically; failures show up in the integration panel with the exact missing role or permission

Setup

Sign in with Microsoft

  • Already on for all accounts. Click "Sign in with Microsoft" on the login page.
  • Admins: invite the user in Humadroid first, then they can bind their Microsoft identity on next sign-in.

Azure integration

  1. Settings → Integrations → Microsoft Azure → Connect Azure subscription
  2. First time: register a service principal (Tenant ID, Application/client ID, client secret) — the wizard walks you through the portal, or hands you an az script / Bicep / ARM template
  3. Pick a subscription from the auto-discovered list (or paste the ID), label it, and connect
  4. Browse Compliance → Evidence to see Azure-collected sources flowing in

Full setup guides in the help center cover Entra app registration, RBAC roles, Microsoft Graph admin consent, and per-source troubleshooting.