Azure AD Scout
Microsoft Azure Active Directory (AAD) users can create an Azure AD Application Scout to test connectivity from a Custom Hive or Cloud Hive endpoint to the AAD endpoint at login.microsoftonline.com. You can measure the time it takes to send two HTTP GET requests to the AAD endpoint and view more detailed information on the HTTP requests and traceroute.
Create an Azure AD Scout
In the Scoutbees top bar, click Create Scout to open the Add New Scout window.
From the Infrastructure tab, select Azure AD as the Scout Type.
Choose the locations (Hives) from which you want to test your Azure AD.
Choose the Scout's Authenticaion method. You can select to authenticate a specific user with OAuth, or register the Scout as an application and give it permission to access your Azure AD.
- If you are authenticating a user with OAuth, click Sign in with Microsoft and sign in with a user that has permission to administer your cloud applications.
- If you are authenticating the Scout as an application, follow these steps:
- Create a new App registration for the Scout in your Azure Portal. Visit the Microsoft documentation for instructions.
- Grant the Scout application Organization.Read.All permission through Microsoft Graph API. Visit the Microsoft documentation for instructions.
- In the Scoutbees Add New Scout window, enter your Azure AD Tenant (directory) ID, Client (application) ID, and Client Secret.
Enter a Name for the Scout.
Select how often you want the Scout to test your Azure AD with the Run Every slider.
Optionally, Add labels to your Scout. Labels are key-value pairs that you can use to organize your Scouts. To learn more about labels, visit Scout Labels.
Click Next: Alert Policy to set up alerts and notifications on the Scout before saving it. For more information, visit Alert Policies.
Wait for the first test results after you create your Azure AD Scout. We have completed three results which we will examine in more detail in this section.
Click a successful test to see more details.
If you are authenticating via OAuth, the test result shows the user query duration, which is the time it takes to get the current user's information, and the organization query duration:
If you are authenticating via the Scoutbees application, the test result will show the login duration for the application, and the organization query duration: