Cloud App Connector

The Compliance Suites Cloud App Connector is a generic connector for Microsoft’s Cloud Apps standard connector. This means that you can use the connector to create users in approximately 3000 different Microsoft-supported Cloud Apps from the Compliance Suite, including, for example. Salesforce or Adobe.

When you enroll an AD user in a specific group that corresponds to a specific Microsoft Cloud App, the user will be created in the Cloud App.

The Cloud App Connector uses "Custom Resources" in the Compliance Suite to update external systems.

The Cloud App Connector creates a unique opportunity to integrate directly with widely used systems at the role level, automating the entire organization’s user management. This avoids the need for organizations to develop manual integrations between Compliance Suite and cloud systems.

How to use the Cloud App Connector in Compliance Suite

The Cloud App Connector binds https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/[Entra ID Applications] as a system in Compliance Suite.

This could be Salesforce, for example. Cloud App Systems can be created directly in Compliance Suite as a type of User Systems, or they can be registered in Entra ID.

Entity in Compliance Suite	Used as	Fields	Remarks
Cloud App System (system)	Represents an Entra ID Application	Name, Application Id + Id/Description/Category	See below

Entity in Compliance Suite

Used as

Fields

Remarks

Cloud App System (system)

Represents an Entra ID Application

*Name, *Application Id + Id/Description/Category

See below

The functionality is as follows:

Syncronization status	Happens when..
Adding	If roles are added and they are not registered in Microsoft Graph API. This can be used to give a visual indication of an expected synchronization (which happens every 40 minutes for eg Salesforce).
Synchronized	When the user is registered via Microsoft Graph, based on the specified Application ID. That is, an IT administrator has configured one or more Entra ID groups on this app in Entra ID, and the app’s synchronization has run, and Compliance Suite now detects that the user has the app via call to the graph API. This can be done without roles.
Removing	If roles / access are removed and they are not registered in Entra ID via the Microsoft Graph API.

Syncronization status

Happens when..

Adding

If roles are added and they are not registered in Microsoft Graph API. This can be used to give a visual indication of an expected synchronization (which happens every 40 minutes for eg Salesforce).

Synchronized

When the user is registered via Microsoft Graph, based on the specified Application ID. That is, an IT administrator has configured one or more Entra ID groups on this app in Entra ID, and the app’s synchronization has run, and Compliance Suite now detects that the user has the app via call to the graph API. This can be done without roles.

Removing

If roles / access are removed and they are not registered in Entra ID via the Microsoft Graph API.

In Compliance Suite, the system is set to Synchronized when the Cloud App ID is added to the user in Entra ID. If you wish to see the sync status yourself, check the Entra ID provisioning service for the given app.