Microsoft SSO
Last updated
Last updated
is a tool that helps organisations optimise their tech stacks. We let your IT administrator see which Software-as-a-Service (SaaS) applications are being used so that your organisation can cut unused licenses, identify security vulnerabilities, and find tools that are better suited to its needs.
Sonar was designed with privacy in mind and is not meant to track the employees’ work. We only collect a minimum amount of data strictly for the purposes cited above, and aim to be fully transparent regarding how the SSO works on your account and how we use your data.
This document aims to answer any questions you may have. Should you have any concerns that aren’t covered here, please do not hesitate to .
The Sonar platform works in the background. Every day, it's fetching data from your Microsoft Entra to track users, groups, administrativeUnits, and SaaS activities changes.
To get this information, it needs two authorizations from your Microsoft Entra accounts:
User.Read, to allow user connection using Microsoft as an identity provider.
Directory.Read.All, to allow fetching of
users,
groups,
group members,
administrativeUnits,
administrativeUnit members,
servicePrincipal (SaaS application),
servicePrincipal users.
Using this information, Sonar will be able to monitor any changes in your environment and provide recommendations in case of user status changes or new SaaS being discovered.
We aim to limit the amount of data sent to our servers as much as possible. Thus, only 1 refresh per day will be sent to the Sonar servers.
You may find the full privacy policy of Sonar here:
You may find the full terms and conditions of Sonar here: