Team: Managed Identity Threat Detection and Response (ITDR)
Environment: Huntress Platform
Product: Google Workspace, Microsoft 365
Summary: Learn how to add, manage, monitor, and remove Google Workspace and Microsoft 365 integrations directly within the Huntress Platform via the Identity Provider Integration.
Overview
Welcome to the Identity Provider Integration page. Whether you want to add a Google Workspace or Microsoft 365 integration, or check the status of your current integration, you can manage everything from this central dashboard. Use this page in the Huntress Platform to add, manage, monitor, and remove your identity integrations.
In this Article
Before You Begin
Step 1: Add a New Integration
Step 2a: Add a Google Workspace Tenant
Step 2b: Add a Microsoft 365 Tenant
Understand Onboarding Statuses
Read the Tenant Overview
Manage Existing Integrations
Frequently Asked Questions
Before You Begin
Before adding a new integration, ensure you have the appropriate administrative credentials for your provider:
Google Workspace: Requires a Super Admin account.
Microsoft 365: Requires a Global Admin account.
Step 1: Add a New Integration
You can connect an identity provider right from the Huntress Command Center using the setup wizard, or by navigating the main menu.
Log in to Huntress and go to Integrations.
Select Add and choose your preferred identity provider.
To start a new tenant integration, select +New Integration.
-
From the dropdown menu, select the Huntress Organization you want to associate with this integration.
-
Tip: If the organization does not exist yet, type the name into the field to create it automatically.
-
-
Select the check boxes for the identity providers you want to add. You can select one or both options.
-
Note: If an integration already exists, the option appears grayed out.
-
Follow the prompts to authenticate your provider, either Google Workspace, or Microsoft 365
Once authenticated, your data begins to sync automatically.
Step 2a: Add a Google Workspace Tenant
The configuration for a Google Workspace tenant requires a Super Admin account to approve the application permissions.
In the Integration Wizard, select Start Configuration to view required permissions.
Review the on-screen details carefully.
Select Sign in with Google.
Follow the prompts to authenticate, then select Finish to add the integration. Google Workspace data typically flows within a few hours.
Step 2b: Add a Microsoft 365 Tenant
The configuration for a Microsoft 365 tenant requires a Global Admin account to approve the application permissions.
In the Integration Wizard, select Sign in with Microsoft.
Log in using your Global Admin credentials.
Review and approve the requested permissions.
-
Select Finish to complete the integration. Microsoft 365 data might take 24 to 48 hours to fully sync with the Huntress Platform.
Note: Select the GCC High tenant check box if your tenant environment requires this specific environment rule.
Understand Onboarding Statuses
To check the configuration progress of an onboarding tenant, select View Details next to the Setup Status.
The following table describes each onboarding state:
| Status | Google Workspace | Microsoft 365 |
|---|---|---|
| Set Up | Authorizing and configuring your Google Workspace connection | Verifying permissions and retrieving tenant information |
| Data Sync | N/A | Synchronizing users and directory data |
| Subscriptions | N/A | Configuring audit logging and webhook subscriptions |
| Validation | Running initial health checks to verify the integration | Verifying event ingestion and completing setup |
| Healthy | The integration was added successfully | The integration was added successfully |
| Unhealthy | The integration process failed. The dashboard provides specific error details and troubleshooting steps. | The integration process failed. The dashboard provides specific error details and troubleshooting steps. |
Read the Tenant Overview
To view more details about an existing integration, select the expand icon (>) to the left of the tenant name.
The expanded panel displays the following information:
| Field | Meaning |
|---|---|
| Integration Version Number | The version of the Huntress integration. Outdated versions continue to run but lack new or improved features until you reauthorize the connection. |
| Product Name(s) | Displays the active capabilities for this tenant, including Managed ITDR and Managed ISPM. |
| Identity Provider | Displays Google Workspace or Microsoft 365. |
| Health Status | Displays Unhealthy, Onboarding, or Healthy with any necessary details. |
Fully Healthy Example
Outdated Version Example
Manage Existing Integrations
Select the Options menu (three dots) next to the tenant status to perform administrative tasks:
| Task | What it Accomplishes | Supported Identity Provider |
|---|---|---|
| Reauthorize | Prompts you to re-approve the Huntress application to apply updates or new permissions. Use this step if a tenant is Unhealthy or Outdated. | Google Workspace and Microsoft 365 |
| Manage Billable Products |
Allows you to activate or deactivate individual products (Managed ITDR or Managed ISPM) for a designated tenant without unmapping the organization. Stopping a single product does not unmap the tenant. Stopping both products results in the tenant being unmapped from both products and removed from the Identity Provider Integration |
Google Workspace and Microsoft 365 |
| Unmap | Fully removes the associated identity integration from that specific Huntress Organization. | Google Workspace and Microsoft 365 |
| Get Security Assessment | Generates a point-in-time snapshot of identity risks and suspicious activity to share with clients or prospects. | Microsoft 365 only |
Frequently Asked Questions
Why does the Huntress Platform show the old style of the integration page for some of my tenants?
Some partners use legacy integration methods that this new dashboard does not support. To use the updated view, you must directly map your tenants, remove all legacy mapping methods, and ensure your tenants use the latest integration version.
Unmapping and re-adding legacy tenants can result in temporary service downtime and potential data loss. If you want to switch to the new integration method, please reach out to Huntress Support.
Is there a difference when adding GCC High and standard Microsoft 365 tenants?
Yes. Commercial and GCC Low or Standard tenants use the previous integration workflow. GCC High tenants will use this new integration, and must be onboarded by turning On the This is a Microsoft 365 GCC High tenant option during setup to ensure features enable correctly. This feature is not available for Google Workspace or Managed ISPM.
The "How It Works" module is missing. How can I get it back?
If you closed the module, you can reopen it by selecting How it Works at the top of the Identity Provider Integrations page.