Set up Microsoft Azure for the MS TVM integration

  • Release version: Zurich
  • Updated March 12, 2026
  • 2 minutes to read

    • Set up your account in the Microsoft Azure portal to access the Microsoft Threat and Vulnerability Management (MS TVM) API remotely. You need this account so that you can access the MS TVM tenant to gather information for machines, vulnerabilities, and security recommendations.

    Before you begin

    Role required: Microsoft Azure portal administrator.

    About this task

    Complete the following setup tasks in your Microsoft Azure portal before you install the ServiceNow® application for this integration.

    To verify that you have access to the most current content, see the Microsoft doc website. If you haven't created an application ID for OAuth 2.0 authentication in the Microsoft Azure portal, follow the steps in this procedure.

    Procedure

    1. Log in to the Microsoft Azure portal by using your Azure portal administrator credentials.
    2. In the left navigation panel on the Home pane, select Azure Active Directory.
    3. In the Overview pane, select App Registrations (Preview).
    4. In the App registrations (Preview) pane, select New Registration.
      The Register an application form is displayed.
    5. On the form, fill in the fields.
      Table 1. Register an application form
      Field Description
      Name Name for the application. In this example, ServiceNow MS TVM Integration is entered.
      Supported account types For this account, in Supported account types, select Accounts in this organizational directory only (ServiceNow only - Single tenant).
      Redirect URL (optional) If you enter a value for this field, it is not used by the integration.
    6. Select Register.
      The Application (client) ID and Directory (tenant) ID are created. Enter these values on the configuration page in the Client ID and Tenant ID fields during the configuration step in the ServiceNow VR-TVM integration Setup Assistant. This step was described in Install and configure the Vulnerability Response Integration with the MS TVM application using Setup Assistant.
    7. When you see the Application (client) ID displayed in the ServiceNow MS TVM Integration pane, select View API Permissions.
    8. Navigate to Request API permissions > APIs my organization uses, and then select Windows Defender ATP.
    9. In the ServiceNow MS TVM Integration - API permissions pane, select Add a Permission.
    10. Provide read access to machines, vulnerabilities, and security recommendations.
    11. Select Grant Admin Consent for <your organization name>.
      Note:
      To authenticate as an application from a ServiceNow instance, do the following actions:
      1. Navigate to Servicenow MS TVM Integration > Certificates & Secrets, and then select New Client secret.
      2. On the form, fill in the fields.
        Table 2. Client secrets form
        Field Description
        Description Name of the application.
        Expires Date of expiry.
      3. select Add.

        The Value field is populated with the new client secret, which is your new password.

        Note:
        You will need this password when you are configuring the integration in your ServiceNow AI Platform instance. For more information, see Install and configure the Vulnerability Response Integration with the MS TVM application using Setup Assistant.
      4. Save this password in a secure location. After you leave this page, this password is not available.

        You have successfully created an application ID for authentication in the Microsoft Azure portal.

    What to do next

    You are ready to set up your ServiceNow AI Platform® instance for the integration.