Requirements for general backup

The Microsoft 365 service account used to handle the backup must be assigned the Global administrator role.

Requirements for activity logs backup

To back up Azure AD activity logs, at least one of the users on the tenant must have an appropriate license and role:

  • Azure AD Premium 1 or Premium 2 license to access the Azure AD sign-in logs in the Azure portal.
  • Global Administrator or Security Administrator access for the Azure AD tenant.

Create an Azure AD connector

Important: Before you begin, please make sure you are signed out of all personal Microsoft accounts and are only signed into the account you will be using for backup. Otherwise, please sign in to Keepit in an incognito window.

1. On the Connectors page, in the lower-right corner, select Add connector > Add Azure AD —Āonnector

2. Select Sign in to be redirected to the Microsoft sign-in page. Enter the M365 credentials for your global admin service account. 

3. Read through the permissions and allow access by selecting Accept.

Note: You will only be asked for permissions the first time you create a connector. After that, Keepit retains the permissions it needs. 


4. You will be redirected back to Keepit where you can configure your connector.

Here you can:

5. Select Create. Your connector will be created and the first backup will be scheduled.