Before You Begin

You will need the following:

• Access to your Microsoft Entra (formerly Azure AD) tenant with the ability to add and grant new API permissions.
• An active Maptician Account Admin user with access to your environment. This requirement applies only if you are configuring the integration yourself without Maptician assistance.

Configure Graph API Permissions for Profile Image Sync

From the Microsoft Entra ID home screen:

1. In the left navigation menu, under Manage, select App registrations.
2. In the App registrations list, find and select your existing app (usually named “Maptician Graph API” or similar).
3. Once in the app, go to API permissions in the left menu.
4. Click Add a permission.
5. Select Microsoft Graph.
6. Choose Application permissions.
7. Add the following permission:
   • User.Read.All: Allows the app to read user profiles without a signed in user.
8. Click Add permissions.
9. After the permission has been added, you will want to click Grant admin consent for [Your Organization] and then confirm it.

Enable Profile Image Sync in Maptician

1. As an Account Admin, click the settings button (gear icon) in the top-right corner of the screen.
2. Go to Environment > Sync Profile Images.
3. Select the Enable Microsoft Profile Image Sync checkbox.
4. Click the Save Changes button.

Confirm the Graph API connection works in Maptician

Click the Check Connection button to validate your environment's connection to Entra ID, and the API permissions are configured correctly on the Graph API. If your Graph API permissions have just been configured, it may take up to 30 minutes until this connection is successful.