Connect Microsoft
Patchly connects to your Microsoft environment with read-only API access. Setup takes about 2 minutes using our onboarding portal.
Get Started
Visit connect.patchly.ai to authorize Patchly for your organization. You’ll need a Global Administrator or Privileged Role Administrator account.
The portal will:
- Collect your contact details
- Redirect you to Microsoft’s admin consent screen
- Automatically capture your tenant ID after you approve
No manual steps required — everything is handled in one flow.
What Permissions Does Patchly Request?
All permissions are read-only and application-level (no user impersonation). Patchly never modifies data in your environment.
Microsoft Graph
| Permission | What it reads |
|---|---|
User.Read.All | User directory for identity context |
Device.Read.All | Registered device inventory |
Group.Read.All | Security group membership |
AuditLog.Read.All | Sign-in activity |
Directory.Read.All | Directory data |
Microsoft Defender for Endpoint
| Permission | What it reads |
|---|---|
Machine.Read.All | Device inventory |
Vulnerability.Read.All | Vulnerability data |
Software.Read.All | Software inventory |
Alert.Read.All | Security alerts |
SecurityRecommendation.Read.All | Security recommendations |
What Happens Next?
| Step | What | When |
|---|---|---|
| You grant consent | Patchly gets read-only access to your security data | Immediately |
| First sync starts | Vulnerability, device, and user data are pulled | Within minutes of consent |
| Data refreshes nightly | Updated data is pulled on a daily schedule | 02:00 UTC each day |
| Dashboard ready | Your Patchly contact sends you the link | After first sync completes |
Your first data sync starts automatically after you grant consent — no manual configuration needed on our side.
See Data Security for how your data is stored and protected, or Data Freshness to understand sync timing.
Last updated on