Skip to main content
Velatir for Desktop can attach organisational context to every trace: the person’s department, office, and group memberships. This routes activity to the right workspace and keeps your team-level insights accurate. End users see nothing; there is no prompt and no per-user setup. On Microsoft Entra this needs a one-time admin consent, so Velatir can read directory profiles. Without it, traces are still captured; they simply carry no directory context.
  1. As a Microsoft Entra administrator, open this URL in your tenant: 
    https://login.microsoftonline.com/organizations/v2.0/adminconsent?client_id=ddddc2f1-9b3e-4ca2-99bf-99cbae699402&scope=https://graph.microsoft.com/.default&redirect_uri=https://docs.velatir.com/setup/directory-context
  2. Sign in and review the request. It asks for one read-only permission, Sign in and read user profile (User.Read):
    FieldValue
    ApplicationVelatir LDAP host
    Publisherldap.velatir.com
    PermissionSign in and read user profile (User.Read)
    Select Consent on behalf of your organisation and accept.
  3. The app now appears under Entra → Enterprise applications → Velatir LDAP host. Open it there to confirm admin consent is granted (use Grant admin consent for [your organisation] if it is not). You can review the permission, see sign-in activity, or revoke access from the same place at any time.
That is the whole setup. Directory context starts flowing once consent is granted.
For on-premise Active Directory without Entra, this step is not required: Velatir reads directory details locally. For hybrid setups, grant consent anyway so context still resolves when people work off the corporate network.