> ## Documentation Index > Fetch the complete documentation index at: https://docs.velatir.com/llms.txt > Use this file to discover all available pages before exploring further. # Directory Context > Attach department, office, and group context to traces by granting Velatir admin consent in Microsoft Entra Velatir for Desktop can attach organisational context to every trace: the person's department, office, and group memberships. This routes activity to the right workspace and keeps your team-level [insights](/insights/overview) accurate. End users see nothing; there is no prompt and no per-user setup. On Microsoft Entra this needs a one-time admin consent, so Velatir can read directory profiles. Without it, traces are still captured; they simply carry no directory context. ## Grant admin consent 1. As a Microsoft Entra administrator, open this URL in your tenant: ``` https://login.microsoftonline.com/organizations/v2.0/adminconsent?client_id=ddddc2f1-9b3e-4ca2-99bf-99cbae699402&scope=https://graph.microsoft.com/.default&redirect_uri=https://docs.velatir.com/setup/directory-context ``` 2. Sign in and review the request. It asks for one read-only permission, **Sign in and read user profile** (`User.Read`): | Field | Value | | ----------- | ------------------------------------------- | | Application | Velatir LDAP host | | Publisher | ldap.velatir.com | | Permission | Sign in and read user profile (`User.Read`) | Select **Consent on behalf of your organisation** and accept. 3. The app now appears under **Entra → Enterprise applications → Velatir LDAP host**. Open it there to confirm admin consent is granted (use **Grant admin consent for \[your organisation]** if it is not). You can review the permission, see sign-in activity, or revoke access from the same place at any time. That is the whole setup. Directory context starts flowing once consent is granted. For on-premise Active Directory without Entra, this step is not required: Velatir reads directory details locally. For hybrid setups, grant consent anyway so context still resolves when people work off the corporate network.