Connecting to Endpoint Management Service for App Protection Policy

About this task

Connect SOTI MobiControl to Microsoft Endpoint Manager to enable App Protection Policies.


  1. From the SOTI MobiControl web console main menu, select Global Settings > Services > Microsoft 365
  2. In the the App Protection Policies section, click Connect to create an Azure tenant connection.
  3. In the Connect screen, provide the Name and Azure Tenant ID (to find your Azure tenant ID, go to Azure AD portal and navigate to Menu > Active Directory), then click Save.
    You will be redirected to a Microsoft site to sign in.
  4. Sign in to Microsoft, then click Accept on the permissions requested screen, which should look like this:

    Microsoft permissions screen request

    If you connection was successful, you should see a confirmation like the following that allows you to return to SOTI MobiControl :

    Microsoft 365 MobiControl successful connection screen

    Note: If the integration with Endpoint Manager fails, ensure that the user account has sufficient privileges and try again.

    The App Protection Policies section of the Microsoft 365 Global Settings will be populated with your Azure tenant Name and ID, and any policies that you established previously will appear:

    App Protection policy section showing connection and existing profiles

    If you need to disconnect from the tenant, click the Disconnect button. When the Azure tenant is in a disconnected state, existing app protection policies will still be active in Azure, but you cannot view, edit, or delete them using SOTI MobiControl.