# AAD - Azure Active Directory

Azure AD is the **primary data source** in SCA and integrates your organization’s user profiles to provide access to company-wide contacts. Contacts are queried via the **Microsoft Graph API**, and accounts are managed in your [**Microsoft Entra ID (Azure AD) tenant**](https://entra.microsoft.com/).

#### App Configuration Parameters

**Defaults (**[**`SecContacts.Defaults`**](https://docs.secure-contacts.com/documentation/app-configuration-policy-name-values-for-sca/sca-configuration-seccontacts.defaults)**):**

* [**AAD\_Enabled**](https://docs.secure-contacts.com/app-configuration-policy-name-values-for-sca/sca-configuration-seccontacts.defaults#enable-or-disable-features) → Enables or disables the Azure AD data source.
* [**AAD\_InitValue**](https://docs.secure-contacts.com/app-configuration-policy-name-values-for-sca/sca-configuration-seccontacts.defaults#initial-value-set-by-default) → Sets the default position of the user’s switch for this data source (on = shown, off = hidden) when SCA is first launched.
* [**AADuseUPNasEmail\_Option**](https://docs.secure-contacts.com/app-configuration-policy-name-values-for-sca/sca-configuration-seccontacts.defaults#appearance-and-functions) → Determines whether to use User Principal Name (UPN) as the email address.
* [**AADonlyEnabledAccounts\_Option**](https://docs.secure-contacts.com/app-configuration-policy-name-values-for-sca/sca-configuration-seccontacts.defaults#appearance-and-functions) → 🆕Filters contacts to include only enabled accounts.

**Customization / Organization:**

* [**SecContacts.AADGroups**](https://docs.secure-contacts.com/documentation/app-configuration-policy-name-values-for-sca/sca-configuration-aad-filters-and-groups-1) → Organize contacts into separate data sources based on Azure AD groups.
* [**SecContacts.CustomDatasourceNames**](https://docs.secure-contacts.com/documentation/app-configuration-policy-name-values-for-sca/sca-configuration-seccontacts.customdatasourcenames) → Assign friendly display names for the data source.

#### Requirements for Contacts

Any AAD contact to be shown in SCA **must have the following three fields populated**:

1. **First name**
2. **Last name**
3. **Valid phone number**

**Note:** Every AAD account in your tenant that meets these requirements will appear as a contact in SCA. Only **Member accounts** are included; **Guest accounts** are ignored.

{% hint style="success" %}

* Each data source, including AAD, can be **hidden by the user** if they do not want to see or use it.
* Hiding a data source does **not affect Caller Identification** — contacts from hidden sources will still resolve incoming calls.
* Use **AADGroups** to split contacts into multiple separate data sources (e.g., by department, region, or team).
  {% endhint %}