# Azure Defender for Cloud authentication

> This connector supports **OAuth 2.0 Client credentials** authentication.

## Prerequisites

This connector supports **OAuth 2.0 Client credentials** authentication.

To create a connection, you need the following credentials:

* **Tenant ID** - The tenant ID of your Azure Active Directory. You can find it in the Azure portal under Azure Active Directory > Overview.* **Client ID** - The client ID of the registered application in AAD. You can find it in the Overview section of your Microsoft Azure application registration.
* **Storage Account Name** - The name of your Azure Storage account. You can find it in the Azure portal under Storage accounts > [Your storage account] > Overview.
* **Resource Group Name** - The name of the resource group where your Azure Storage account is located. You can find it in the Azure portal under Storage accounts > [Your storage account] > Overview.
* **Client ID** - The client ID of the registered application in AAD. You can find it in the Overview section of your Microsoft Azure application registration.
* **Subscription ID** - The ID of your Azure subscription. You can find it in the Azure portal under Subscriptions > [Your subscription] > Overview.
* **Client secret** - The client secret of the registered application in AAD. You can create a new client secret in the Certificates & secrets section of your Microsoft Azure application registration.

## Add the Azure Defender for Cloud connection

To create a connection to your Azure Defender for Cloud instance, you need to perform the following steps:

1. Select Orchestrator from the product launcher.
2. Select a folder, and then navigate to the **Connections** tab.
3. Select **Add connection**.
4. To open the connection creation page, select the connector from the list. You can use the search bar to find the connector.
5. Select the **connection type** (Public or Private), enter the required information, and select **Connect**.

   For any secret-type field, you can select the menu next to the field and choose **Use credential asset** to reference an Orchestrator credential asset linked to an external vault instead of entering the value directly. For more information, see [Use credential assets for connections](credential-store-connections.md).