Work

Overview Access Map Apps Findings Remediation Evidence

Policies Extension Gateway Logbook Exposure

Settings

aegress

AccountAD

Overview Access Apps Findings Settings

aegress

Work

Overview Access Map Apps Findings Remediation Evidence

Policies Extension Gateway Logbook Exposure

Settings

aegress

AccountAD

Overview Access Apps Findings Settings

Settings

Connectors, access, audit, and AI controls.

Invite member

ConnectorsScanners and SSONeeds setup0 Access0 SCIM groupsNeeds setup0 AuditSigned event trailhealthy0 BrowserNo eventsNeeds setup0

Settings sectionIntegrationsSwitch

Main

Integrations Extension Storage Team Audit Policies

Roles Notifications

Billing

Dialogs

Integrations Extension Storage Team Audit Policies

Roles Notifications Billing Dialogs

Connectors

No connectors found for this tenant.

Scanners

No scanner-ready provider accounts found.

Ask Aegress

Needs setup

SetupPlatform default

Answer model

Not configured

Knowledge index

Setup / Not configured

Indexed

Not indexed

Chunks

AI routePlatform keys

Chat providerChat modelIndex providerEmbed modelChat key

Ask Aegress needs API_ACTOR_ID.

Waiting

Active

Failed

Reindex unavailableTenant admin context is required before knowledge can be indexed.

Advanced setupSSO, SCIM, classifier, deployment paths

Enterprise SSO

draft

1Choose IdP2Paste config3Test

Provider

Entra ID SSO

Domain

unverified

Last test

Embed key

Advanced endpoints

EndpointRoute name

Use platform keys or store tenant keys.

Connection fields

Identity provider

EntraMicrosoft Entra app registrationOIDCOkta, Auth0, Ping, Google OIDCSAMLOkta, OneLogin, legacy IdPs

DomainEntra tenantClient IDClient secret

Issuer

SAML fieldsEntry point, cert, metadata

SSO URLCertificateMetadata XML

Callback values

Provider ID

Callback / ACS URL

Local BetterAuth stays active.SCIM 2.0 is optional for group sync.

Recent SSO setup

No SSO setup activity yet.

SCIM provisioning

One Aegress token. Paste it in Entra.

Token creation unavailableTenant admin context is required before SCIM tokens can be generated.

Open Entra

1. Create token

2. Paste URL + token

3. Assign groups

No SCIM tokens yet.

Surface setup

Local BetterAuthEmail/password admin access MCP gateway onlyTeam endpoint and tool policy Extension onlyManaged or local browser rollout Enterprise suiteOIDC/SAML plus SCIM 2.0

Prompt classifier

optional

Not used in Inventory only mode

Browser discovery can improve Purview coverage without a prompt classifier. Configure this only for Audit metadata or Full protection.

Classifier settingsProvider, evidence, thresholds

DisabledInventory only

Provider

DisabledOpenAIAnthropic ClaudeGoogle GeminiAzure AI FoundryOpenRouter / compatible

Mode

Anonymize before sendReplace client, portfolio, PII, and secret values locally before prompts or supported files are sent.EnforceWarn and block users when policy or classifier risk is high.Audit onlyAllow users silently, keep observed warn and block events in audit.

Confidence levers

Warn fromBlock from

Sensitive onlyPolicy or classifier hit

Evidence

MetadataRedactedFull prompt

CredentialsModel, key, endpoint

ModelBase URLAPI key

Azure resourceAzure API

Structured outputAzure deployment URLs

Modular deployment

Local authBetterAuth email/password

Active

Enterprise SSOAny OIDC or SAML IdP

Optional

SCIM 2.0Users and groups sync

Optional

MCP onlyTenant endpoint + tool policy

Supported

Extension onlyStore, CRX, or local profile

Supported

Managed rolloutIntune, Edge, or Chrome policy

Optional