Required Microsoft licenses for Office 365 integration with RocketCyber

Required roles and licenses

Before integrating RocketCyber with Office 365, please ensure the following:

Microsoft 365 Plan: Your Microsoft 365 plan must include Entra ID Premium. If it does not, you will need to purchase this separately.
Tenant verification: Confirm that your tenant is not in GCC High, GCC, or DoD, as these are not supported versions of Microsoft 365 for integration.
Global Admin Rights: The integration account must have global administrator privileges in Microsoft 365.

Assign the Security Reader role in Microsoft Entra ID (formerly Azure Active Directory). Refer to Adding the Security Reader role in Entra ID.
Entra ID Premium License: Verify that at least one Entra ID Premium P1 or P2 license is assigned per tenant. This is a requirement for RocketCyber to function properly. Consult with Microsoft to determine the appropriate number of P1 or P2 licenses needed for your organization.
- P1 License: Provides basic identity protection and conditional access.
- P2 License: Adds advanced identity protection and risk-based conditional access.
NOTE An Entra ID P2 License is preferred for full visibility of Risk Detection fields. If you apply a P1 license, the following fields will be displayed as "hidden" in the Risk Detection data:
- riskLevel
- riskDetail
- description

Checking your license

1. Log in to Microsoft Admin Portal.

2. Navigate to Users → Select the User → Licenses and Apps tab.

3. Confirm that either the Entra ID Premium P1 or P2 license is assigned.

If you do not have an Entra ID P1 or P2 license, refer to How To Add Entra ID Premium P1 or P2 to learn how to acquire Entra ID Premium P1 or P2 from Microsoft.

Understanding Microsoft 365 vs. Office 365 licenses

Many organizations mistakenly believe that Office 365 includes all necessary security features. However, the advanced identity protection required by RocketCyber is only available through Entra ID Premium licenses.

Key distinctions

Microsoft 365 licenses and Office 365 licenses are different, although they are often bundled together in Microsoft 365 plans. Here’s the breakdown:

Office 365 license overview

Cover productivity apps such as Outlook, Word, Excel, PowerPoint, Teams, and SharePoint.
Examples include Office 365 E1, E3, and E5, which focus primarily on collaboration and productivity tools.

Office 365 licenses

Office 365 E1: Web-based Office apps, Teams, Exchange email, SharePoint.

Office 365 E3: Adds desktop Office apps, compliance tools, and basic security.

Office 365 E5: Includes advanced analytics (Power BI), Microsoft Defender, and threat protection.

Microsoft 365 license overview

Microsoft 365 is a broader suite that includes:

Office 365 apps (same as above).

Windows OS licensing.

Enterprise Mobility + Security (EMS), which encompasses Microsoft Entra ID Premium (P1/P2).

Microsoft 365 licenses

Business Plans (up to 300 users)
- Business Basic: Web/mobile Office apps, Teams, Exchange email, 1 TB OneDrive.
- Business Standard: Adds desktop Office apps, webinar hosting.
- Business Premium: Includes Intune, Azure AD Premium P1, and Microsoft Defender for Business.
- Apps for Business: Desktop apps only (no email or Teams).
Enterprise Plans (unlimited users)
- E1: Web apps, Teams, email, basic security.
- E3: Adds desktop apps, advanced security, compliance.
- E5: Includes Power BI Pro, Microsoft Defender, and advanced threat protection.
- F3: Designed for frontline workers (limited features).

These plans combine productivity, security, and device management.

Key differences

It's crucial to understand that an Office 365 license alone does NOT include advanced identity security features like Conditional Access, Identity Protection, or Risk Detection APIs. Microsoft 365 plans typically include Entra ID Premium P1 or P2, which are required for RocketCyber integration.

Entra ID Premium licenses (P1/P2)

These identity and security-focused licenses enable:

Conditional Access
Identity Protection
Risk Detection APIs (used by RocketCyber)

Security Reader role

IMPORTANT Even if you have Office 365 E3 or E5, you still need Entra ID P1 or P2 for RocketCyber integration.

License comparison table

Refer to the comparison table below to understand the capabilities of Office 365, Microsoft 365, and Entra ID Premium licenses, especially concerning RocketCyber integration.

Key takeaways

Office 365 licenses (E1/E3/E5) cover apps and collaboration tools but lack advanced identity security features.

Entra ID Premium licenses (P1/P2) are required for RocketCyber integration, as they enable:
- Security Reader role
- Risk Detection APIs
- Conditional Access policies

A P2 license is preferred for complete functionality, ensuring Risk Detection fields are visible.
If your organization currently uses Office 365 licenses, consider upgrading to Microsoft 365 licenses that include Entra ID Premium to gain access to essential security features.

	Need help? Submit a Kaseya Helpdesk request.
	Want to talk about it? Head over to Kaseya Community.
	Have a new feature idea? Visit the Kaseya Ideas portal.
	Provide feedback for the Documentation team.