Creating your Azure ATP instance in the Azure ATP portal - Step 1

This installation procedure provides instructions for creating and managing your Azure ATP instance (previously called a workspace). For information on Azure ATP architecture, see Azure ATP architecture.

In Azure ATP, you'll have a single instance enabling you to manage multiple forests from a single pane of glass.


Currently, Azure ATP data centers are deployed in Europe, North America/Central America/Caribbean and Asia. Your instance is created automatically in the data center that is geographically closest to your AAD. Once created, Azure ATP instances are not movable.

Step 1. Enter the Azure ATP portal

After you verified that your network meets the sensor requirements, proceed with the creation of your Azure ATP instance.


You need to be a global administrator or security administrator on the tenant, to access the Azure ATP portal.

  1. Enter the Azure ATP portal.

  2. Log in with your Azure Active Directory user account.

Step 2. Create your instance

  1. Click Create instance.

    Create Azure ATP instance

  2. Your Azure ATP instance is automatically named with the AAD initial domain name, and allocated to the data center located closest to your AAD and created.

    Azure instance created


    To log in to Azure ATP, you'll need to log in with a user assigned an Azure ATP role with rights to access the Azure ATP portal. For more information about role-based access control (RBAC) in Azure ATP, see Working with Azure ATP role groups.

  3. Click Configuration, Manage role groups, and use the Azure AD Admin Center link to manage your role groups. .

    Manage role groups

  • Data retention – previously deleted Azure ATP instances do not appear in the UI. For more information on Azure ATP data retention, see Aure ATP data security and privacy.

See Also