Find unmanaged cloud applications with Cloud App Discovery


Cloud App Discovery in Azure Active Directory now provides an enhanced agentless discovery experience powered by Microsoft Cloud App Security. To use Cloud App Discovery, just sign in with your Azure AD Premium P1 credentials. This update is available at no additional cost to all Azure AD Premium P1 customers. Get started with the article Set up Cloud App Discovery in Azure AD, then try out Microsoft Cloud App Security.


The current Azure AD Cloud App Discovery experience with agent-based discovery is to be turned off on March 5, 2018, after which the agents will be disabled and data deleted. Please take action before March 5th to get up and running on the new experience to avoid disruption of service.

With Cloud App Discovery, you can:

  • Find the cloud applications being used and measure that usage by number of users, volume of traffic or number of web requests to the application.
  • Identify the users that are using an application.
  • Export data for offline analysis.
  • Bring these applications under IT control and enable single sign-on for user management.

How it works

  1. Application usage agents are installed on user's computers.
  2. The application usage information captured by the agents is sent over a secure, encrypted channel to the cloud app discovery service.
  3. The Cloud App Discovery service evaluates the data and generates reports.

Cloud App Discovery diagram

Next steps