Quickstart: Create your Microsoft Defender for Identity instance

In this quickstart, you'll create your Microsoft Defender for Identity instance in the Defender for Identity portal. In Defender for Identity, you'll have a single instance, previously called a workspace. A single instance enables you to manage multiple forests from a single pane of glass.

Important

Currently, Defender for Identity data centers are deployed in Europe, UK, North America/Central America/Caribbean and Asia. Your instance is created automatically in the data center that is geographically closest to your Azure Active Directory (Azure AD). Once created, Defender for Identity instances aren't movable.

Prerequisites

Sign in to the Defender for Identity portal

After you verified that your network meets the sensor requirements, start the creation of your Defender for Identity instance.

  1. Go to the Defender for Identity portal*.

  2. Sign in with your Azure Active Directory user account.

* GCC High customers must use the Defender for Identity GCC High portal.

Create your instance

  1. Select Create instance.

    Create Defender for Identity instance

  2. Your Defender for Identity instance is automatically named with the Azure AD fully qualified domain name and created in the data center located closest to your Azure AD.

    Azure instance created.

    Note

    To sign in to Defender for Identity, you'll need to sign in with a user assigned a Defender for Identity role with rights to access the Defender for Identity portal. For more information about role-based access control (RBAC) in Defender for Identity, see Working with Defender for Identity role groups.

  3. Select Configuration, Manage role groups, and use the Azure AD Admin Center link to manage your role groups.

    Manage role groups.

Next steps

Join the Community

Have more questions, or an interest in discussing Defender for Identity and related security with others? Join the Defender for Identity Community today!