The Azure Active Directory Group Expansion component allows the user to request and cache all the group members inside Windows Azure AD. The object of this component is to support group expansion for the Office 365 connectors, such as SharePoint Online.

Note: This component will only extract the Azure Groups (cloud groups) and their members, since users and user memberships inside each Office 365 Application (SharePoint Online, OneDrive or Exchange) will be handled by the connectors and data from the Azure AD will be merged to the connector results. Active Directory group expansion should be handled by the LDAP Cache Component.


First you'll need an Office 365 instance so you can provide a tenant domain (<companyname> to the component.

The component requires a Client ID and a Client Secret from Azure to authenticate. To get this information you first need to register a new application on your Windows Azure AD instance and then ask for both values. Here's a step by step tutorial on how to register the application and obtain them:

How to configure 

The following tutorial is a guide to configure this component as a service on your Aspire Distribution.

For Developers 

Information on the component's input, configuration and results can be found here: