Automate your GDPR Consent process with the help of Microsoft Lighthouse.


If you plan to configure the GDPR admin relationship for each end-customer tenant, you must ensure that your account has a Microsoft Entra ID P2 license. This specific license is necessary to grant application administrator rights for the purpose of obtaining Consent. Once the Consent is approved, you can remove the Application administrator from the GDAP partner administrator profile.


To use this license, it must be linked to your Zomentum service account.


The minimum access rights for Zomentum service accounts are Global Reader and Application Administrator.


Please note that configuring Microsoft Lighthouse is not within the scope of Zomentum. 
For instructions on how to do it, please refer to this guideline: https://learn.microsoft.com/en-us/microsoft-365/lighthouse/m365-lighthouse-setup-gdap?view=o365-worldwide. 

Alternatively, you can use the following steps as a reference:

  •  Log in to Lighthouse.
  • Set up GDAP


  • To begin the GDAP wizard, please initiate the process using the instructions.

  • Please ensure that the role of the Application Administrator is properly labelled or marked.

  • Create a GDAP template with the following roles: Service Desk and Only JIT
    Check with your IT department which roles you need for your organization.

  • To ensure proper security, it's necessary to add the Zomentum service account to all relevant Security groups.

  • Get in touch with your IT department or refer to Microsoft Documentation for instructions on setting JIT access.
  • Please select all tenants that require consent for GDPR compliance.


  • Review the settings. If there is no relation with the end user tenant, an admin relationship request will be generated, and whenever possible, a new GDAP profile will be created.