August 10, 2022
Microsoft is ending support for the Azure Active Directory Graph API. To allow for continued service, if your application providers migrate all Azure Active Directory Synchronization integrations to the MS Graph API, you need to change your API permissions.

Microsoft is ending support for the Azure Active Directory Graph API. To allow for continued service, if your application providers migrate all Azure Active Directory Synchronization integrations to the MS Graph API, you need to change your API permissions.

In my case, Mimecast will migrate all Azure Active Directory Synchronization integrations to the MS Graph API. For Mimecast to do so, you need to grant the required API permissions to the Azure application you created for the Azure Active Directory Synchronization to your Mimecast account. This action must be completed as soon as possible and no later than June 14, 2022, to avoid the risk of service disruption.

1. log in to the Azure portal with a global admin account.

2. On the Azure portal home page, select Azure Active Directory.

3. On the Azure Active Directory page, select App registrations.

4. On the App registrations page, Click the application created for Azure Directory Synchronization to your Mimecast account, in my case is Mimecast Directory Sync.

5. On the Mimecast Directory Sync page, select the API permissions.

6. On the Configured permission page, click Add a permission.

7. On the Request API permissions page, select APIs my organization users.

8. On the APIs my organization users page, search for and select the Windows Azure Active Directory item.

9. On the Azure Active Directory Graph page, select Application permissions.

10. On the Select permissions page, expand the Directory section.

11. Select the Directory.Read.All, click on the Add permissions.

12. On the Configured permissions page, click Add a permission.

13. On the Select an API page, select Microsoft APIs and click Microsoft Graph.

14. On the Microsoft Graph page, select Application permissions.

15. On the Select permissions page, search and expand Directory, select the Directory.Read.All.

16. Search and expand the Directory, select the User.Read.All, click Add permissions.

17. On the Configured permissions page, click Grant admin consent for …

18. On the API permissions page, select Yes, add other grant permissions to configured permissions, click Save and continue.

19. On the API Permissions page, click Grant admin consent.

20. On the Grant admin consent confirmation page, click Yes.

21. Verify the status of API/Permissions.

Hope you enjoy this post.

Cary Sun

Twitter: @SifuSun

Web Site: carysun.com

Blog Site: checkyourlogs.net

Blog Site: gooddealmart.com

About Post Author

Leave a Reply