January 3, 2025
052422_1513_AzureActive6.png
Microsoft is ending support for the Azure Active Directory Graph API. To allow for continued service, if your application providers migrate all Azure Active Directory Synchronization integrations to the MS Graph API, you need to change your API permissions.

Microsoft is ending support for the Azure Active Directory Graph API. To allow for continued service, if your application providers migrate all Azure Active Directory Synchronization integrations to the MS Graph API, you need to change your API permissions.

In my case, Mimecast will migrate all Azure Active Directory Synchronization integrations to the MS Graph API. For Mimecast to do so, you need to grant the required API permissions to the Azure application you created for the Azure Active Directory Synchronization to your Mimecast account. This action must be completed as soon as possible and no later than June 14, 2022, to avoid the risk of service disruption.

1. log in to the Azure portal with a global admin account.

2. On the Azure portal home page, select Azure Active Directory.

3. On the Azure Active Directory page, select App registrations.

4. On the App registrations page, Click the application created for Azure Directory Synchronization to your Mimecast account, in my case is Mimecast Directory Sync.

5. On the Mimecast Directory Sync page, select the API permissions.

6. On the Configured permission page, click Add a permission.

7. On the Request API permissions page, select APIs my organization users.

8. On the APIs my organization users page, search for and select the Windows Azure Active Directory item.

9. On the Azure Active Directory Graph page, select Application permissions.

10. On the Select permissions page, expand the Directory section.

11. Select the Directory.Read.All, click on the Add permissions.

12. On the Configured permissions page, click Add a permission.

13. On the Select an API page, select Microsoft APIs and click Microsoft Graph.

14. On the Microsoft Graph page, select Application permissions.

15. On the Select permissions page, search and expand Directory, select the Directory.Read.All.

16. Search and expand the Directory, select the User.Read.All, click Add permissions.

17. On the Configured permissions page, click Grant admin consent for …

18. On the API permissions page, select Yes, add other grant permissions to configured permissions, click Save and continue.

19. On the API Permissions page, click Grant admin consent.

20. On the Grant admin consent confirmation page, click Yes.

21. Verify the status of API/Permissions.

Hope you enjoy this post.

Cary Sun

Twitter: @SifuSun

Web Site: carysun.com

Blog Site: checkyourlogs.net

Blog Site: gooddealmart.com

Author: Cary Sun

Cary Sun has a wealth of knowledge and expertise in data center and deployment solutions. As a Principal Consultant, he likely works closely with clients to help them design, implement, and manage their data center infrastructure and deployment strategies.
With his background in data center solutions, Cary Sun may have experience in server and storage virtualization, network design and optimization, backup and disaster recovery planning, and security and compliance management. He holds CISCO CERTIFIED INTERNETWORK EXPERT (CCIE No.4531) from 1999. Cary is also a Microsoft Most Valuable Professional (MVP), Microsoft Azure MVP, Veeam Vanguard and Cisco Champion. He is a published author with several titles, including blogs on Checkyourlogs.net, and the author of many books.
Cary is a very active blogger at checkyourlogs.net and is permanently available online for questions from the community. His passion for technology is contagious, improving everyone around him at what they do.

Blog site: https://www.checkyourlogs.net
Web site: https://carysun.com
Blog site: https://gooddealmart.com
Twitter: @SifuSun
in: https://www.linkedin.com/in/sifusun/
Amazon Author: https://Amazon.com/author/carysun