What access is needed to configure inventory collection for Office 365?

What access is needed to configure inventory collection for Office 365?

Summary

What access is needed to configure inventory collection for Office 365 from the Graph API?

 

These are the current credentials as of June 2020. This KB will be updated alongside any changes from Microsoft.

 

Requirements

The credentials required for the initial connection to Office 365 is the Cloud Administrator Access Role within Azure AD.

This role is required when generating the token, it can then be revoked after but please be aware that once the token has expired you will need this role again.

 

The other role that is currently required is the Reports Reader Role. This role is used to gather the information from the graph API. Without this role, the adapter will fail with the following error:

 

2020-05-20 18:38:22,776 [INFO ] Failed to execute Reader 'Get Usage from Office 365 Exchange' from file C:\ProgramData\Flexera Software\Compliance\ImportProcedures\Inventory\Reader\microsoft 365\Usage.xml, at step line 1

Error: The remote server returned an error: (403) Forbidden.

2020-05-20 18:38:22,776 [INFO ] All retries have been attempted for Reader 'Get Usage from Office 365 Exchange'

2020-05-20 18:38:22,776 [INFO ] Completed with error in 51 minutes, 1 second.

2020-05-20 18:38:22,776 [ERROR] System.Net.WebException: The remote server returned an error: (403) Forbidden.

 

Quick Answer

Cloud Administrator Access

Cloud app admin.png

Reports Reader 

 o365 reports reader.png

 

Links

The following link shows how you can assign a role within Azure AD

https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-how-to-ad...

Was this article helpful? Yes No
No ratings
Comments

Hi,

This article could need a bit more formatting. Please at least highlight the role names. If possible, please add a description and/or screenshot where to set the roles in the 365 cloud portal.

Best regards,

Markward

Version history
Revision #:
2 of 2
Last update:
‎Jun 29, 2020 07:48 AM
Updated by:
 
Contributors