On May 3, 2022, the SaaS Management Microsoft Azure and Azure Client Credentials integrations will migrate from Microsoft Azure AD API to Microsoft Graph API. The Azure AD Graph API is now deprecated. Starting June 30, 2022, support ends for Azure AD Graph. Apps using Azure AD Graph after June 30, 2022 will no longer receive responses from the Azure AD Graph endpoint. The following details will help you prepare for the Microsoft Graph API migration.
You must grant permissions for Microsoft Graph API instead of Azure AD Graph API. Refer to the future API endpoints below.
Below are the future Microsoft Graph API endpoints.
Due to SaaS Management's migration from Microsoft Azure AD APIs to Microsoft Graph APIs, existing Azure and Azure Client Credentials integrations will fail due to a 401 Unauthorized Error.
Update the existing permissions to the required Microsoft Graph API permissions:
IMPORTANT: The Azure integration with SaaS Management will fail if consent is not given to both the AuditLog.Read.All and the Directory.Read.All permissions. For details, refer to the Microsoft List signIns documentation section.
More information on new features and enhancements can be found in What's New in Flexera One.
@dwampach1 : We are using Azure Client credentials;
Do we actually need "Auditlog.Read.All" ?
or in other words, if we only provide "Directory.Read.All", what is the impact to SaaS manager
Thanks in Advance
The integration will fail if you don't give it the "Auditlog.Read.All" permission, please refer to Microsoft's documentation: https://docs.microsoft.com/en-us/graph/api/signin-list?view=graph-rest-1.0&tabs=http
We are only using IT Asset Management but our SSO is Connected with Azure, is it going to impact us as well?
Please could you elaborate a bit further on the context here, i.e. are you referring to
Currently, my company has not purchased any Saas products (though looking at it).
We do use SSO to login to our ITAM product and we use Azure.
I'm guessing that means we need to adjust our endpoint as well? Asking because I'm not sure.
The use of Azure AD as an identity provider for Flexera One (SSO) authentication?
I am with @spencer_clark
We are also not using SaaS manager of Flexera
But, we do use Azure SSO as an identifier to login to our ITAM product via FLexera one.
So please confirm if we need to make any changes in our identifer configurations?
I don't think that Microsoft is going to change/deprovision any of the end-points related to use of Azure AD as identity provider for SSO:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.