MicrosoftIf I understand correctly:
What really confuses me, is that I have 8 app registrations that show up in App Registrations when I filter by "requested API: Azure Active Directory Graph",
yet none of these are showing in the recommendation, in fact I don't even see the recommendation "Migrate Applications from the Retiring Azure AD Graph APIs to Microsoft Graph". Some of these apps only have AAD Graph API permissions, and not MS Graph API permissions. So why is the recommendation missing these apps?
I have updated the authenticationBehaviors for these apps using the Graph Explorer, but I can't see the change reflected in PowerShell:
╰─❯ Get-MgBetaApplication -Filter "appId eq '2c877393-cb82-4c38-b958-d5aecd92268b'" | select -ExpandProperty authenticationBehaviors | fl
BlockAzureAdGraphAccess :
RemoveUnverifiedEmailClaim :
RequireClientServicePrincipal :
AdditionalProperties : {}
What will happen to these apps come 1st February 2025??
Furthermore, I DO get the "Migrate Service Principals from the retiring Azure AD Graph APIs to Microsoft Graph" recommendation, but there are 0 service principals impacted. I have found using ENow AppGovScore that I have 57 service principals that are using Azure Active Directory Graph (Display name is actually Windows Azure Active Directory). So I don't know if I have 3rd Party vendors to contact to mitigate the issue or not??
I know that the majority of those 57 service principals are Microsoft 1st party apps that are already extended until June. However, I will need to update these to a newer version by June 2025 to ensure continued operation.
Please help me by providing more clarity on how to proceed!
