Update your applications to use Microsoft Authentication Library and Microsoft Graph API

Published Jun 22 2020 09:00 AM 165K Views

Howdy folks,

 

Microsoft Build 2020 allowed us to engage deeply with our developer community, and we are continuing to improve how developers can easily use identity features in their applications. To help developers take advantage of all the identity features available in our platform, were now recommending that all developers to use the Microsoft Authentication Library (MSAL) and the Microsoft Graph API in their application development. Moving forward, all new identity capabilities will only be available in MSAL and Microsoft Graph. Were also providing guidance on end of support timelines for Azure Active Directory (Azure AD) Authentication Library (ADAL) and Azure AD Graph API, so you can plan to update any applications that are still using either one of them.

 

Why use MSAL and Microsoft Graph?

MSAL makes it easy for developers to add identity capabilities to their applications. With just a few lines of code, developers can authenticate users and applications, as well as acquire tokens to access resources. MSAL also enables developers to integrate with the latest capabilities in our platformlike passwordless and Conditional Access.

 

Microsoft Graph API offers a single endpoint for developers to access Azure AD APIs, as well as APIs from several other Microsoft services like Teams, Exchange, and Intune. Microsoft Graph has all the capabilities that have been available in Azure AD Graph, such as service principal and app role assignment—and new Azure AD APIs like identity protection and authentication methods. Developers can also use the Microsoft Graph client libraries and get built-in support for features like retry handling, secure redirects, transparent authentication, and payload compression.

 

End of support timelines for ADAL and Azure AD Graph API

We’re publishing the following timelines for end of support of ADAL and Azure AD Graph.

 

Starting, June 30th, 2020, we will no longer add any new features to ADAL and Azure AD Graph. We will continue to provide technical support and security updates but will no longer provide feature updates.

 

Starting June 30th, 2022, we will end support for ADAL and Azure AD Graph and will no longer provide technical support or security updates. Apps using Azure AD Graph after this time will no longer receive responses from the Azure AD Graph endpoint. Apps using ADAL on existing OS versions will continue to work after this time but will not get any technical support or security updates.

 

Plan to update your applications with MSAL and Microsoft Graph

You can get started by using our migration guides to identify which applications need to be updated and how to best transition to MSAL and Microsoft Graph. For applications that are using ADAL, review our migration guide to transition to MSAL. For applications that are using Azure AD Graph, follow our guidance to migrate Azure AD Graph apps to Microsoft Graph.

 

In the coming months, we'll be providing reporting in the Azure portal to help you self-identify which of your apps are using ADAL or Azure AD Graph. For any other questions, open issues, and feature requests, let us know through Stack Overflow by using the tag adal-deprecation or azureadgraph-deprecation.

 

As always, we’d love to hear any feedback or suggestions you may have. Please let us know what you think in the comments below or on the Azure AD feedback forum.

 

Best regards, 

Alex Simons (Twitter: @Alex_A_Simons)

Corporate Vice President of Program Management

Microsoft Identity Division

35 Comments
Senior Member

I received the email with a link to this article and the message: "You are receiving this message because our reporting indicates one or more of your applications are using ADAL."

 

We don't develop our own apps and want to find which ones are using ADAL. However, there doesn't seem obvious choices in the Azure support area for that... Which should I select?

 

Thanks

Occasional Contributor

I received the email with a link to this article and the message: "You are receiving this message because our reporting indicates one or more of your applications are using ADAL."

 

So now I want to know how I can get a report of the applications that are using ADAL.

Occasional Visitor

Same as the two comments above.  I have had the email to say we are using ADAL.

 

The only thing I can think of for me is our Hybrid Exchange or Azure AD Connect service?

Regular Visitor

Again same as all above comments, email to say we are using ADAL but no idea what would be using it, we do not develop our own apps. The only service I can think of is Azure AD Connect.

Microsoft

We are working on the new feature in the Azure AD Portal with which we can provide you this list of applications which are using ADAL and/or Azure AD Graph. Now we have also updated the blog post which talks about the product enhancements. 

Senior Member

@Jeevan Desarda- Thanks for that.

Can you confirm if AD Connect and Exchange Hybrid use either of the soon-to-be-depreciated methods?

 

Then, those of us non-developers can relax and wait for updates from Microsoft.

Occasional Visitor

Hello, I'm trying to create a script that dumps all the IAM roles (Get-AzRoleAssignment). Using service principal to login. When using the Microsoft Graph API permissions, I get Microsoft.Rest.Azure.CloudException. When debugging, it meant my SP is unauthorized. But when I'm  using the legacy API (Azure Active Directory Graph) permissions, it works great. Any idea? 

Occasional Contributor

@Jeevan Desarda 
when we can expect the new feature be able to see easy which apps are affected, we have thousands reason why asking.


New Contributor

Thanks for this post, Alex (getting an error about invalid HTML in message when @ mentioning you, so removing that link). As the others before me have stated, I'm looking for documentation for how to determine which applications are currently using ADAL. I did find another article from April 2019 about how to use ADAL, so I suspect that our Developers will need to comb through configuration files, looking for the code.

Occasional Visitor

I'm a little confused...your initial paragraph says "Azure Active Directory (Azure AD), Authentication Library (ADAL) and Azure AD Graph API" are going away. 

But...your link to Microsoft Build 2020 says "MSAL makes it easy to implement the right authentication patterns that support any Microsoft identity—from Azure Active Directory (Azure AD) accounts to Microsoft accounts".

Meanwhile...if I Google "Is Azure AD going away"...I get different answers such as "Azure AD Basic is going away" (whatever that means).

 

  • Is Azure AD going away?
  • Or is Azure AD simply changing?
  • What about B2C and B2B?  What happens if Azure AD goes away?  Or do they change (somehow)?
  • Is MSAL and the Microsoft Graph API completely replacing Azure AD?
  • Or, are MSAL and the Microsoft Graph API going to "fit into" a new version of Azure AD?

    And lastly...

  • Is there a video that clarifies all of this?

 

Thanks for the help.

Occasional Visitor

I am a little confused...your initial paragraph says "Azure Active Directory (Azure AD), Authentication Library (ADAL) and Azure AD Graph API" are going away.


But...the Microsoft Build 2020 link says "MSAL makes it easy to implement the right authentication patterns that support any Microsoft identity—from Azure Active Directory (Azure AD) accounts to Microsoft accounts"


Meanwhile...if I Google "Is Azure AD going away" I get differing results, such as "Azure AD Basic is going away." (whatever that means).

So...

  • Is Azure AD going away?
  • Or, is Azure AD simply changing in some manner?
  • What about B2C or B2B?  What happens to them?

    Lastly...

  • Do you have a video that explains all this?

 

Thanks for clarifying this for me.

Occasional Contributor

It's 'Azure Active Directory Authentication Library (ADAL)' that is going away; not Azure AD.

Occasional Visitor

We have implemented azure b2c to control access to one of our applications.  As part of this process we have User flows for the signup process but we also (within our application itself) use MS graph to create users directly into azure b2c that we can then link to our application. 

 

We also have a user portal where they are able to update their password - we are using MS graph to update the users password via the call

 

Tomp_BCU_0-1607599659822.png

This all works fine in our UAT environment - using a b2c tenant that i setup Feb 2020 i was able to setup API permissions both application and delegate and able to set the following permission under API permissions for the application

 

Tomp_BCU_1-1607599775717.png

This (i believe enables the above call to work)

 

When we then went live - we setup a production environment and production version of b2c we were unable to set this permission as a delegate permission on Microsoft graph and this therefore stops us being able to update the users password from within the users web portal.  All the other functionality is working fine e.g. creating users through MS Graph.  When we try and call the update password method (on production) we get the following;

 

Tomp_BCU_2-1607600224436.png

 

Now i know that i can use user flows (which we do have in place as part of the registration process) but we want a seamless (as is working on our UAT environment) user experience so wish to do the password update through MS Graph.

 

Any thoughts on this, i have logged the issues through Microsoft support and chatted to their Tek experts but they don't seem to have an answer for this.

 

 

Occasional Visitor

I'm facing the issue "AADSTS65001: The user or administrator has not consented to use the application with ID '' named ''. Send an interactive authorization request for this user and resource." when upgrading from ADAL to MSAL.

I'm using the on behalf flow to get access token. The ADAL I used before always works, but the MSAL always throws this exception.

 

This code uses MSAL got this error.

 

 

 

KienTruong_0-1610099060056.png

 

This code uses ADAL work for me

KienTruong_1-1610099095762.png

 

 

 

  

Occasional Visitor

Hello,  I'm researching for my application, if there any impacting with end of support with "Azure AD & ADAL", when I look into the code, I see we are calling IAuthenticationProvider.GetAuthToken(clientId, appKey); 

 

           Based on my research, we are using microsoft graph client only. So there may not be any impact with end of support Azure AD & ADAL . Can you please confirm.

 

Much appreciated in advance.

 

 

Occasional Visitor

Instructions unclear, ****** stuck in blender.

 

I'm not aware what your marking calls things today but we are authenticating O365 users for our services. We initiate the authentication by redirecting users to

 

https://login.windows.net/common/oauth2/authorize?response_type=code&resource=https://graph.windows.net&client_id=$CLIENT_ID&redirect_uri=$REDIRECT_URL

 

and then later request data from https://login.windows.net/common/oauth2/token and we are only interested in the "oid" data. If available, we also show "given_name" and "family_name" back to the user but we don't actually need those. We don't use any libraries except standard HTTP over TLS implementation.

 

Do we need to use ADAL or MSAL in the future or is this API going to work in future, too?

 

The Azure portal UI does have warnings such as

Starting November 9th, 2020 end users will no longer be able to grant consent to newly registered multitenant apps without verified publishers.
Publisher domain: Unverified
The application’s consent screen will show ‘Unverified’.
Due to temporary differences in supported functionality, we don't recommend enabling personal Microsoft accounts for an existing registration. If you need to enable personal accounts, you can do so using the manifest editor.
This application is using Azure AD Graph API, which is on a deprecation path. Starting June 30th, 2020 we will no longer add any new features to Azure AD Graph API. We strongly recommend that you upgrade your application to use Microsoft Graph API instead of Azure AD Graph API to access Azure Active Directory resources.

 and everything still works just fine. Should I just ignore all those warnings, whatever they try to say?

Occasional Visitor

Are they going to do a production release anytime soon of the @azure/msal-angular package any time soon? It says NOT FOR Production

Occasional Visitor

@Alex Simons (AZURE) 

 

I need to create Application Id (by registering app in the AAD) so that I can use that in making the connection to MS Dynamics via C#. For connection, I will be using the CRMServiceClient (from Microsoft.Xrm.Tooling.Connector) with OAuth authentication. 

 

Previously, I was using OrganizationService endpoint to make the connection but as it will be expiring soon, I have taken a route using CRMServiceClient with AuthType 'OAuth'.

 

I am worried if the app registration in AAD is deprecated then how can I create the Application Id.

Will you please help me know if this change will impact creating an Application Id?

Microsoft

@Developer150 App registration in AAD is not getting deprecated. The ADAL libraries published are the ones that will be reaching end of support by June 30th, 2022. So this will not impact creating application Ids in Azure AD. 

 
Occasional Contributor

Hello,

 

Can you please confirm if we should do anything with this situation:

1. We have some Microsoft apps and our own apps registered or added via enterprise apps

2. For all those apps, under the Azure App Registration->Permissions section, we see the message: "This application is using Azure AD Graph API, which is on a deprecation path. Starting June 30th, 2020 we will no longer add any new features to Azure AD Graph API. We strongly recommend that you upgrade your application to use Microsoft Graph API instead of Azure AD Graph API to access Azure Active Directory resources.  Learn more"

3. If we change manually the Permissions grant from Azure Active Directory Graph to Microsoft Graph, then the message disappears

 

But should we do this for all apps, like for all that we have registered or added via the Enterprise apps section or it can be kept with Azure Active Directory Graph,

Because any new app registered or added via Enterprise apps still by default receives the Azure Active Directory Graph permissions grant.

Or we should walk one by one app and change from Azure Active Directory Graph to Microsoft Graph? Or this will be done automatically from the Microsoft side when the date comes (June 30th, 2022)?

And if we should do this manually, should it be done for Microsoft Apps and for 3rd-party registered? 

And if we should do this manually, is it possible to replace it automatically using a PowerShell script?

 

lightupdifire_0-1623741718608.png

 

Occasional Contributor
Senior Member
Published Jun 22 2020 09:00 AM 

...

 

In the coming months, we'll be providing reporting in the Azure portal to help you self-identify which of your apps are using ADAL or Azure AD Graph. 

Hi! The Sign-ins workbook can now report the ADAL items, but is there some kind of ready-to-go report for the Azure AD Graph API as well?


I ran the PowerShell: Get-AzureADApplication | Select-Object DisplayName,AppId -ExpandProperty RequiredResourceAccess |where{$_.ResourceAppId -eq "00000002-0000-0000-c000-000000000000"} and got a list of apps using Azure AD Graph API, but was wondering if there is any report for this about usage?

 

Thanks!

Microsoft

@Markus Peltola We are releasing this PowerShell script for you which can provide you the list of applications using Azure AD Graph. microsoft/AzureADGraphApps: These are the applications which are using Azure AD Graph permissions in...

 

But we are very much near to provide this report inside the Azure Portal soon. Once we release that I will update this thread. Right now we are expecting it will be after summer.

 

Thanks.

Microsoft

@lightupdifire Now when you register a new application in App Registration you will see that MS Graph permissions are now added not the Azure AD Graph permissions. When you update the existing applications to use MS Graph Permissions you need to provide the consent again for the application as the permissions on the app are changing. Also you need to do this to only the applications which you have registered in your tenant i.e. single tenant apps and multi-tenant apps which you have published.

 

We will be doing the updates on the Microsoft apps and there is no specific action you have to take for Microsoft owned application. We can write the script to map the same permission sets from Azure AD Graph to MS Graph permissions but in that case also you need to provide consent again to those apps.  

Soon we will show this list of applications which are using Azure AD Graph permissions in your tenant. Then things will become easy as you can directly take action on it. This list we are building on the telemetry what we see on the Azure AD Graph endpoint and not just the apps which are using these Azure AD Graph permissions. 

 

Let me know if you still have questions.

Thanks,

Jeevan Desarda

Occasional Visitor

Hi,

I'm using MSAL JS in order to authenticate users in a PWA application developed using Angular. Sometimes login works perfectly, redirecting users to the home page of the app. Other times login popup opens, users insert their login but then login procedure fails with this error:

 

BrowserAuthError: hash_empty_error: Hash value cannot be processed because it is empty. 
Please verify that your redirectUri is not clearing the hash. 

 

Will you please provide any suggestions or help

 

Microsoft

@Kondapalli1524 Can you please raise this as an issue under the MSAL.js GitHub sample? There our team can triage this and will provide the solution. 

 

Occasional Contributor

@Jeevan Desarda 

 

Thanks for the answer! I did walk thru all apps in our tenant and updated them with exact same permissions as it was for AAD Graph.

Microsoft apps didn't even touch, so hopefully, all will be updated automatically :)

 

Microsoft

@lightupdifire Yes, no action is required from you on the Microsoft apps. As we update them they will automatically get updated in your tenant. 

Hello. Currently Azure AD B2C default app ('b2c-extensions-app') is using AAD Graph API. 'b2c-extensions-app' is under B2C system control. I'm not require do something? Is migrate automatically?

KeijiKAMEBUCHI_0-1631878765417.png

 

Occasional Visitor

Hello - It looks like the AAD graph option is now greyed out and inaccessible
We have an app solution that needs to be able to add these permissions for the next few months at least until we migrate - is there any way to add the permissions via API still in the mean time?
The advertised deprecation is still about 9 months away so we have been caught a little off guard in the short term.

Contact2763_0-1632962285918.png

 

Occasional Contributor

We're also in a bind because this is inaccessible. We are trying to on-board a new client, and one of our vendor solution hasn't updated yet. Why are we unable to use this 9 months ahead of the deadline???

Senior Member

Agree with the previous commenters, disabling the permissions 9 months ahead of the end-of-life was not expected. Has anyone tried adding these permissions directly via API yet?

Occasional Visitor

Timelines above mention NOTHING regards greying out the option, which would have helped me plan the migration work to Graph API. Congratulations Microsoft, you have just blocked a large customer onboarding en-masse to your cloud. wait is that AWS over there....

Occasional Visitor

dug this out of Microsoft, i hope it helps others that have been blindsided by this (note - obtain the values from an existing app reg):

 

"use the Manifest option from the app registration instead of API permissions. You will be able to add the permissions you need if you add a piece of code to this file in the requiredResourceAccess section. The resourceAppId "00000002-0000-0000-c000-000000000000" is the id used for AAD Graph API.

 

If you want to add delegated permissions, you need to use the type "Scope"  and if you want to use app permissions, you need to use "Role"."

Microsoft

We have tweet about it previously here https://twitter.com/Microsoft365Dev/status/1432810426442649603?s=20 Sorry if you have missed this announcement!!

The API and PowerShell approach still works to configure Azure AD Graph permissions with Azure AD. Our whole objective here is to reduce the new applications using Azure AD Graph permissions. So that you will have less number of apps to migrate and create a migration boundry for yourself. 

 

%3CLINGO-SUB%20id%3D%22lingo-sub-1557338%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1557338%22%20slang%3D%22en-US%22%3E%3CP%3EI%20received%20the%20email%20with%20a%20link%20to%20this%20article%20and%20the%20message%3A%20%22You%20are%20receiving%20this%20message%20because%20our%20reporting%20indicates%20one%20or%20more%20of%20your%20applications%20are%20using%20ADAL.%22%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20don't%20develop%20our%20own%20apps%20and%20want%20to%20find%20which%20ones%20are%20using%20ADAL.%20However%2C%20there%20doesn't%20seem%20obvious%20choices%20in%20the%20Azure%20support%20area%20for%20that...%20Which%20should%20I%20select%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1557379%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1557379%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EI%20received%20the%20email%20with%20a%20link%20to%20this%20article%20and%20the%20message%3A%20%22You%20are%20receiving%20this%20message%20because%20our%20reporting%20indicates%20one%20or%20more%20of%20your%20applications%20are%20using%20ADAL.%22%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3ESo%20now%20I%20want%20to%20know%20how%20I%20can%20get%20a%20report%20of%20the%20applications%20that%20are%20using%20ADAL.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1557982%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1557982%22%20slang%3D%22en-US%22%3E%3CP%3ESame%20as%20the%20two%20comments%20above.%26nbsp%3B%20I%20have%20had%20the%20email%20to%20say%20we%20are%20using%20ADAL.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20only%20thing%20I%20can%20think%20of%20for%20me%20is%20our%20Hybrid%20Exchange%20or%20Azure%20AD%20Connect%20service%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1558037%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1558037%22%20slang%3D%22en-US%22%3E%3CP%3EAgain%20same%20as%20all%20above%20comments%2C%20email%20to%20say%20we%20are%20using%20ADAL%20but%20no%20idea%20what%20would%20be%20using%20it%2C%20we%20do%20not%20develop%20our%20own%20apps.%20The%20only%20service%20I%20can%20think%20of%20is%20Azure%20AD%20Connect.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1571242%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1571242%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20are%20working%20on%20the%20new%20feature%20in%20the%20Azure%20AD%20Portal%20with%20which%20we%20can%20provide%20you%20this%20list%20of%20applications%20which%20are%20using%20ADAL%20and%2For%20Azure%20AD%20Graph.%20Now%20we%20have%20also%20updated%20the%20blog%20post%20which%20talks%20about%20the%20product%20enhancements.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1571374%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1571374%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F102154%22%20target%3D%22_blank%22%3E%40Jeevan%20Desarda%3C%2FA%3E-%20Thanks%20for%20that.%3C%2FP%3E%3CP%3ECan%20you%20confirm%20if%20AD%20Connect%20and%20Exchange%20Hybrid%20use%20either%20of%20the%20soon-to-be-depreciated%20methods%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThen%2C%20those%20of%20us%20non-developers%20can%20relax%20and%20wait%20for%20updates%20from%20Microsoft.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1664699%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1664699%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%20I'm%20trying%20to%20create%20a%20script%20that%20dumps%20all%20the%20IAM%20roles%20(%3CSPAN%3EGet-AzRoleAssignment%3C%2FSPAN%3E%3CFONT%20face%3D%22inherit%22%3E).%20Using%20service%20principal%20to%20login.%20When%20using%20the%20Microsoft%20Graph%20API%20permissions%2C%20I%20get%26nbsp%3BMicrosoft.Rest.Azure.CloudException.%20When%20debugging%2C%20it%20meant%20my%20SP%20is%20%3C%2FFONT%3Eunauthorized%3CFONT%20face%3D%22inherit%22%3E.%20But%20when%20I'm%26nbsp%3B%20using%20the%20legacy%20API%20(Azure%20Active%20Directory%20Graph)%20permissions%2C%20it%20works%20great.%20Any%20idea%3F%26nbsp%3B%3C%2FFONT%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1714016%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1714016%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F102154%22%20target%3D%22_blank%22%3E%40Jeevan%20Desarda%3C%2FA%3E%26nbsp%3B%3CBR%20%2F%3Ewhen%20we%20can%20expect%20the%20new%20feature%20be%20able%20to%20see%20easy%20which%20apps%20are%20affected%2C%20we%20have%20thousands%20reason%20why%20asking.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1839904%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1839904%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20for%20this%20post%2C%20Alex%20(getting%20an%20error%20about%20invalid%20HTML%20in%20message%20when%20%40%20mentioning%20you%2C%20so%20removing%20that%20link).%20As%20the%20others%20before%20me%20have%20stated%2C%20I'm%20looking%20for%20documentation%20for%20how%20to%20determine%20which%20applications%20are%20currently%20using%20ADAL.%20I%20did%20find%20another%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fwindows-dev-appconsult%2Fhow-to-use-active-directory-authentication-library-adal-for-net%2Fba-p%2F400623%22%20target%3D%22_blank%22%3Earticle%20from%20April%202019%3C%2FA%3E%20about%20how%20to%20use%20ADAL%2C%20so%20I%20suspect%20that%20our%20Developers%20will%20need%20to%20comb%20through%20configuration%20files%2C%20looking%20for%20the%20code.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1957315%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1957315%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20a%20little%20confused...your%20initial%20paragraph%20says%20%22%3CSTRONG%3EAzure%20Active%20Directory%20(Azure%20AD)%3C%2FSTRONG%3E%2C%26nbsp%3BAuthentication%26nbsp%3BLibrary%26nbsp%3B(ADAL)%26nbsp%3Band%20Azure%20AD%20Graph%26nbsp%3BAPI%22%20are%20going%20away.%26nbsp%3B%3CBR%20%2F%3E%3CBR%20%2F%3EBut...your%20link%20to%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fbuild-2020-fostering-a-secure-and-trustworthy-app-ecosystem-for%2Fba-p%2F1257360%22%20target%3D%22_blank%22%3EMicrosoft%20Build%202020%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3Esays%20%22MSAL%20makes%20it%20easy%20to%20implement%20the%20right%20authentication%20patterns%20that%20support%20any%20Microsoft%20identity%E2%80%94from%20%3CSTRONG%3EAzure%20Active%20Directory%20(Azure%20AD)%3C%2FSTRONG%3E%20accounts%20to%20Microsoft%20accounts%22.%3CBR%20%2F%3E%3CBR%20%2F%3EMeanwhile...if%20I%20%3CEM%3EGoogle%3C%2FEM%3E%20%22%3CSTRONG%3EIs%20Azure%20AD%20going%20away%3C%2FSTRONG%3E%22...I%20get%20different%20answers%20such%20as%20%22Azure%20AD%20Basic%20is%20going%20away%22%20(whatever%20that%20means).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3EIs%20Azure%20AD%20going%20away%3F%3C%2FLI%3E%3CLI%3EWhat%20about%20B2C%20and%20B2B%3F%3C%2FLI%3E%3CLI%3EOr%20is%26nbsp%3BAzure%20AD%20simply%20%3CEM%3Echanging%3C%2FEM%3E%3F%3C%2FLI%3E%3CLI%3EIs%20MSAL%20and%20the%20Microsoft%20Graph%20API%20completely%20replacing%26nbsp%3BAzure%20AD%3F%3C%2FLI%3E%3CLI%3EOr%2C%20are%20MSAL%20and%20the%20Microsoft%20Graph%20API%20going%20to%20%22fit%20into%22%20a%20%3CEM%3Enew%20version%3C%2FEM%3E%20of%26nbsp%3BAzure%20AD%3F%3CBR%20%2F%3E%3CBR%20%2F%3EAnd%20lastly...%3CBR%20%2F%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%3CLI%3EIs%20there%20a%20video%20that%20clarifies%20all%20of%20this%3F%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20the%20help.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1957404%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1957404%22%20slang%3D%22en-US%22%3E%3CP%3EI%20am%20a%20little%20confused...your%20initial%20paragraph%20says%20%22%3CSTRONG%3EAzure%20Active%20Directory%20(Azure%20AD)%3C%2FSTRONG%3E%2C%20Authentication%20Library%20(ADAL)%20and%20Azure%20AD%20Graph%20API%22%20are%20going%20away.%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EBut...the%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fbuild-2020-fostering-a-secure-and-trustworthy-app-ecosystem-for%2Fba-p%2F1257360%22%20target%3D%22_blank%22%3EMicrosoft%20Build%202020%3C%2FA%3E%26nbsp%3Blink%20says%20%22MSAL%20makes%20it%20easy%20to%20implement%20the%20right%20authentication%20patterns%20that%20support%20any%20Microsoft%20identity%E2%80%94from%20%3CSTRONG%3EAzure%20Active%20Directory%20(Azure%20AD)%3C%2FSTRONG%3E%20accounts%20to%20Microsoft%20accounts%22%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EMeanwhile...if%20I%20%3CEM%3EGoogle%3C%2FEM%3E%20%22Is%20Azure%20AD%20going%20away%22%20I%20get%20differing%20results%2C%20such%20as%20%22%3CSTRONG%3EAzure%20AD%20Basic%20is%20going%20away.%3C%2FSTRONG%3E%22%20(whatever%20that%20means).%3CBR%20%2F%3E%3CBR%20%2F%3ESo...%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3CUL%3E%3CLI%3EIs%20Azure%20AD%20going%20away%3F%3C%2FLI%3E%3CLI%3EOr%2C%20is%26nbsp%3BAzure%20AD%20simply%20%3CEM%3Echanging%3C%2FEM%3E%20in%20some%20manner%3F%3C%2FLI%3E%3CLI%3EWhat%20about%20B2C%20or%20B2B%3F%26nbsp%3B%20What%20happens%20to%20them%3F%3CBR%20%2F%3E%3CBR%20%2F%3ELastly...%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%3CLI%3EDo%20you%20have%20a%20video%20that%20explains%20all%20this%3F%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20clarifying%20this%20for%20me.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1958270%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1958270%22%20slang%3D%22en-US%22%3E%3CP%3EIt's%20'%3CU%3EAzure%20Active%20Directory%20Authentication%20Library%20(ADAL)%3C%2FU%3E'%20that%20is%20going%20away%3B%20not%20Azure%20AD.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1975665%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1975665%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20have%20implemented%20azure%20b2c%20to%20control%20access%20to%20one%20of%20our%20applications.%26nbsp%3B%20As%20part%20of%20this%20process%20we%20have%20User%20flows%20for%20the%20signup%20process%20but%20we%20also%20(within%20our%20application%20itself)%20use%20MS%20graph%20to%20create%20users%20directly%20into%20azure%20b2c%20that%20we%20can%20then%20link%20to%20our%20application.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20also%20have%20a%20user%20portal%20where%20they%20are%20able%20to%20update%20their%20password%20-%20we%20are%20using%20MS%20graph%20to%20update%20the%20users%20password%20via%20the%20call%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Tomp_BCU_0-1607599659822.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F239543i05092641A2B6F318%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Tomp_BCU_0-1607599659822.png%22%20alt%3D%22Tomp_BCU_0-1607599659822.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EThis%20all%20works%20fine%20in%20our%20UAT%20environment%20-%20using%20a%26nbsp%3Bb2c%20tenant%20that%20i%20setup%20Feb%202020%20i%20was%20able%20to%20setup%20API%20permissions%20both%20application%20and%20delegate%20and%20able%20to%20set%20the%20following%20permission%20under%20API%20permissions%20for%20the%20application%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Tomp_BCU_1-1607599775717.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F239544i9DD67567DEF4CCEA%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Tomp_BCU_1-1607599775717.png%22%20alt%3D%22Tomp_BCU_1-1607599775717.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EThis%20(i%20believe%20enables%20the%20above%20call%20to%20work)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhen%20we%20then%20went%20live%20-%20we%20setup%20a%20production%20environment%20and%20production%20version%20of%20b2c%20we%20were%20%3CU%3Eunable%3C%2FU%3E%20to%20set%20this%20permission%20as%20a%20delegate%20permission%20on%20Microsoft%20graph%20and%20this%20therefore%20stops%20us%20being%20able%20to%20update%20the%20users%20password%20from%20within%20the%20users%20web%20portal.%26nbsp%3B%20All%20the%20other%20functionality%20is%20working%20fine%20e.g.%20creating%20users%20through%20MS%20Graph.%26nbsp%3B%20When%20we%20try%20and%20call%20the%20update%20password%20method%20(on%20production)%20we%20get%20the%20following%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Tomp_BCU_2-1607600224436.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F239545iE33016AD4B4000B3%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Tomp_BCU_2-1607600224436.png%22%20alt%3D%22Tomp_BCU_2-1607600224436.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ENow%20i%20know%20that%20i%20can%20use%20user%20flows%20(which%20we%20do%20have%20in%20place%20as%20part%20of%20the%20registration%20process)%20but%20we%20want%20a%20seamless%20(as%20is%20working%20on%20our%20UAT%20environment)%20user%20experience%20so%20wish%20to%20do%20the%20password%20update%20through%20MS%20Graph.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20thoughts%20on%20this%2C%20i%20have%20logged%20the%20issues%20through%20Microsoft%20support%20and%20chatted%20to%20their%20Tek%20experts%20but%20they%20don't%20seem%20to%20have%20an%20answer%20for%20this.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2043109%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2043109%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20facing%20the%20issue%20%22%3CSTRONG%3EAADSTS65001%3C%2FSTRONG%3E%3A%20The%20user%20or%20administrator%20has%20not%20consented%20to%20use%20the%20application%20with%20ID%20''%20named%20''.%20Send%20an%20interactive%20authorization%20request%20for%20this%20user%20and%20resource.%22%20when%20upgrading%20from%20ADAL%20to%20MSAL.%3C%2FP%3E%3CP%3EI'm%20using%20the%3CSPAN%3E%26nbsp%3Bon%20behalf%20flow%20to%20get%20access%20token.%20The%20ADAL%20I%20used%20before%20always%20works%2C%20but%20the%20MSAL%20always%20throws%20this%20exception.%3CBR%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CDIV%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%3CP%3EThis%20code%20uses%20MSAL%20got%20this%20error.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22KienTruong_0-1610099060056.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F244879i7E91F9E03731A593%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22KienTruong_0-1610099060056.png%22%20alt%3D%22KienTruong_0-1610099060056.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EThis%20code%20uses%20ADAL%20work%20for%20me%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22KienTruong_1-1610099095762.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F244880iCCCE06C4EFD3C421%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22KienTruong_1-1610099095762.png%22%20alt%3D%22KienTruong_1-1610099095762.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2053933%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2053933%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%26nbsp%3B%20I'm%20researching%20for%20my%20application%2C%20if%20there%20any%20impacting%20with%20end%20of%20support%20with%20%22%3CSTRONG%3E%3CSPAN%3EAzure%20AD%20%26amp%3B%26nbsp%3B%3C%2FSPAN%3E%3CSPAN%3EADAL%3C%2FSPAN%3E%3C%2FSTRONG%3E%22%2C%20when%20I%20look%20into%20the%20code%2C%20I%20see%20we%20are%20calling%26nbsp%3BIAuthenticationProvider.GetAuthToken(clientId%2C%20appKey)%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3BBased%20on%20my%20research%2C%20we%20are%20using%20microsoft%20graph%20client%20only.%20So%20there%20may%20not%20be%20any%20impact%20with%20end%20of%20support%26nbsp%3BAzure%20AD%20%26amp%3B%26nbsp%3BADAL%20.%20Can%20you%20please%20confirm.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMuch%20appreciated%20in%20advance.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2127996%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2127996%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSTRONG%3EInstructions%20unclear%2C%20******%20stuck%20in%20blender.%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20not%20aware%20what%20your%20marking%20calls%20things%20today%20but%20we%20are%20authenticating%20O365%20users%20for%20our%20services.%20We%20initiate%20the%20authentication%20by%20redirecting%20users%20to%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-markup%22%3E%3CCODE%3Ehttps%3A%2F%2Flogin.windows.net%2Fcommon%2Foauth2%2Fauthorize%3Fresponse_type%3Dcode%26amp%3Bresource%3Dhttps%3A%2F%2Fgraph.windows.net%26amp%3Bclient_id%3D%24CLIENT_ID%26amp%3Bredirect_uri%3D%24REDIRECT_URL%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Eand%20then%20later%20request%20data%20from%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Flogin.windows.net%2Fcommon%2Foauth2%2Ftoken%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Flogin.windows.net%2Fcommon%2Foauth2%2Ftoken%3C%2FA%3E%26nbsp%3Band%20we%20are%20only%20interested%20in%20the%20%22oid%22%20data.%20If%20available%2C%20we%20also%20show%20%22given_name%22%20and%20%22family_name%22%20back%20to%20the%20user%20but%20we%20don't%20actually%20need%20those.%20We%20don't%20use%20any%20libraries%20except%20standard%20HTTP%20over%20TLS%20implementation.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDo%20we%20need%20to%20use%20ADAL%20or%20MSAL%20in%20the%20future%20or%20is%20this%20API%20going%20to%20work%20in%20future%2C%20too%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20Azure%20portal%20UI%20does%20have%20warnings%20such%20as%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-markup%22%3E%3CCODE%3EStarting%20November%209th%2C%202020%20end%20users%20will%20no%20longer%20be%20able%20to%20grant%20consent%20to%20newly%20registered%20multitenant%20apps%20without%20verified%20publishers.%3C%2FCODE%3E%3C%2FPRE%3E%3CPRE%20class%3D%22lia-code-sample%20language-markup%22%3E%3CCODE%3EPublisher%20domain%3A%20Unverified%0AThe%20application%E2%80%99s%20consent%20screen%20will%20show%20%E2%80%98Unverified%E2%80%99.%3C%2FCODE%3E%3C%2FPRE%3E%3CPRE%20class%3D%22lia-code-sample%20language-markup%22%3E%3CCODE%3EDue%20to%20temporary%20differences%20in%20supported%20functionality%2C%20we%20don't%20recommend%20enabling%20personal%20Microsoft%20accounts%20for%20an%20existing%20registration.%20If%20you%20need%20to%20enable%20personal%20accounts%2C%20you%20can%20do%20so%20using%20the%20manifest%20editor.%3C%2FCODE%3E%3C%2FPRE%3E%3CPRE%20class%3D%22lia-code-sample%20language-markup%22%3E%3CCODE%3EThis%20application%20is%20using%20Azure%20AD%20Graph%20API%2C%20which%20is%20on%20a%20deprecation%20path.%20Starting%20June%2030th%2C%202020%20we%20will%20no%20longer%20add%20any%20new%20features%20to%20Azure%20AD%20Graph%20API.%20We%20strongly%20recommend%20that%20you%20upgrade%20your%20application%20to%20use%20Microsoft%20Graph%20API%20instead%20of%20Azure%20AD%20Graph%20API%20to%20access%20Azure%20Active%20Directory%20resources.%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3Band%20everything%20%3CEM%3Estill%3C%2FEM%3E%20works%20just%20fine.%20%3CSTRONG%3EShould%20I%20just%20ignore%20all%20those%20warnings%2C%20whatever%20they%20try%20to%20say%3F%3C%2FSTRONG%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2157789%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2157789%22%20slang%3D%22en-US%22%3E%3CP%3EAre%20they%20going%20to%20do%20a%20production%20release%20anytime%20soon%20of%20the%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F73893%22%20target%3D%22_blank%22%3E%40azure%3C%2FA%3E%2Fmsal-angular%20package%20any%20time%20soon%3F%20It%20says%20NOT%20FOR%20Production%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2159351%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2159351%22%20slang%3D%22en-US%22%3E%3CP%3E%3CU%3E%3CFONT%20color%3D%22%230b0117%22%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F53477%22%20target%3D%22_blank%22%3E%40Alex%20Simons%20(AZURE)%3C%2FA%3E%26nbsp%3B%3C%2FFONT%3E%3C%2FU%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20need%20to%20create%20Application%20Id%20(by%20registering%20app%20in%20the%20AAD)%20so%20that%20I%20can%20use%20that%20in%20making%20the%20connection%20to%20MS%20Dynamics%20via%20C%23.%20For%20connection%2C%20I%20will%20be%20using%20the%20CRMServiceClient%20(from%20%3CFONT%3EMicrosoft.Xrm.Tooling.Connector%3C%2FFONT%3E)%20with%20OAuth%20authentication.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EPreviously%2C%20I%20was%20using%20OrganizationService%20endpoint%20to%20make%20the%20connection%20but%20as%20it%20will%20be%20expiring%20soon%2C%20I%20have%20taken%20a%20route%20using%26nbsp%3B%3CSPAN%3ECRMServiceClient%20%3C%2FSPAN%3Ewith%20AuthType%20'OAuth'.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20am%20worried%20if%20the%20app%20registration%20in%20AAD%20is%20deprecated%20then%20how%20can%20I%20create%20the%20Application%20Id.%3C%2FP%3E%3CP%3EWill%20you%20please%20help%20me%20know%20if%20this%20change%20will%20impact%20creating%20an%20Application%20Id%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2162781%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2162781%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F976133%22%20target%3D%22_blank%22%3E%40Developer150%3C%2FA%3E%26nbsp%3BApp%20registration%20in%20AAD%20is%20not%20getting%20deprecated.%20The%20ADAL%20libraries%20published%20are%20the%20ones%20that%20will%20be%20reaching%20end%20of%20support%20by%26nbsp%3BJune%2030th%2C%202022.%20So%20this%20will%20not%20impact%20creating%20application%20Ids%20in%20Azure%20AD.%26nbsp%3B%3C%2FP%3E%0A%3CDIV%20class%3D%22ms-editor-squiggler%22%20style%3D%22color%3A%20initial%3B%20font%3A%20initial%3B%20font-feature-settings%3A%20initial%3B%20font-kerning%3A%20initial%3B%20font-optical-sizing%3A%20initial%3B%20font-variation-settings%3A%20initial%3B%20forced-color-adjust%3A%20initial%3B%20text-orientation%3A%20initial%3B%20text-rendering%3A%20initial%3B%20-webkit-font-smoothing%3A%20initial%3B%20-webkit-locale%3A%20initial%3B%20-webkit-text-orientation%3A%20initial%3B%20-webkit-writing-mode%3A%20initial%3B%20writing-mode%3A%20initial%3B%20zoom%3A%20initial%3B%20place-content%3A%20initial%3B%20place-items%3A%20initial%3B%20place-self%3A%20initial%3B%20alignment-baseline%3A%20initial%3B%20animation%3A%20initial%3B%20appearance%3A%20initial%3B%20aspect-ratio%3A%20initial%3B%20backdrop-filter%3A%20initial%3B%20backface-visibility%3A%20initial%3B%20background%3A%20initial%3B%20background-blend-mode%3A%20initial%3B%20baseline-shift%3A%20initial%3B%20block-size%3A%20initial%3B%20border-block%3A%20initial%3B%20border%3A%20initial%3B%20border-radius%3A%20initial%3B%20border-collapse%3A%20initial%3B%20border-inline%3A%20initial%3B%20inset%3A%20initial%3B%20box-shadow%3A%20initial%3B%20box-sizing%3A%20initial%3B%20break-after%3A%20initial%3B%20break-before%3A%20initial%3B%20break-inside%3A%20initial%3B%20buffered-rendering%3A%20initial%3B%20caption-side%3A%20initial%3B%20caret-color%3A%20initial%3B%20clear%3A%20initial%3B%20clip%3A%20initial%3B%20clip-path%3A%20initial%3B%20clip-rule%3A%20initial%3B%20color-interpolation%3A%20initial%3B%20color-interpolation-filters%3A%20initial%3B%20color-rendering%3A%20initial%3B%20color-scheme%3A%20initial%3B%20columns%3A%20initial%3B%20column-fill%3A%20initial%3B%20gap%3A%20initial%3B%20column-rule%3A%20initial%3B%20column-span%3A%20initial%3B%20contain%3A%20initial%3B%20contain-intrinsic-size%3A%20initial%3B%20content%3A%20initial%3B%20content-visibility%3A%20initial%3B%20counter-increment%3A%20initial%3B%20counter-reset%3A%20initial%3B%20counter-set%3A%20initial%3B%20cursor%3A%20initial%3B%20cx%3A%20initial%3B%20cy%3A%20initial%3B%20d%3A%20initial%3B%20display%3A%20block%3B%20dominant-baseline%3A%20initial%3B%20empty-cells%3A%20initial%3B%20fill%3A%20initial%3B%20fill-opacity%3A%20initial%3B%20fill-rule%3A%20initial%3B%20filter%3A%20initial%3B%20flex%3A%20initial%3B%20flex-flow%3A%20initial%3B%20float%3A%20initial%3B%20flood-color%3A%20initial%3B%20flood-opacity%3A%20initial%3B%20grid%3A%20initial%3B%20grid-area%3A%20initial%3B%20height%3A%200px%3B%20hyphens%3A%20initial%3B%20image-orientation%3A%20initial%3B%20image-rendering%3A%20initial%3B%20inline-size%3A%20initial%3B%20inset-block%3A%20initial%3B%20inset-inline%3A%20initial%3B%20isolation%3A%20initial%3B%20letter-spacing%3A%20initial%3B%20lighting-color%3A%20initial%3B%20line-break%3A%20initial%3B%20list-style%3A%20initial%3B%20margin-block%3A%20initial%3B%20margin%3A%20initial%3B%20margin-inline%3A%20initial%3B%20marker%3A%20initial%3B%20mask%3A%20initial%3B%20mask-type%3A%20initial%3B%20max-block-size%3A%20initial%3B%20max-height%3A%20initial%3B%20max-inline-size%3A%20initial%3B%20max-width%3A%20initial%3B%20min-block-size%3A%20initial%3B%20min-height%3A%20initial%3B%20min-inline-size%3A%20initial%3B%20min-width%3A%20initial%3B%20mix-blend-mode%3A%20initial%3B%20object-fit%3A%20initial%3B%20object-position%3A%20initial%3B%20offset%3A%20initial%3B%20opacity%3A%20initial%3B%20order%3A%20initial%3B%20origin-trial-test-property%3A%20initial%3B%20orphans%3A%20initial%3B%20outline%3A%20initial%3B%20outline-offset%3A%20initial%3B%20overflow-anchor%3A%20initial%3B%20overflow-wrap%3A%20initial%3B%20overflow%3A%20initial%3B%20overscroll-behavior-block%3A%20initial%3B%20overscroll-behavior-inline%3A%20initial%3B%20overscroll-behavior%3A%20initial%3B%20padding-block%3A%20initial%3B%20padding%3A%20initial%3B%20padding-inline%3A%20initial%3B%20page%3A%20initial%3B%20page-orientation%3A%20initial%3B%20paint-order%3A%20initial%3B%20perspective%3A%20initial%3B%20perspective-origin%3A%20initial%3B%20pointer-events%3A%20initial%3B%20position%3A%20initial%3B%20quotes%3A%20initial%3B%20r%3A%20initial%3B%20resize%3A%20initial%3B%20ruby-position%3A%20initial%3B%20rx%3A%20initial%3B%20ry%3A%20initial%3B%20scroll-behavior%3A%20initial%3B%20scroll-margin-block%3A%20initial%3B%20scroll-margin%3A%20initial%3B%20scroll-margin-inline%3A%20initial%3B%20scroll-padding-block%3A%20initial%3B%20scroll-padding%3A%20initial%3B%20scroll-padding-inline%3A%20initial%3B%20scroll-snap-align%3A%20initial%3B%20scroll-snap-stop%3A%20initial%3B%20scroll-snap-type%3A%20initial%3B%20shape-image-threshold%3A%20initial%3B%20shape-margin%3A%20initial%3B%20shape-outside%3A%20initial%3B%20shape-rendering%3A%20initial%3B%20size%3A%20initial%3B%20speak%3A%20initial%3B%20stop-color%3A%20initial%3B%20stop-opacity%3A%20initial%3B%20stroke%3A%20initial%3B%20stroke-dasharray%3A%20initial%3B%20stroke-dashoffset%3A%20initial%3B%20stroke-linecap%3A%20initial%3B%20stroke-linejoin%3A%20initial%3B%20stroke-miterlimit%3A%20initial%3B%20stroke-opacity%3A%20initial%3B%20stroke-width%3A%20initial%3B%20tab-size%3A%20initial%3B%20table-layout%3A%20initial%3B%20text-align%3A%20initial%3B%20text-align-last%3A%20initial%3B%20text-anchor%3A%20initial%3B%20text-combine-upright%3A%20initial%3B%20text-decoration%3A%20initial%3B%20text-decoration-skip-ink%3A%20initial%3B%20text-indent%3A%20initial%3B%20text-overflow%3A%20initial%3B%20text-shadow%3A%20initial%3B%20text-size-adjust%3A%20initial%3B%20text-transform%3A%20initial%3B%20text-underline-offset%3A%20initial%3B%20text-underline-position%3A%20initial%3B%20touch-action%3A%20initial%3B%20transform%3A%20initial%3B%20transform-box%3A%20initial%3B%20transform-origin%3A%20initial%3B%20transform-style%3A%20initial%3B%20transition%3A%20initial%3B%20user-select%3A%20initial%3B%20vector-effect%3A%20initial%3B%20vertical-align%3A%20initial%3B%20visibility%3A%20initial%3B%20-webkit-app-region%3A%20initial%3B%20border-spacing%3A%20initial%3B%20-webkit-border-image%3A%20initial%3B%20-webkit-box-align%3A%20initial%3B%20-webkit-box-decoration-break%3A%20initial%3B%20-webkit-box-direction%3A%20initial%3B%20-webkit-box-flex%3A%20initial%3B%20-webkit-box-ordinal-group%3A%20initial%3B%20-webkit-box-orient%3A%20initial%3B%20-webkit-box-pack%3A%20initial%3B%20-webkit-box-reflect%3A%20initial%3B%20-webkit-highlight%3A%20initial%3B%20-webkit-hyphenate-character%3A%20initial%3B%20-webkit-line-break%3A%20initial%3B%20-webkit-line-clamp%3A%20initial%3B%20-webkit-mask-box-image%3A%20initial%3B%20-webkit-mask%3A%20initial%3B%20-webkit-mask-composite%3A%20initial%3B%20-webkit-perspective-origin-x%3A%20initial%3B%20-webkit-perspective-origin-y%3A%20initial%3B%20-webkit-print-color-adjust%3A%20initial%3B%20-webkit-rtl-ordering%3A%20initial%3B%20-webkit-ruby-position%3A%20initial%3B%20-webkit-tap-highlight-color%3A%20initial%3B%20-webkit-text-combine%3A%20initial%3B%20-webkit-text-decorations-in-effect%3A%20initial%3B%20-webkit-text-emphasis%3A%20initial%3B%20-webkit-text-emphasis-position%3A%20initial%3B%20-webkit-text-fill-color%3A%20initial%3B%20-webkit-text-security%3A%20initial%3B%20-webkit-text-stroke%3A%20initial%3B%20-webkit-transform-origin-x%3A%20initial%3B%20-webkit-transform-origin-y%3A%20initial%3B%20-webkit-transform-origin-z%3A%20initial%3B%20-webkit-user-drag%3A%20initial%3B%20-webkit-user-modify%3A%20initial%3B%20white-space%3A%20initial%3B%20widows%3A%20initial%3B%20width%3A%20initial%3B%20will-change%3A%20initial%3B%20word-break%3A%20initial%3B%20word-spacing%3A%20initial%3B%20x%3A%20initial%3B%20y%3A%20initial%3B%20z-index%3A%20initial%3B%22%3E%26nbsp%3B%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2447206%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2447206%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20you%20please%20confirm%20if%20we%20should%20do%20anything%20with%20this%20situation%3A%3C%2FP%3E%3CP%3E1.%20We%20have%20some%20Microsoft%20apps%20and%20our%20own%20apps%20registered%20or%20added%20via%20enterprise%20apps%3C%2FP%3E%3CP%3E2.%20For%20all%20those%20apps%2C%20under%20the%20Azure%20App%20Registration-%26gt%3BPermissions%20section%2C%20we%20see%20the%20message%3A%20%22%3CSTRONG%3EThis%20application%20is%20using%20Azure%20AD%20Graph%20API%2C%20which%20is%20on%20a%20deprecation%20path.%20Starting%20June%2030th%2C%202020%20we%20will%20no%20longer%20add%20any%20new%20features%20to%20Azure%20AD%20Graph%20API.%20We%20strongly%20recommend%20that%20you%20upgrade%20your%20application%20to%20use%20Microsoft%20Graph%20API%20instead%20of%20Azure%20AD%20Graph%20API%20to%20access%20Azure%20Active%20Directory%20resources.%26nbsp%3B%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fgo.microsoft.com%2Ffwlink%2F%3Flinkid%3D2132805%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ELearn%20more%3C%2FA%3E%3C%2FSTRONG%3E%22%3C%2FP%3E%3CP%3E3.%20If%20we%20change%20manually%20the%20Permissions%20grant%20from%20Azure%20Active%20Directory%20Graph%20to%20Microsoft%20Graph%2C%20then%20the%20message%20disappears%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBut%20should%20we%20do%20this%20for%20all%20apps%2C%20like%20for%20all%20that%20we%20have%20registered%20or%20added%20via%20the%20Enterprise%20apps%20section%20or%20it%20can%20be%20kept%20with%26nbsp%3BAzure%20Active%20Directory%20Graph%2C%3C%2FP%3E%3CP%3EBecause%20any%20new%20app%20registered%20or%20added%20via%20Enterprise%20apps%20still%20by%20default%20receives%20the%26nbsp%3BAzure%20Active%20Directory%20Graph%20permissions%20grant.%3C%2FP%3E%3CP%3EOr%20we%20should%20walk%20one%20by%20one%20app%20and%20change%26nbsp%3Bfrom%20Azure%20Active%20Directory%20Graph%20to%20Microsoft%20Graph%3F%20Or%20this%20will%20be%20done%20automatically%20from%20the%20Microsoft%20side%20when%20the%20date%20comes%20(June%2030th%2C%202022)%3F%3C%2FP%3E%3CP%3EAnd%20if%20we%20should%20do%20this%20manually%2C%20should%20it%20be%20done%20for%20Microsoft%20Apps%20and%20for%203rd-party%20registered%3F%26nbsp%3B%3C%2FP%3E%3CP%3EAnd%20if%20we%20should%20do%20this%20manually%2C%20is%20it%20possible%20to%20replace%20it%20automatically%20using%20a%20PowerShell%20script%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22lightupdifire_0-1623741718608.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F288624i6E78DA3AA00AD9C3%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22lightupdifire_0-1623741718608.png%22%20alt%3D%22lightupdifire_0-1623741718608.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2484402%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2484402%22%20slang%3D%22en-US%22%3E%3CP%3E%3CU%3E%3CFONT%20color%3D%22%230b0117%22%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F53477%22%20target%3D%22_blank%22%3E%40Alex%20Simons%20(AZURE)%3C%2FA%3E%26nbsp%3B%3C%2FFONT%3E%3C%2FU%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2593722%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2593722%22%20slang%3D%22en-US%22%3E%3CBLOCKQUOTE%3E%3CDIV%20class%3D%22ba-author-wrapper%22%3E%3CDIV%20class%3D%22ba-author-info%22%3E%3CDIV%20class%3D%22user-login%22%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F53477%22%20target%3D%22_blank%22%3EAlex%20Simons%20(AZURE)%3C%2FA%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CDIV%20class%3D%22ba-metrics-info%22%3E%3CSPAN%20class%3D%22ba-published-title%22%3EPublished%3C%2FSPAN%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CSPAN%20class%3D%22ba-published-date%22%3EJun%2022%202020%2009%3A00%20AM%3C%2FSPAN%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FDIV%3E%3CP%3E...%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EIn%20the%20coming%20months%2C%20we'll%20be%20providing%20reporting%20in%20the%20Azure%20portal%20to%20help%20you%20self-identify%20which%20of%20your%20apps%20are%20using%20ADAL%20or%20Azure%20AD%20Graph.%3C%2FSPAN%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3C%2FBLOCKQUOTE%3E%3CP%3EHi!%20The%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fhowto-get-list-of-all-active-directory-auth-library-apps%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3ESign-ins%20workbook%26nbsp%3B%3C%2FA%3Ecan%20now%20report%20the%20ADAL%20items%2C%20but%20is%20there%20some%20kind%20of%20ready-to-go%20report%20for%20the%20Azure%20AD%20Graph%20API%20as%20well%3F%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EI%20ran%20the%20PowerShell%3A%26nbsp%3BGet-AzureADApplication%20%7C%20Select-Object%20DisplayName%2CAppId%20-ExpandProperty%20RequiredResourceAccess%20%7Cwhere%7B%24_.ResourceAppId%20-eq%20%2200000002-0000-0000-c000-000000000000%22%7D%20and%20got%20a%20list%20of%20apps%20using%20Azure%20AD%20Graph%20API%2C%20but%20was%20wondering%20if%20there%20is%20any%20report%20for%20this%20about%20usage%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2594190%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2594190%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F100294%22%20target%3D%22_blank%22%3E%40Markus%20Peltola%3C%2FA%3E%26nbsp%3BWe%20are%20releasing%20this%20PowerShell%20script%20for%20you%20which%20can%20provide%20you%20the%20list%20of%20applications%20using%20Azure%20AD%20Graph.%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2Fmicrosoft%2FAzureADGraphApps%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Emicrosoft%2FAzureADGraphApps%3A%20These%20are%20the%20applications%20which%20are%20using%20Azure%20AD%20Graph%20permissions%20in%20your%20tenant.%20(github.com)%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EBut%20we%20are%20very%20much%20near%20to%20provide%20this%20report%20inside%20the%20Azure%20Portal%20soon.%20Once%20we%20release%20that%20I%20will%20update%20this%20thread.%20Right%20now%20we%20are%20expecting%20it%20will%20be%20after%20summer.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThanks.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2594204%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2594204%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F353267%22%20target%3D%22_blank%22%3E%40lightupdifire%3C%2FA%3E%26nbsp%3BNow%20when%20you%20register%20a%20new%20application%20in%20App%20Registration%20you%20will%20see%20that%20MS%20Graph%20permissions%20are%20now%20added%20not%20the%20Azure%20AD%20Graph%20permissions.%20When%20you%20update%20the%20existing%20applications%20to%20use%20MS%20Graph%20Permissions%20you%20need%20to%20provide%20the%20consent%20again%20for%20the%20application%20as%20the%20permissions%20on%20the%20app%20are%20changing.%20Also%20you%20need%20to%20do%20this%20to%20only%20the%20applications%20which%20you%20have%20registered%20in%20your%20tenant%20i.e.%20single%20tenant%20apps%20and%20multi-tenant%20apps%20which%20you%20have%20published.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe%20will%20be%20doing%20the%20updates%20on%20the%20Microsoft%20apps%20and%20there%20is%20no%20specific%20action%20you%20have%20to%20take%20for%20Microsoft%20owned%20application.%20We%20can%20write%20the%20script%20to%20map%20the%20same%20permission%20sets%20from%20Azure%20AD%20Graph%20to%20MS%20Graph%20permissions%20but%20in%20that%20case%20also%20you%20need%20to%20provide%20consent%20again%20to%20those%20apps.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%0A%3CP%3ESoon%20we%20will%20show%20this%20list%20of%20applications%20which%20are%20using%20Azure%20AD%20Graph%20permissions%20in%20your%20tenant.%20Then%20things%20will%20become%20easy%20as%20you%20can%20directly%20take%20action%20on%20it.%20This%20list%20we%20are%20building%20on%20the%20telemetry%20what%20we%20see%20on%20the%20Azure%20AD%20Graph%20endpoint%20and%20not%20just%20the%20apps%20which%20are%20using%20these%20Azure%20AD%20Graph%20permissions.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ELet%20me%20know%20if%20you%20still%20have%20questions.%3C%2FP%3E%0A%3CP%3EThanks%2C%3C%2FP%3E%0A%3CP%3EJeevan%20Desarda%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1257363%22%20slang%3D%22en-US%22%3EUpdate%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1257363%22%20slang%3D%22en-US%22%3E%3CP%3EHowdy%20folks%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-active-directory-identity%2Fbuild-2020-fostering-a-secure-and-trustworthy-app-ecosystem-for%2Fba-p%2F1257360%22%20target%3D%22_blank%22%3EMicrosoft%20Build%202020%3C%2FA%3E%20allowed%20us%20to%20engage%20deeply%20with%20our%20developer%20community%2C%20and%20we%20are%20continuing%20to%20improve%20how%20developers%20can%20easily%20use%20identity%20features%20in%20their%20applications.%20To%20help%20developers%20take%20advantage%20of%20all%20the%20identity%20features%20available%20in%20our%20platform%2C%20we%E2%80%99re%20now%20recommending%20that%20all%20developers%20to%20use%20the%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fmsal-overview%23languages-and-frameworks%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3EMicrosoft%20Authentication%20Library%20(MSAL)%3C%2FA%3E%20and%20the%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Foverview%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3EMicrosoft%20Graph%20API%3C%2FA%3E%20in%20their%20application%20development.%20Moving%20forward%2C%20all%20new%20identity%20capabilities%20will%20only%20be%20available%20in%20MSAL%20and%20Microsoft%20Graph.%20We%E2%80%99re%20also%20providing%20guidance%20on%20end%20of%20support%20timelines%20for%20Azure%20Active%20Directory%20(Azure%20AD)%20Authentication%20Library%20(ADAL)%20and%20Azure%20AD%20Graph%20API%2C%20so%20you%20can%20plan%20to%20update%20any%20applications%20that%20are%20still%20using%20either%20one%20of%20them.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3EWhy%20use%20MSAL%20and%20Microsoft%20Graph%3F%3CP%3EMSAL%20makes%20it%20easy%20for%20developers%20to%20add%20identity%20capabilities%20to%20their%20applications.%20With%20just%20a%20few%20lines%20of%20code%2C%20developers%20can%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fabout-microsoft-identity-platform%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3Eauthenticate%20users%20and%20applications%2C%20as%20well%20as%20acquire%20tokens%20to%20access%20resources%3C%2FA%3E.%20MSAL%20also%20enables%20developers%20to%20integrate%20with%20the%20latest%20capabilities%20in%20our%20platform%E2%80%94like%20passwordless%20and%20Conditional%20Access.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Foverview%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3EMicrosoft%20Graph%20API%3C%2FA%3E%20offers%20a%20single%20endpoint%20for%20developers%20to%20access%20Azure%20AD%20APIs%2C%20as%20well%20as%20APIs%20from%20several%20other%20Microsoft%20services%20like%20Teams%2C%20Exchange%2C%20and%20Intune.%20Microsoft%20Graph%20has%20all%20the%20capabilities%20that%20have%20been%20available%20in%20Azure%20AD%20Graph%2C%20such%20as%20service%20principal%20and%20app%20role%20assignment%E2%80%94and%20new%20Azure%20AD%20APIs%20like%20identity%20protection%20and%20authentication%20methods.%20Developers%20can%20also%20use%20the%20Microsoft%20Graph%20client%20libraries%26nbsp%3Band%20get%20built-in%20support%20for%20features%20like%20retry%20handling%2C%20secure%20redirects%2C%20transparent%20authentication%2C%20and%20payload%20compression.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3EEnd%20of%20support%20timelines%20for%20ADAL%20and%20Azure%20AD%20Graph%20API%3CP%3EWe%E2%80%99re%20publishing%20the%20following%20timelines%20for%20end%20of%20support%20of%20ADAL%20and%20Azure%20AD%20Graph.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EStarting%2C%20June%2030th%2C%202020%2C%20we%20will%20no%20longer%20add%20any%20new%20features%20to%20ADAL%20and%20Azure%20AD%20Graph.%20We%20will%20continue%20to%20provide%20technical%20support%20and%20security%20updates%20but%20will%20no%20longer%20provide%20feature%20updates.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EStarting%20June%2030th%2C%202022%2C%20we%20will%20end%20support%20for%20ADAL%20and%20Azure%20AD%20Graph%20and%20will%20no%20longer%20provide%20technical%20support%20or%20security%20updates.%20Apps%20using%20Azure%20AD%20Graph%20after%20this%20time%20will%20no%20longer%20receive%20responses%20from%20the%20Azure%20AD%20Graph%20endpoint.%20Apps%20using%20ADAL%20on%20existing%20OS%20versions%20will%20continue%20to%20work%20after%20this%20time%20but%20will%20not%20get%20any%20technical%20support%20or%20security%20updates.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3EPlan%20to%20update%20your%20applications%20with%20MSAL%20and%20Microsoft%20Graph%3CP%3EYou%20can%20get%20started%20by%20using%20our%20migration%20guides%20to%20identify%20which%20applications%20need%20to%20be%20updated%20and%20how%20to%20best%20transition%20to%20MSAL%20and%20Microsoft%20Graph.%20For%20applications%20that%20are%20using%20ADAL%2C%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fmsal-migration%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3Ereview%20our%20migration%20guide%3C%2FA%3E%20to%20transition%20to%20MSAL.%26nbsp%3BFor%20applications%20that%20are%20using%20Azure%20AD%20Graph%2C%20follow%20our%26nbsp%3Bguidance%20to%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fgraph%2Fmigrate-azure-ad-graph-overview%3Fview%3Dgraph-rest-1.0%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3Emigrate%20Azure%20AD%20Graph%20apps%20to%20Microsoft%20Graph%3C%2FA%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20the%20coming%20months%2C%20we'll%20be%20providing%20reporting%20in%20the%20Azure%20portal%20to%20help%20you%20self-identify%20which%20of%20your%20apps%20are%20using%20ADAL%20or%20Azure%20AD%20Graph.%26nbsp%3BFor%20any%20other%20questions%2C%20open%20issues%2C%20and%20feature%20requests%2C%20let%20us%20know%20through%20Stack%20Overflow%20by%20using%20the%20tag%20%3CA%20href%3D%22https%3A%2F%2Fstackoverflow.com%2Fquestions%2Ftagged%2Fadal-deprecation%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%20target%3D%22_blank%22%3Eadal-deprecation%3C%2FA%3E%20or%20%3CA%20href%3D%22https%3A%2F%2Fstackoverflow.com%2Fquestions%2Ftagged%2Fazureadgraph-deprecation%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%20target%3D%22_blank%22%3Eazureadgraph-deprecation%3C%2FA%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAs%20always%2C%20we%E2%80%99d%20love%20to%20hear%20any%20feedback%20or%20suggestions%20you%20may%20have.%20Please%20let%20us%20know%20what%20you%20think%20in%20the%20comments%20below%20or%20on%20the%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ffeedback.azure.com%2Fforums%2F169401-azure-active-directory%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%20target%3D%22_blank%22%3EAzure%20AD%20feedback%20forum%3C%2FA%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EBest%20regards%2C%26nbsp%3B%3C%2FP%3E%3CP%3EAlex%20Simons%20(Twitter%3A%E2%80%AF%3CA%20href%3D%22http%3A%2F%2Ftwitter.com%2Falex_a_simons%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%20target%3D%22_blank%22%3E%40Alex_A_Simons%3C%2FA%3E)%3C%2FP%3E%3CP%3ECorporate%20Vice%20President%20of%20Program%20Management%3C%2FP%3E%3CP%3EMicrosoft%20Identity%20Division%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1257363%22%20slang%3D%22en-US%22%3E%3CP%3E%3C%2FP%3ETake%20advantage%20of%20all%20the%20identity%20features%20available%20in%20our%20platform%2C%20by%20using%20the%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Fmsal-overview%23languages-and-frameworks%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3EMicrosoft%20Authentication%20Library%20(MSAL)%3C%2FA%3E%26nbsp%3Band%20the%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Foverview%22%20rel%3D%22noopener%20noreferrer%22%20target%3D%22_blank%22%3EMicrosoft%20Graph%20API%3C%2FA%3E%26nbsp%3Bin%26nbsp%3Byour%20application%20development.%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1257363%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EProduct%20Announcements%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2633322%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2633322%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%3CSPAN%3EI'm%20using%20MSAL%20JS%20in%20order%20to%20authenticate%20users%20in%20a%20PWA%20application%20developed%20using%20Angular.%20Sometimes%20login%20works%20perfectly%2C%20redirecting%20users%20to%20the%20home%20page%20of%20the%20app.%20Other%20times%20login%20popup%20opens%2C%20users%20insert%20their%20login%20but%20then%20login%20procedure%20fails%20with%20this%20error%3A%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%3EBrowserAuthError%3A%20hash_empty_error%3A%20Hash%20value%20cannot%20be%20processed%20because%20it%20is%20empty.%20%0APlease%20verify%20that%20your%20redirectUri%20is%20not%20clearing%20the%20hash.%20%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EWill%20you%20please%20provide%20any%20suggestions%20or%20help%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2642090%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2642090%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1125225%22%20target%3D%22_blank%22%3E%40Kondapalli1524%3C%2FA%3E%26nbsp%3BCan%20you%20please%20raise%20this%20as%20an%20issue%20under%20the%20MSAL.js%20GitHub%20sample%3F%20There%20our%20team%20can%20triage%20this%20and%20will%20provide%20the%20solution.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2659253%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2659253%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F102154%22%20target%3D%22_blank%22%3E%40Jeevan%20Desarda%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20the%20answer!%20I%20did%20walk%20thru%20all%20apps%20in%20our%20tenant%20and%20updated%20them%20with%20exact%20same%20permissions%20as%20it%20was%20for%20AAD%20Graph.%3C%2FP%3E%3CP%3EMicrosoft%20apps%20didn't%20even%20touch%2C%20so%20hopefully%2C%20all%20will%20be%20updated%20automatically%20%3A)%3C%2Fimg%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2699596%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2699596%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F353267%22%20target%3D%22_blank%22%3E%40lightupdifire%3C%2FA%3E%26nbsp%3BYes%2C%20no%20action%20is%20required%20from%20you%20on%20the%20Microsoft%20apps.%20As%20we%20update%20them%20they%20will%20automatically%20get%20updated%20in%20your%20tenant.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2760088%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2760088%22%20slang%3D%22en-US%22%3E%3CP%3EHello.%20Currently%20Azure%20AD%20B2C%20default%20app%20('b2c-extensions-app')%20is%20using%20AAD%20Graph%20API.%20'b2c-extensions-app'%20is%20under%20B2C%20system%20control.%20I'm%20not%20require%20do%20something%3F%20Is%20migrate%20automatically%3F%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22KeijiKAMEBUCHI_0-1631878765417.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F311032i9B43315242D6B197%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22KeijiKAMEBUCHI_0-1631878765417.png%22%20alt%3D%22KeijiKAMEBUCHI_0-1631878765417.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2797396%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2797396%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20-%20It%20looks%20like%20the%20AAD%20graph%20option%20is%20now%20greyed%20out%20and%20inaccessible%3CBR%20%2F%3EWe%20have%20an%20app%20solution%20that%20needs%20to%20be%20able%20to%20add%20these%20permissions%20for%20the%20next%20few%20months%20at%20least%20until%20we%20migrate%20-%20is%20there%20any%20way%20to%20add%20the%20permissions%20via%20API%20still%20in%20the%20mean%20time%3F%3CBR%20%2F%3EThe%20advertised%20deprecation%20is%20still%20about%209%20months%20away%20so%20we%20have%20been%20caught%20a%20little%20off%20guard%20in%20the%20short%20term.%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Contact2763_0-1632962285918.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F313824i9CE8E1513B0D5E7D%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Contact2763_0-1632962285918.png%22%20alt%3D%22Contact2763_0-1632962285918.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2804380%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2804380%22%20slang%3D%22en-US%22%3E%3CP%3EWe're%20also%20in%20a%20bind%20because%20this%20is%20inaccessible.%20We%20are%20trying%20to%20on-board%20a%20new%20client%2C%20and%20one%20of%20our%20vendor%20solution%20hasn't%20updated%20yet.%20Why%20are%20we%20unable%20to%20use%20this%209%20months%20ahead%20of%20the%20deadline%3F%3F%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2808622%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2808622%22%20slang%3D%22en-US%22%3E%3CP%3EAgree%20with%20the%20previous%20commenters%2C%20disabling%20the%20permissions%209%20months%20ahead%20of%20the%20end-of-life%20was%20not%20expected.%20Has%20anyone%20tried%20adding%20these%20permissions%20directly%20via%20API%20yet%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2809186%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2809186%22%20slang%3D%22en-US%22%3E%3CP%3ETimelines%20above%20mention%20NOTHING%20regards%20greying%20out%20the%20option%2C%20which%20would%20have%20helped%20me%20plan%20the%20migration%20work%20to%20Graph%20API.%20Congratulations%20Microsoft%2C%20you%20have%20just%20blocked%20a%20large%20customer%20onboarding%20en-masse%20to%20your%20cloud.%20wait%20is%20that%20AWS%20over%20there....%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2809414%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2809414%22%20slang%3D%22en-US%22%3E%3CP%3Edug%20this%20out%20of%20Microsoft%2C%20i%20hope%20it%20helps%20others%20that%20have%20been%20blindsided%20by%20this%20(note%20-%20obtain%20the%20values%20from%20an%20existing%20app%20reg)%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%22use%20the%20Manifest%20option%20from%20the%20app%20registration%20instead%20of%20API%20permissions.%20You%20will%20be%20able%20to%20add%20the%20permissions%20you%20need%20if%20you%20add%20a%20piece%20of%20code%20to%20this%20file%20in%20the%20requiredResourceAccess%20section.%20The%20resourceAppId%20%2200000002-0000-0000-c000-000000000000%22%20is%20the%20id%20used%20for%20AAD%20Graph%20API.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20you%20want%20to%20add%20delegated%20permissions%2C%20you%20need%20to%20use%20the%20type%20%22Scope%22%26nbsp%3B%20and%20if%20you%20want%20to%20use%20app%20permissions%2C%20you%20need%20to%20use%20%22Role%22.%22%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2810742%22%20slang%3D%22en-US%22%3ERe%3A%20Update%20your%20applications%20to%20use%20Microsoft%20Authentication%20Library%20and%20Microsoft%20Graph%20API%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2810742%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20have%20tweet%20about%20it%20previously%20here%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fnam06.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Ftwitter.com%252FMicrosoft365Dev%252Fstatus%252F1432810426442649603%253Fs%253D20%26amp%3Bdata%3D04%257C01%257Cjeedes%2540microsoft.com%257Cc13f6e4c1f274d58a39c08d987775ac8%257C72f988bf86f141af91ab2d7cd011db47%257C1%257C0%257C637689768968146086%257CUnknown%257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%253D%257C1000%26amp%3Bsdata%3D6iKal4ftg6LuzhHOws7ok%252BuMCpE5hew%252F52QQo5VxbBM%253D%26amp%3Breserved%3D0%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Ftwitter.com%2FMicrosoft365Dev%2Fstatus%2F1432810426442649603%3Fs%3D20%3C%2FA%3E%26nbsp%3BSorry%20if%20you%20have%20missed%20this%20announcement!!%3C%2FP%3E%0A%3CP%3EThe%20API%20and%20PowerShell%20approach%20still%20works%20to%20configure%20Azure%20AD%20Graph%20permissions%20with%20Azure%20AD.%20Our%20whole%20objective%20here%20is%20to%20reduce%20the%20new%20applications%20using%20Azure%20AD%20Graph%20permissions.%20So%20that%20you%20will%20have%20less%20number%20of%20apps%20to%20migrate%20and%20create%20a%20migration%20boundry%20for%20yourself.%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Version history
Last update:
‎Aug 06 2020 10:34 AM
Updated by: