![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 15%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJJ%3C/text%3E%3C/svg%3E)
Microsoft 365 and Office | Development | Other
Building custom solutions that extend, automate, and integrate Microsoft 365 apps.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 11%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETD%3C/text%3E%3C/svg%3E)
Hi @john john Pter
Thank you for posting your question in the Microsoft Q&A forum.
Please understand that our forum is a public platform, and we will modify your question to cover your organization domain name in the description. Please notice to hide these personal or organization information next time you post error or some information to protect personal data.
As forum moderators, we have certain limitations in our test environment, which unfortunately prevent us from reproducing your scenario to investigate the issue directly. However, based on our research, the error you're encountering typically indicates that the service account making the Microsoft Graph API call lacks the necessary privileges to set the preferredDataLocation property.
While your service account may currently hold SharePoint, Groups, and Teams admin roles, these roles do not grant permission to configure data residency settings. This action requires specific elevated permissions.
To successfully set the preferredDataLocation property, you must:
-Be assigned the Global Administrator role
-If you're not a Global Admin, please contact someone who is and request the Directory Writers and PreferredDataLocation Writer role assignments via the Microsoft Entra admin center > Roles & Admins > Add assignments.
If you switch to using client ID and secret (Entra ID app registration), ensure the app has the following delegated or application permissions:
-Group.ReadWrite.All
-Directory.ReadWrite.All
-User.ReadWrite.All
I hope this information is helpful.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.