Update your applications to use Microsoft Authentication Library and Microsoft Graph API

Oscar 172 Reputation points
2021-07-16T07:39:43.49+00:00

Hello,

Can you please confirm if we should do anything with this situation:

We have some Microsoft apps and our own apps registered or added via enterprise apps

For all those apps, under the Azure App Registration->Permissions section, we see the message: "This application is using Azure AD Graph API, which is on a deprecation path. Starting June 30th, 2020 we will no longer add any new features to Azure AD Graph API. We strongly recommend that you upgrade your application to use Microsoft Graph API instead of Azure AD Graph API to access Azure Active Directory resources. Learn more"

If we change manually the Permissions grant from Azure Active Directory Graph to Microsoft Graph, then the message disappears

But should we do this for all apps, like for all that we have registered or added via the Enterprise apps section or it can be kept with Azure Active Directory Graph,

Because any new app registered or added via Enterprise apps still by default receives the Azure Active Directory Graph permissions grant.

Or we should walk one by one app and change from Azure Active Directory Graph to Microsoft Graph? Or this will be done automatically from the Microsoft side when the date comes (June 30th, 2022)?

And if we should do this manually, should it be done for Microsoft Apps and for 3rd-party registered?

And if we should do this manually, is it possible to replace it automatically using a PowerShell script?

115318-image.png

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,041 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. JosephXu-MSFT 531 Reputation points
    2021-07-19T03:08:12.6+00:00

    Hi @Oscar :

    1. Automatic migration of data is not supported. We should walk one by one app and change from Azure Active Directory Graph to Microsoft Graph. You just need to add and grant necessary Graph API permissions to your application registered in Azure AD. After that, you can call the Microsoft Graph API by adding an authorization header.
      115619-image.png
      1. Use the new migration guidance to start migrating your Azure AD Graph apps to Microsoft Graph. :)

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  2. Oscar 172 Reputation points
    2021-07-19T06:57:57.843+00:00

    @JosephXu-MSFT

    Would be great to have answers on:

    And if we should do this manually, should it be done for Microsoft Apps and for 3rd-party registered? (as an example Office 365 apps, Security, Azure, Intune that were added automatically by enrolling into Microsoft service/license)

    And if we should do this manually, is it possible to replace it automatically using a PowerShell script?

    Because if I run a report from all apps we have, there is more than 1000, our own build apps that use an ADAL CODE that must migrate is less than 10.


  3. Oscar 172 Reputation points
    2021-07-20T09:02:38.303+00:00

    @JosephXu-MSFT

    And what about 3rd party apps, that are added automatically when users confirm the app, we should walk thru them as well and change permissions to Microsoft Graph?

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.