Comments on: Microsoft Takes Steps to Offset Midnight Blizzard Damage https://practical365.com/application-impersonation-midnight-blizzard/ Practical Office 365 News, Tips, and Tutorials Thu, 11 Jul 2024 19:31:37 +0000 hourly 1 https://wordpress.org/?v=6.6.1 By: <div class="apbct-real-user-wrapper"> <div class="apbct-real-user-author-name">Tony Redmond</div> <div class="apbct-real-user-badge" onmouseover=" let popup = document.getElementById('apbct_trp_comment_id_291089'); popup.style.display = 'inline-flex'; "> <div class="apbct-real-user-popup" id="apbct_trp_comment_id_291089"> <div class="apbct-real-user-title"> <p class="apbct-real-user-popup-header">The Real Person!</p> <p class="apbct-real-user-popup-text">Author <b>Tony Redmond</b> acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.</p> </div> </div> </div> </div> https://practical365.com/application-impersonation-midnight-blizzard/#comment-291089 Tue, 26 Mar 2024 22:16:56 +0000 https://practical365.com/?p=60617#comment-291089 In reply to Adam.

Correct. That’s the way we are heading. The strong preference within Microsoft is for apps to use fine-grained Graph permissions instead of these ‘administrator is God’ permissions.

]]> By: Adam https://practical365.com/application-impersonation-midnight-blizzard/#comment-291057 Tue, 26 Mar 2024 14:57:08 +0000 https://practical365.com/?p=60617#comment-291057 Hi, so basically the retirement of the RBAC application impersonation in Exchange online means nobody will be able to assign full_access_as_app as a app role in Office 365 Exchange Online to any service principal within the API permissions blade for any given application, correct (since MSFT will start blocking RBAC assignments for the role in May 2024)?

]]>