Azure Active Directory Graph no longer supported
Hello,
I am currently using your website to setup an RDM datasource in Microsoft Azure SQL with Azure AD authentication and Multifactor Authentication.
Part of this is the subject as written on your help page: Create an Azure Active Directory App Registration (remotedesktopmanager.com)
The webpage writes about usin Azure Active Directory Graph. But, when I go to this page in the Azure Portal I get greeted by the following
information:
Starting June 30th, 2020 we will no longer add any new features to Azure AD Graph API. We strongly recommend that you use Microsoft Graph API instead of Azure AD Graph API to access Azure Active Directory resources.
After looking up some more information it has come to my attention that Azure Active Directory Graph no longer gets any updates or patches. Including security patches.
Leaving this an undesirable choice of setting up an RDM datasource. As it is an unsave connection and this whole opperation began because of security.
Are you going to make it capable to switch to Microsoft Graph API? And if so, can I get any technical documentation on how to set this up?
All Comments (5)
Thank you for the information. You are correct we are currently required to grant User.Read to the old "Azure Active Directory Graph" as opposed to the new "Azure Graph" (you can actually grant both). This is/was a Microsoft requirement. Like all things Microsoft Azure things can change quickly. We will revalidate to see what the requirement is today and get back to you.
Best regards,
Stéfane Lavergne
Thank you for the quick response, I hope you can find the information I need.
From what I can gather, we no longer required to grant the User.Read permission on the old "Azure Active Directory Graph", as per this article "Connect to Azure SQL Database with Azure AD Multi-Factor Authentication" (dated 04/23/2020).
I've done preliminary tests with RDM and it can authenticate and it functions as expected. We will go ahead and change our documentation.
Odd find while investigating this issue. This article mentions that in some special cases the old "Azure Active Directory Graph" might need to be added. This might also be old documentation (08/17/2020). Only time will tell I guess. Configure and manage Azure AD authentication with Azure SQL
Best regards,
Screen shot in case the article changes one day.
Stéfane Lavergne
Hello Stéfane,
Thank you for your assistance. Any E.T.A on when the documentation will be updated?
Kind Regard,
Douwe
The changes have already been published.
https://help.remotedesktopmanager.com/datasources_advanced_sqlazure_configureappregistration.html
Stéfane Lavergne
