https://graph.windows.net/servicePrincipals/0000000a-0000-0000-c000-000000000000/serviceEndpointshttps://graph.microsoft.com/v1.0/servicePrincipals/0000000a-0000-0000-c000-000000000000/serviceEndpo... 

%3CLINGO-SUB%20id%3D%22lingo-sub-2428040%22%20slang%3D%22en-US%22%3ESupport%20Tip%3A%20Intune%20service%20discovery%20API%20endpoint%20will%20require%20specific%20permissions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2428040%22%20slang%3D%22en-US%22%3E%3CP%3EBeginning%20in%20January%202022%2C%20the%20Microsoft%20Intune%20%E2%80%9C%3CSTRONG%3EserviceEndpoints%3C%2FSTRONG%3E%E2%80%9D%20API%20will%20require%20specific%20permissions%20for%20all%20Azure%20Active%20Directory%20(Azure%20AD)%20Applications%20that%20call%20one%20of%20the%20following%20serviceEndpoints%3A%3C%2FP%3E%0A%3CPRE%3E%3CA%20href%3D%22https%3A%2F%2Fgraph.windows.net%2FservicePrincipals%2F0000000a-0000-0000-c000-000000000000%2FserviceEndpoints%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fgraph.windows.net%2FservicePrincipals%2F0000000a-0000-0000-c000-000000000000%2FserviceEndpoints%3C%2FA%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2FservicePrincipals%2F0000000a-0000-0000-c000-000000000000%2FserviceEndpoints%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2FservicePrincipals%2F0000000a-0000-0000-c000-000000000000%2FserviceEndpoints%3C%2FA%3E%26nbsp%3B%3C%2FPRE%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThese%20serviceEndpoints%20will%20need%20to%20have%20assigned%20one%20of%20the%20following%20API%20permissions%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EApplication.Read.All%3C%2FLI%3E%0A%3CLI%3EApplication.ReadWrite.All%3C%2FLI%3E%0A%3CLI%3EApplication.OwnedBy%3C%2FLI%3E%0A%3CLI%3EDirectory.Read.All%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20preferred%20and%20most%20secure%20API%20permission%20is%20%3CSTRONG%3EApplication.Read.All%3C%2FSTRONG%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ECustomers%20have%20requested%20Azure%20AD%20make%20this%20change%20to%20provide%20more%20granular%20permissions%20and%20roles%20in%20Azure%20AD.%20As%20part%20of%20the%20effort%2C%20the%20team%20reviewed%20the%20delegated%20and%20application%20permissions%20for%20endpoints%20and%20will%20require%20one%20of%20four%20permissions%20for%20an%20API%20call%20that%20Independent%20Software%20Vendors%20(ISV)%20integrated%20solutions%20often%20use.%20As%20part%20of%20our%20Intune%20ISV%20integration%20guidance%20documentation%2C%20many%20references%20include%20information%20about%20using%20the%20%E2%80%9C%3CSTRONG%3EserviceEndpoints%3C%2FSTRONG%3E%E2%80%9D%20API%20for%20Intune.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ENot%20a%20partner%3F%20Skip%20to%20how%20this%20may%20affect%20you%20as%20a%20customer%20under%3A%26nbsp%3B%3CA%20href%3D%22%23Appendix_C%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAppendix%20C%3A%20Adding%20a%20New%20Permission%20to%20a%20Single%20Tenant%20Application%20(For%20Customers)%3C%2FA%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH3%20id%3D%22toc-hId-2057032792%22%20id%3D%22toc-hId-2057026181%22%3EHow%20does%20this%20affect%20you%20as%20a%20partner%20who%20has%20Intune%20integration%3F%3C%2FH3%3E%0A%3CP%3EIf%20your%20solution%20makes%20the%20%2F%3CSTRONG%3EservicePrincipals%3C%2FSTRONG%3E%20API%20call%20(listed%20above)%20to%20retrieve%20tenant%20specific%20service%20endpoints%20for%20Intune%2C%20this%20may%20affect%20you.%20Based%20on%20documentation%20that%20Microsoft%20has%20shared%20with%20partners%2C%20we%20expect%20this%20to%20apply%20to%20partners%20that%20integrate%20with%20Intune%20for%20the%20following%20scenarios%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3ETelecom%20Expense%20Management%3C%2FLI%3E%0A%3CLI%3EMobile%20Threat%20Defense%3C%2FLI%3E%0A%3CLI%3ENetwork%20Access%20Control%3C%2FLI%3E%0A%3CLI%3E3rd%20Party%20Device%20Compliance%3C%2FLI%3E%0A%3CLI%3ESCEP%20Services%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EPlease%20review%20the%20below%20to%20take%20the%20necessary%20steps%20to%20apply%20the%20permissions%20needed%20as%20applicable.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EApplying%20permissions%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3EEnsure%20that%20your%20Azure%20AD%20Application%20includes%20one%20of%20the%20required%20permission%20scopes%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EApplication.Read.All%3C%2FLI%3E%0A%3CLI%3EApplication.ReadWrite.All%3C%2FLI%3E%0A%3CLI%3EApplication.OwnedBy%3C%2FLI%3E%0A%3CLI%3EDirectory.Read.All%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ENo%20further%20action%20is%20required%20if%20one%20of%20the%20listed%20permission%20scopes%20are%20in%20effect.%20See%3A%20%3CA%20href%3D%22%23Appendix_A%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAppendix%20A%3A%20Verify%20API%20Permissions%3C%2FA%3E%20for%20instructions%20on%20how%20to%20verify%20permission%20scopes.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EFor%20multi-tenant%20application%3A%20%3C%2FSTRONG%3EIf%20you%20are%20a%20partner%20who%20has%20created%20a%20multi-tenant%20application%20for%20your%20Intune%20integration%2C%20verify%20the%20API%20permissions%20in%20.%20If%20your%20application%20does%20not%20have%20one%20of%20the%20four%20listed%20permissions%2C%20you%20must%20update%20your%20application%E2%80%99s%20permissions%20by%20following%20instructions%20described%20in%20%3CA%20href%3D%22%23Appendix_B%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAppendix%20B%3A%20Add%20Permissions%20to%20a%20Multi-Tenant%20App%3C%2FA%3E.%20Then%2C%20customers%20must%20consent%20to%20the%20new%20permissions%20as%20described%20in%20%3CA%20href%3D%22%23Appendix_A%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAppendix%20D%3A%3C%2Fimg%3E%26nbsp%3B%3C%2FA%3E%3CA%20href%3D%22%23Appendix_A%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EGranting%20Admin%20Consent%20to%20New%20Permissions%3C%2FA%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EFor%20single%20tenant%20applications%3A%3C%2FSTRONG%3E%20If%20you%20are%20a%20partner%20who%20has%20instructed%20your%20customers%20to%20create%20their%20own%20app%20registration%20as%20a%20single-tenant%20application%2C%20your%20customers%20need%20to%20confirm%20required%20permissions%20are%20in%20effect.%20Instruct%20your%20customers%20to%20follow%20steps%20in%20%3CA%20href%3D%22%23Appendix_A%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAppendix%20A%3A%20Verify%20API%20Permissions%3C%2FA%3E%20and%20then%20if%20permissions%20are%20required%20to%20be%20added%2C%20instruct%20your%20customers%20to%20follow%20steps%20in%20%3CA%20href%3D%22%23Appendix_C%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAppendix%20C%3A%20Adding%20a%20New%20Permission%20to%20a%20Single%20Tenant%20Application%3C%2FA%3E%20and%20%3CA%20href%3D%22%23Appendix_D%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAppendix%20D%3A%3C%2Fimg%3E%20Granting%20Admin%20Consent%20to%20New%20Permissions%3C%2FA%3E.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EIMPORTANT%20NOTE%3A%3C%2FSTRONG%3E%20For%20all%20newly%20added%20permissions%20(whether%20it%E2%80%99s%20single-tenant%20or%20multi-tenant)%2C%20a%20required%20consent%20is%20needed%20from%20your%20customers.%20Microsoft%20recommends%20you%20send%20a%20change%20notification%20to%20your%20customers%20about%20this%20new%26nbsp%3Bpermissions%20requirement%20so%20they%20can%20plan%20appropriately.%20See%20%3CA%20href%3D%22%23AppendixD%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAppendix%20D%3A%3C%2Fimg%3E%20Granting%20Admin%20Consent%20to%20New%20Permissions%3C%2FA%3E%20that%20describe%20the%20steps%20for%20consent.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH3%20id%3D%22toc-hId-249578329%22%20id%3D%22toc-hId-249571718%22%3EHow%20does%20this%20affect%20you%20as%20a%20customer%20who%20has%20Intune%20integration%3F%3C%2FH3%3E%0A%3CP%3EIf%20you%20have%20a%20solution%20that%20makes%20the%20%2F%3CSTRONG%3EservicePrincipals%3C%2FSTRONG%3E%20API%20call%20(listed%20above)%20to%20retrieve%20tenant%20specific%20service%20endpoints%20for%20Intune%2C%20this%20may%20affect%20you.%20Based%20on%20documentation%20that%20Microsoft%20has%20shared%20with%20partners%2C%20we%20expect%20this%20to%20apply%20to%20partners%20that%20integrate%20with%20Intune%20for%20the%20following%20scenarios%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3ETelecom%20Expense%20Management%3C%2FLI%3E%0A%3CLI%3EMobile%20Threat%20Defense%3C%2FLI%3E%0A%3CLI%3ENetwork%20Access%20Control%3C%2FLI%3E%0A%3CLI%3E3rd%20Party%20Device%20Compliance%3C%2FLI%3E%0A%3CLI%3ESCEP%20Services%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIf%20you%20have%20received%20guidance%20from%20the%20partner%20with%20which%20you%20have%20an%20integrated%20solution%2C%20follow%20that%20guidance.%20If%20you%20have%20not%20received%20guidance%20from%20your%20partner%2C%20but%20want%20to%20verify%20that%20you%20are%20ready%20for%20the%20change%2C%20then%3A%3C%2FP%3E%0A%3COL%3E%0A%3CLI%3EFollow%20the%20instructions%20in%20%3CA%20href%3D%22%23Appendix_A%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAppendix%20A%3A%20Verify%20API%20Permissions%3C%2FA%3E.%3CBR%20%2F%3EIf%20your%20permissions%20are%20set%20correctly%2C%20you%20are%20done.%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3EIf%20your%20permissions%20need%20to%20be%20added%2C%20follow%20the%20steps%20in%20%3CA%20href%3D%22%23Appendix_C%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAppendix%20C%3A%20Adding%20a%20New%20Permission%20to%20a%20Single%20Tenant%20Application%20(For%20Customers)%3C%2FA%3E%20and%20then%20follow%20the%20steps%20in%20%3CA%20href%3D%22%23Appendix_D%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EAppendix%20D%3A%3C%2Fimg%3E%20Granting%20Admin%20Consent%20to%20New%20Permissions%20(For%20Customers%3C%2FA%3E).%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH3%20id%3D%22Appendix_A%22%20id%3D%22toc-hId--1557876134%22%20id%3D%22toc-hId--1557882745%22%3EAppendix%20A%3A%20Verify%20API%20Permissions%3C%2FH3%3E%0A%3CP%3ETo%20verify%20the%20assigned%20permissions%20for%20your%20multi-tenant%20application.%3C%2FP%3E%0A%3COL%3E%0A%3CLI%3EOpen%20the%20Azure%20Portal%20for%20Azure%20AD%20%3CA%20href%3D%22https%3A%2F%2Fportal.azure.com%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fportal.azure.com%3C%2FA%3E.%3C%2FLI%3E%0A%3CLI%3EAuthenticate%20as%20a%20user%20with%20permissions%20to%20manage%20Azure%20AD%20applications%20in%20the%20tenant%20that%20was%20used%20to%20create%20your%20multi-tenant%20application.%3C%2FLI%3E%0A%3CLI%3ENavigate%20to%20your%20list%20of%20registered%20apps%3A%20%3CA%20href%3D%22https%3A%2F%2Fportal.azure.com%2F%23blade%2FMicrosoft_AAD_IAM%2FActiveDirectoryMenuBlade%2FRegisteredApps%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fportal.azure.com%2F%23blade%2FMicrosoft_AAD_IAM%2FActiveDirectoryMenuBlade%2FRegisteredApps%3C%2FA%3E%26nbsp%3Band%20select%20the%20multi-tenant%20application%20that%20needs%20permission%20verification.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-1.png%22%20style%3D%22width%3A%20642px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287188i3239E3DC4AB92E4C%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-1.png%22%20alt%3D%22Figure%201%20-%20List%20of%20App%20registrations%20in%20the%20Azure%20AD%20portal.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%201%20-%20List%20of%20App%20registrations%20in%20the%20Azure%20AD%20portal.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3ESelect%20API%20Permissions%20and%20verify%20that%20your%20application%20contains%20the%20correct%20API%20permissions%20(one%20of%3A%3CBR%20%2F%3E%E2%80%A2%20Application.Read.All%20%3CBR%20%2F%3E%E2%80%A2%20Application.ReadWrite.All%3CBR%20%2F%3E%E2%80%A2%20Application.OwnedBy%3CBR%20%2F%3E%E2%80%A2%20Directory.Read.All%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-2.png%22%20style%3D%22width%3A%20712px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287189i0CA5AEFEDFCADD4A%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-2.png%22%20alt%3D%22Figure%202%20-%20List%20of%20assigned%20API%20permissions%20for%20the%20selected%20app%20with%20%26quot%3BApplication.Read.All%26quot%3B%20highlighted.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%202%20-%20List%20of%20assigned%20API%20permissions%20for%20the%20selected%20app%20with%20%22Application.Read.All%22%20highlighted.%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CH3%20id%3D%22Appendix_B%22%20id%3D%22toc-hId-929636699%22%20id%3D%22toc-hId-929630088%22%3EAppendix%20B%3A%20Add%20Permissions%20to%20a%20Multi-Tenant%20App%20(for%20Partners)%3C%2FH3%3E%0A%3CP%3ETo%20add%20permissions%20to%20your%20multi-tenant%20application.%3C%2FP%3E%0A%3COL%3E%0A%3CLI%3EOpen%20the%20Azure%20Portal%20for%20Azure%20AD%20%3CA%20href%3D%22https%3A%2F%2Fportal.azure.com%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fportal.azure.com%3C%2FA%3E.%3C%2FLI%3E%0A%3CLI%3EAuthenticate%20as%20a%20user%20with%20permissions%20to%20manage%20Azure%20AD%20applications%20in%20the%20tenant%20that%20was%20used%20to%20create%20your%20multi-tenant%20application.%3C%2FLI%3E%0A%3CLI%3ENavigate%20to%20your%20list%20of%20registered%20apps%3A%20%3CA%20href%3D%22https%3A%2F%2Fportal.azure.com%2F%23blade%2FMicrosoft_AAD_IAM%2FActiveDirectoryMenuBlade%2FRegisteredApps%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fportal.azure.com%2F%23blade%2FMicrosoft_AAD_IAM%2FActiveDirectoryMenuBlade%2FRegisteredApps%3C%2FA%3E%26nbsp%3Band%20select%20the%20multi-tenant%20application%20that%20needs%20updated%20permissions.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-3.png%22%20style%3D%22width%3A%20674px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287190iD292AD8D2C3211F7%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-3.png%22%20alt%3D%22Figure%203%20-%20List%20of%20App%20registrations%20in%20the%20Azure%20AD%20portal.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%203%20-%20List%20of%20App%20registrations%20in%20the%20Azure%20AD%20portal.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3ESelect%20API%20Permissions%20and%20verify%20that%20your%20application%20contains%20the%20correct%20API%20permissions.%20In%20this%20example%2C%20one%20of%20the%20required%20permissions%20is%20missing.%20(Application.Read.All).%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-4.png%22%20style%3D%22width%3A%20709px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287191i8DF453F2E6B0C941%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-4.png%22%20alt%3D%22Figure%204%20-%20Example%20list%20of%20available%20API%20permissions%20with%20one%20of%20the%20required%20permissions%20missing.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%204%20-%20Example%20list%20of%20available%20API%20permissions%20with%20one%20of%20the%20required%20permissions%20missing.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3ESelect%20%3CSTRONG%3EAdd%20a%20permission%3C%2FSTRONG%3E.%3CSTRONG%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FSTRONG%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-5.png%22%20style%3D%22width%3A%20724px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287192i689205BD49F23C98%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-5.png%22%20alt%3D%22Figure%205%20-%20Request%20API%20permission%20flow%20on%20adding%20a%20new%20permission.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%205%20-%20Request%20API%20permission%20flow%20on%20adding%20a%20new%20permission.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3E%3CP%3EChoose%20%3CSTRONG%3EMicrosoft%20Graph%3C%2FSTRONG%3E.%3C%2FP%3E%0A%3CP%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-6.png%22%20style%3D%22width%3A%20697px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287193i1B2F560667AE0BFC%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-6.png%22%20alt%3D%22Figure%206%20-%20Request%20API%20permission%20flow%20for%20the%20Microsoft%20Graph%20application.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%206%20-%20Request%20API%20permission%20flow%20for%20the%20Microsoft%20Graph%20application.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%0A%3C%2FLI%3E%0A%3CLI%3ESelect%20%3CSTRONG%3EApplication%20permissions%3C%2FSTRONG%3E.%3CSTRONG%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FSTRONG%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-7.png%22%20style%3D%22width%3A%20725px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287194i41145A7C2C7F2648%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-7.png%22%20alt%3D%22Figure%207%20-%20Requesting%20the%20Application%20permissions%20for%20the%20Microsoft%20Graph%20application.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%207%20-%20Requesting%20the%20Application%20permissions%20for%20the%20Microsoft%20Graph%20application.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3ESelect%20%22Application.Read.All%22%20and%20click%20%3CSTRONG%3EAdd%20permissions%3C%2FSTRONG%3E.%3CSTRONG%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FSTRONG%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-8.png%22%20style%3D%22width%3A%20737px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287195i02C65A5132972312%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-8.png%22%20alt%3D%22Figure%208%20-%20Requesting%20the%20%26quot%3BApplication.Read.All%26quot%3B%20permission%20for%20the%20Microsoft%20Graph%20application.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%208%20-%20Requesting%20the%20%22Application.Read.All%22%20permission%20for%20the%20Microsoft%20Graph%20application.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3EYour%20application%20permissions%20are%20now%20updated.%20Any%20customers%20who%20have%20registered%20your%20application%20in%20their%20tenant%20will%20need%20to%20consent%20to%20the%20new%20permissions.%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CH3%20id%3D%22Appendix_C%22%20id%3D%22toc-hId--877817764%22%20id%3D%22toc-hId--877824375%22%3EAppendix%20C%3A%20Adding%20a%20New%20Permission%20to%20a%20Single%20Tenant%20Application%20(For%20Customers)%3C%2FH3%3E%0A%3CP%3EIf%20your%20customer%20registers%20your%20application%20as%20a%20single%20tenant%20application%20within%20their%20tenant%2C%20they%20will%20need%20to%20add%20the%20permission%20themselves.%3C%2FP%3E%0A%3COL%3E%0A%3CLI%3EOpen%20the%20Azure%20Portal%20for%20Azure%20AD%20%3CA%20href%3D%22https%3A%2F%2Fportal.azure.com%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fportal.azure.com%3C%2FA%3E.%3C%2FLI%3E%0A%3CLI%3EAuthenticate%20as%20a%20user%20with%20permissions%20to%20manage%20Azure%20AD%20applications%20in%20the%20tenant%20that%20was%20used%20to%20create%20your%20single%20tenant%20application.%3C%2FLI%3E%0A%3CLI%3ENavigate%20to%20your%20list%20of%20registered%20apps%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fportal.azure.com%2F%23blade%2FMicrosoft_AAD_IAM%2FActiveDirectoryMenuBlade%2FRegisteredApps%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fportal.azure.com%2F%23blade%2FMicrosoft_AAD_IAM%2FActiveDirectoryMenuBlade%2FRegisteredApps%3C%2FA%3E.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-9.png%22%20style%3D%22width%3A%20722px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287196iDF62E78075594B4E%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-9.png%22%20alt%3D%22Figure%209%20-%20List%20of%20App%20registrations%20in%20the%20Azure%20AD%20portal.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%209%20-%20List%20of%20App%20registrations%20in%20the%20Azure%20AD%20portal.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3ESelect%20the%20single-tenant%20application%20that%20needs%20permission%20verification.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-10.png%22%20style%3D%22width%3A%20676px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287197iA7208AD25A3418F7%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-10.png%22%20alt%3D%22Figure%2010%20-%20Screenshot%20of%20an%20example%20Azure%20application%20and%20details%20under%20the%20Overview%20blade.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2010%20-%20Screenshot%20of%20an%20example%20Azure%20application%20and%20details%20under%20the%20Overview%20blade.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3ESelect%20%3CSTRONG%3EAPI%20permissions%3C%2FSTRONG%3E.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-11.png%22%20style%3D%22width%3A%20736px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287200i8E4F919D814E9629%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-11.png%22%20alt%3D%22Figure%2011%20-%20Navigating%20to%20the%20API%20permissions%20blade%20in%20the%20Azure%20AD%20portal.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2011%20-%20Navigating%20to%20the%20API%20permissions%20blade%20in%20the%20Azure%20AD%20portal.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3EClick%20%3CSTRONG%3EAdd%20a%20permission%3C%2FSTRONG%3E.%3CSTRONG%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FSTRONG%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-12.png%22%20style%3D%22width%3A%20744px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287201iCED14026A81FEA34%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-12.png%22%20alt%3D%22Figure%2012%20-%20Request%20API%20permission%20flow%20on%20adding%20a%20new%20permission.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2012%20-%20Request%20API%20permission%20flow%20on%20adding%20a%20new%20permission.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3ESelect%20%3CSTRONG%3EMicrosoft%20Graph%3C%2FSTRONG%3E.%3CSTRONG%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FSTRONG%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-13.png%22%20style%3D%22width%3A%20725px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287202iA57781B34032DC8C%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-13.png%22%20alt%3D%22Figure%2013%20-%20Request%20API%20permission%20flow%20for%20the%20Microsoft%20Graph%20application.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2013%20-%20Request%20API%20permission%20flow%20for%20the%20Microsoft%20Graph%20application.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3ESelect%20%3CSTRONG%3EApplication%20permissions%3C%2FSTRONG%3E.%3CSTRONG%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FSTRONG%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-14.png%22%20style%3D%22width%3A%20742px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287205i205B73378748773B%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-14.png%22%20alt%3D%22Figure%2014%20-%20Requesting%20the%20Application%20permissions%20for%20the%20Microsoft%20Graph%20application.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2014%20-%20Requesting%20the%20Application%20permissions%20for%20the%20Microsoft%20Graph%20application.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3EExpand%20Application%20and%20choose%20%22Application.Read.All%22%20and%20choose%20%3CSTRONG%3EAdd%20permissions%3C%2FSTRONG%3E.%3CSTRONG%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FSTRONG%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-15.png%22%20style%3D%22width%3A%20723px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287206iFFE164CF1E944F63%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-15.png%22%20alt%3D%22Figure%2015%20-%20Requesting%20the%20%26quot%3BApplication.Read.All%26quot%3B%20permission%20for%20the%20Microsoft%20Graph%20application.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2015%20-%20Requesting%20the%20%22Application.Read.All%22%20permission%20for%20the%20Microsoft%20Graph%20application.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3EClick%20%E2%80%9C%3CSTRONG%3EGrant%20admin%20consent%20for%20%3CTENANT%3E%3C%2FTENANT%3E%3C%2FSTRONG%3E%E2%80%9D%20and%20choose%20%E2%80%9C%3CSTRONG%3EYes%3C%2FSTRONG%3E%E2%80%9D.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-16.png%22%20style%3D%22width%3A%20678px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287207iEBE4148EADD5E82F%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-16.png%22%20alt%3D%22Figure%2016%20-%20Notice%20when%20selecting%20%26quot%3BGrant%20admin%20consent%20for%20%26lt%3Btenant%26gt%3B%26quot%3B.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2016%20-%20Notice%20when%20selecting%20%22Grant%20admin%20consent%20for%20%3CTENANT%3E%22.%3C%2FTENANT%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3EVerify%20that%20the%20permissions%20are%20granted%20for%20your%20tenant.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-17.png%22%20style%3D%22width%3A%20575px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287208i1F5E52DCFEBB987E%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-17.png%22%20alt%3D%22Figure%2017%20-%20Example%20screenshot%20of%20granted%20API%20permissions%20for%20a%20tenant.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2017%20-%20Example%20screenshot%20of%20granted%20API%20permissions%20for%20a%20tenant.%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CH3%20id%3D%22Appendix_D%22%20id%3D%22toc-hId-1609695069%22%20id%3D%22toc-hId-1609688458%22%3EAppendix%20D%3A%3C%2Fimg%3E%20Granting%20Admin%20Consent%20to%20New%20Permissions%20(For%20Customers)%3C%2FH3%3E%0A%3CP%3EFor%20customers%20who%20have%20previously%20registered%20your%20application%20in%20their%20tenant%2C%20they%20will%20now%20need%20to%20consent%20to%20the%20new%20permissions%20that%20you%20added%20to%20your%20multi-tenant%20application.%20These%20are%20the%20instructions%20for%20customers%20to%20consent%20to%20the%20new%20permission%3A%3C%2FP%3E%0A%3COL%3E%0A%3CLI%3EOpen%20the%20Azure%20Portal%20for%20Azure%20AD%20%3CA%20href%3D%22https%3A%2F%2Fportal.azure.com%2F%23blade%2FMicrosoft_AAD_IAM%2FActiveDirectoryMenuBlade%2FOverview%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fportal.azure.com%3C%2FA%3E.%3C%2FLI%3E%0A%3CLI%3EAuthenticate%20as%20a%20user%20with%20Global%20Administrator%20permissions%20to%20manage%20Azure%20AD%20applications%20in%20the%20tenant.%3C%2FLI%3E%0A%3CLI%3ENavigate%20to%20your%20list%20of%20enterprise%20apps%3A%20%3CA%20href%3D%22https%3A%2F%2Fportal.azure.com%2F%23blade%2FMicrosoft_AAD_IAM%2FStartboardApplicationsMenuBlade%2FAllApps%2FmenuId%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fportal.azure.com%2F%23blade%2FMicrosoft_AAD_IAM%2FStartboardApplicationsMenuBlade%2FAllApps%2FmenuId%2F%3C%2FA%3E.%3C%2FLI%3E%0A%3CLI%3ESearch%20for%20the%20application%20that%20was%20registered%20for%20the%20Intune%20integration.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-18.png%22%20style%3D%22width%3A%20728px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287209i20FDF0FE2B63F09A%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-18.png%22%20alt%3D%22Figure%2018%20-%20Example%20screenshot%20of%20an%20Azure%20AD%20app%20registered%20for%20the%20Intune%20integration.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2018%20-%20Example%20screenshot%20of%20an%20Azure%20AD%20app%20registered%20for%20the%20Intune%20integration.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3ESelect%20the%20application%20to%20view%20the%20Overview.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-19.png%22%20style%3D%22width%3A%20864px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287210i8CAE1AA93D74D8A5%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-19.png%22%20alt%3D%22Figure%2019%20-%20Screenshot%20of%20an%20example%20Azure%20application%20and%20details%20under%20the%20Overview%20blade.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2019%20-%20Screenshot%20of%20an%20example%20Azure%20application%20and%20details%20under%20the%20Overview%20blade.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3ESelect%20%3CSTRONG%3EPermissions%3C%2FSTRONG%3E.%3CSTRONG%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FSTRONG%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-20.png%22%20style%3D%22width%3A%20660px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287211i87A9AD4004D82D7F%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-20.png%22%20alt%3D%22Figure%2020%20-%20Permissions%20blade%20of%20an%20example%20Azure%20AD%20app%20registered%20for%20the%20Intune%20integration.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2020%20-%20Permissions%20blade%20of%20an%20example%20Azure%20AD%20app%20registered%20for%20the%20Intune%20integration.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSTRONG%3E%3CBR%20%2F%3E%3C%2FSTRONG%3E%3C%2FLI%3E%0A%3CLI%3EClick%20%3CSTRONG%3EGrant%20admin%20consent%20for%20%3CTENANT%20name%3D%22%22%3E%3C%2FTENANT%3E%3C%2FSTRONG%3E.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-21.png%22%20style%3D%22width%3A%20683px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287212i69DD49C156D0E05A%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-21.png%22%20alt%3D%22Figure%2021%20-%20Notice%20when%20granting%20admin%20consent%20for%20the%20tenant.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2021%20-%20Notice%20when%20granting%20admin%20consent%20for%20the%20tenant.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3EAuthenticate%20as%20a%20user%20with%20Global%20Administrator%20permissions.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-22.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287213i8B4252679376A542%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-22.png%22%20alt%3D%22Figure%2022%20-%20Authenticating%20as%20a%20user%20with%20Global%20Administrator%20permissions.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2022%20-%20Authenticating%20as%20a%20user%20with%20Global%20Administrator%20permissions.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3EAccept%20the%20updated%20permissions%20for%20the%20application.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-23.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287214iFF6F98C66782522A%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-23.png%22%20alt%3D%22Figure%2023%20-%20Accepting%20the%20updated%20permissions%20for%20the%20Azure%20AD%20application.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2023%20-%20Accepting%20the%20updated%20permissions%20for%20the%20Azure%20AD%20application.%3C%2FSPAN%3E%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FLI%3E%0A%3CLI%3EVerify%20the%20consent%20was%20successful%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22ServiceEndpointAPI%20Blog-24.png%22%20style%3D%22width%3A%20773px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F287215i6A557664875423C3%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22ServiceEndpointAPI%20Blog-24.png%22%20alt%3D%22Figure%2024%20-%20Successful%20admin%20consent.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EFigure%2024%20-%20Successful%20admin%20consent.%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FLI%3E%0A%3C%2FOL%3E%0A%3CP%3E%3CSPAN%3ELet%20us%20know%20if%20you%20have%20any%20additional%20questions%20by%20replying%20to%20this%20post%20or%20reaching%20out%20to%26nbsp%3B%3C%2FSPAN%3E%3CSPAN%3E%3CA%20href%3D%22https%3A%2F%2Faka.ms%2FIntuneSuppTeam%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3E%40IntuneSuppTeam%3C%2FA%3E%3C%2FSPAN%3E%3CSPAN%3E%26nbsp%3Bon%20Twitter.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-2428040%22%20slang%3D%22en-US%22%3E%3CP%3ERead%20this%20post%20to%20learn%20more%20on%20the%20changes%20to%20the%26nbsp%3B%E2%80%9CserviceEndpoints%E2%80%9D%20API%20in%20Microsoft%20Intune.%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2428040%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EGraph%20API%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIntune%20Customer%20Success%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E