urlscan.io logo urlscan.io
SecurityTrails logo

xsoar.pan.dev Open in urlscan Pro
199.36.158.100  Public Scan

Back to summary
URL: https://xsoar.pan.dev/docs/reference/articles/microsoft-integrations---authentication
Submission: On December 30 via api from BR — Scanned from CA

Form analysis 1 forms found in the DOM

<form inert="" class="css-1c6r4fi">
  <div class="css-1o7mzfr">
    <h2 id="hj-survey-lbl-1" aria-label="Was this page helpful? Select an option from 1 to 5, with 1 being Hate and 5 being Love" class="css-sbfv9v">Was this page helpful?</h2>
    <div aria-labelledby="hj-survey-lbl-1" role="radiogroup" class="css-1a0x1zp">
      <div class="css-u2ayx9"><label class="css-1aokw2q"><input type="radio" name="c61cd335-9c6d-495a-be49-1d5eff6c7882" aria-label="1" aria-describedby="hj-surveys-scale-option-label-0-ebbfb035-f5e3-4673-9ab1-0473d8d8ab9a" class="css-3bml7r">
          <div class="css-xrn97w"><svg xmlns="http://www.w3.org/2000/svg" width="40" height="40" fill="none">
              <path d="M36.3 2.5h-35a1.2 1.2 0 0 0-1 2.1L5 9.3v22A3.8 3.8 0 0 0 8.8 35h27.5a3.7 3.7 0 0 0 3.7-3.7v-25a3.8 3.8 0 0 0-3.7-3.8Z" fill="#FFC107"></path>
              <path
                d="M22.5 22.5a5 5 0 0 1 5 4A1.3 1.3 0 1 0 30 26a7.7 7.7 0 0 0-15 0 1.3 1.3 0 1 0 2.5.5c0-.2.9-4 5-4ZM16.3 18.1a1.9 1.9 0 1 0 0-3.7 1.9 1.9 0 0 0 0 3.7ZM28.7 18.1a1.9 1.9 0 1 0 0-3.7 1.9 1.9 0 0 0 0 3.7ZM32.4 8.2a1.3 1.3 0 0 0-1.7-.6l-5 2.5a1.3 1.3 0 1 0 1.1 2.3l5-2.5a1.3 1.3 0 0 0 .6-1.7ZM18.8 12.5a1.3 1.3 0 0 0 .5-2.4l-5-2.5a1.3 1.3 0 1 0-1.1 2.3l5 2.5.6.1Z"
                fill="#000"></path>
              <defs>
                <clipPath id="a">
                  <path fill="#fff" d="M0 0h40v40H0z"></path>
                </clipPath>
              </defs>
            </svg></div>
        </label><label class="css-1aokw2q"><input type="radio" name="c61cd335-9c6d-495a-be49-1d5eff6c7882" aria-label="2" aria-describedby="" class="css-3bml7r">
          <div class="css-xrn97w"><svg xmlns="http://www.w3.org/2000/svg" width="40" height="40" fill="none">
              <path d="M36.2 2.5h-35a1.3 1.3 0 0 0-.8 2.1L5 9.3v22A3.7 3.7 0 0 0 8.7 35h27.5a3.8 3.8 0 0 0 3.8-3.8v-25a3.8 3.8 0 0 0-3.8-3.7Z" fill="#FFC107"></path>
              <path d="M22.5 22.5a5 5 0 0 0-5 4A1.3 1.3 0 1 1 15 26a7.6 7.6 0 0 1 7.5-6 7.6 7.6 0 0 1 7.5 6 1.3 1.3 0 1 1-2.5.5c0-.2-.8-4-5-4ZM16.3 15.6a1.9 1.9 0 1 0 0-3.7 1.9 1.9 0 0 0 0 3.7ZM28.8 15.6a1.9 1.9 0 1 0 0-3.7 1.9 1.9 0 0 0 0 3.7Z"
                fill="#000"></path>
              <defs>
                <clipPath id="a">
                  <path fill="#fff" d="M0 0h40v40H0z"></path>
                </clipPath>
              </defs>
            </svg></div>
        </label><label class="css-1aokw2q"><input type="radio" name="c61cd335-9c6d-495a-be49-1d5eff6c7882" aria-label="3" aria-describedby="" class="css-3bml7r">
          <div class="css-xrn97w"><svg xmlns="http://www.w3.org/2000/svg" width="40" height="40" fill="none">
              <path
                d="M36.3 2.5h-35A1.3 1.3 0 0 0 0 4c0 .2.2.5.4.6L5 9.3v22A3.8 3.8 0 0 0 8.8 35h27.5a3.7 3.7 0 0 0 3.7-3.7v-25a3.7 3.7 0 0 0-3.7-3.8Zm-20 20h12.5a1.2 1.2 0 1 1 0 2.5H16.3a1.2 1.2 0 1 1 0-2.5Zm-2-8.7a1.9 1.9 0 1 1 3.8 0 1.9 1.9 0 0 1-3.7 0Zm14.5 1.8a1.9 1.9 0 1 1 0-3.7 1.9 1.9 0 0 1 0 3.7Z"
                fill="#FFC107"></path>
              <path d="M16.3 15.6a1.9 1.9 0 1 0 0-3.7 1.9 1.9 0 0 0 0 3.7ZM28.7 15.6a1.9 1.9 0 1 0 0-3.7 1.9 1.9 0 0 0 0 3.7ZM16.2 25h12.5a1.3 1.3 0 0 0 0-2.5H16.2a1.3 1.3 0 0 0 0 2.5Z" fill="#000"></path>
              <defs>
                <clipPath id="a">
                  <path fill="#fff" d="M0 0h40v40H0z"></path>
                </clipPath>
              </defs>
            </svg></div>
        </label><label class="css-1aokw2q"><input type="radio" name="c61cd335-9c6d-495a-be49-1d5eff6c7882" aria-label="4" aria-describedby="" class="css-3bml7r">
          <div class="css-xrn97w"><svg xmlns="http://www.w3.org/2000/svg" width="40" height="40" fill="none">
              <path d="M36.2 2.5h-35c-.5 0-1 .3-1 .8-.3.5-.2 1 .2 1.3L5 9.3v22c0 2 1.6 3.7 3.7 3.7h27.5c2.2 0 3.8-1.6 3.8-3.7v-25c0-2.2-1.6-3.8-3.8-3.8Z" fill="#FFC107"></path>
              <path
                d="M16 20c.6-.1 1.4.3 1.5 1a5 5 0 0 0 5 4 5 5 0 0 0 5-4c.1-.7.8-1.1 1.5-1 .8.1 1.1.8 1 1.5a7.6 7.6 0 0 1-9.1 5.9c-3-.6-5.3-3-5.9-5.9-.1-.6.3-1.4 1-1.5ZM16.3 15.6a1.9 1.9 0 1 0 0-3.7 1.9 1.9 0 0 0 0 3.7ZM28.7 15.6a1.9 1.9 0 1 0 0-3.7 1.9 1.9 0 0 0 0 3.7Z"
                fill="#000"></path>
              <defs>
                <clipPath id="a">
                  <path fill="#fff" d="M0 0h40v40H0z"></path>
                </clipPath>
              </defs>
            </svg></div>
        </label><label class="css-1aokw2q"><input type="radio" name="c61cd335-9c6d-495a-be49-1d5eff6c7882" aria-label="5" aria-describedby="hj-surveys-scale-option-label-1-0c6b5b72-4f6f-402c-89d8-8636c67e983a" class="css-3bml7r">
          <div class="css-xrn97w"><svg xmlns="http://www.w3.org/2000/svg" width="40" height="40" fill="none">
              <path d="M36.2 2.5h-35c-.5 0-1 .3-1 .8-.3.5-.2 1 .2 1.3L5 9.3v22c0 2 1.6 3.7 3.7 3.7h27.5c2.2 0 3.8-1.6 3.8-3.7v-25c0-2.2-1.6-3.8-3.8-3.8Z" fill="#FFC107"></path>
              <path
                d="M18.8 10.6c-1-.8-2.3-.8-3.2 0l-.6.7-.6-.7c-.9-.8-2.3-.8-3.1 0-1 .9-1 2.3 0 3.2l3.7 3.7 3.8-3.8c.8-.8.8-2.2 0-3ZM30.6 10.6l-.6.7-.6-.7c-.9-.8-2.3-.8-3.2 0-.8.9-.8 2.3 0 3.2l3.8 3.7 3.7-3.8c1-.8 1-2.2 0-3-.8-1-2.2-1-3 0ZM22.4 27.5c5 0 7.5-4.4 7.5-6 0-.4 0-.6-.3-1-.2-.4-.6-.5-1-.5H16.2c-.3 0-.7.1-1 .5-.2.4-.2.6-.2 1 0 1.6 2.5 6 7.4 6Z"
                fill="#000"></path>
              <defs>
                <clipPath id="a">
                  <path fill="#fff" d="M0 0h40v40H0z"></path>
                </clipPath>
              </defs>
            </svg></div>
        </label></div>
      <div class="css-10fm8f7"><span id="hj-surveys-scale-option-label-0-ebbfb035-f5e3-4673-9ab1-0473d8d8ab9a" aria-label="Hate" title="Hate" class="css-38tzp0">Hate</span><span
          id="hj-surveys-scale-option-label-1-0c6b5b72-4f6f-402c-89d8-8636c67e983a" aria-label="Love" title="Love" class="css-14zji0u">Love</span></div>
    </div>
  </div>
  <div class="css-c9t5sg">
    <div class="css-36amt5"><button type="button" kind="primary" disabled="" aria-label="Next question" size="s" class="css-35zu28">Next</button></div>
  </div>
</form>

Text Content

Skip to main content
⭐️ If you like Cortex XSOAR Content, give it a star on GitHub! ⭐
×
MenuDeveloper DocsArticlesReferenceMarketplace
Products
 * PAN-OS
 * Cortex Data Lake
 * Cortex XSOAR
 * Prisma

Partners
 * Why Cortex XSOAR?
 * Become a Partner
 * Adopt-a-Pack
 * Pack Certification
 * Office Hours
 * Sign Up Now

Blog
🌜
🌞

SearchK

 * Developer Docs
 * Articles
 * Reference
 * Marketplace
 * Products
   * PAN-OS
   * Cortex Data Lake
   * Cortex XSOAR
   * Prisma
 * Partners
   * Why Cortex XSOAR?
   * Become a Partner
   * Adopt-a-Pack
   * Pack Certification
   * Office Hours
   * Sign Up Now
 * Blog
 * 

Menu
 * Index
 * Add Indicators to SIEM
 * AWS Integrations - Authentication
 * Configure Server and Integrations to Trust Custom Certificates
 * Creating Custom SlackAsk Blocks
 * Demisto Add-on for Splunk
 * Deprecated Content Items
 * Deprecating content items/packs and hide packs processes
 * Digital Forensics Content Roundup
 * Download Content Packs and Docker Images Offline
 * EWS V2 Troubleshooting
 * Export Indicators to a 3rd-party
 * Identity Lifecycle Management (ILM)
 * Invoking Long Running HTTP Integrations via Server's HTTPS endpoint
 * Managing Credentials
 * Microsoft Azure and O365 Integrations Overview
 * Microsoft Integrations - Authentication
 * Migrating MineMeld to Cortex XSOAR
 * OProxy
 * Palo Alto Networks Integrations Overview
 * Powershell Remoting - Configuration
 * Processing Google Form Responses via a Webhook
 * Processing Microsoft Form Responses via a Webhook
 * Set up Google Maps in Cortex XSOAR to use map automations
 * System Diagnostics and Health Check
 * The Default Pack
 * Troubleshooting Guide
 * XSIAM Alert handling Playbooks


MICROSOFT INTEGRATIONS - AUTHENTICATION

SECURITY AWARENESS: DEVICE CODE AUTHORIZATION

It is recommended to use the client credentials and user authorization flows for
integrations when possible. The device code authorization flow has limited
protections against sophisticated phishing campaigns.

In no scenario emails or other forms of communication will be sent to the
customer asking to enter a security code or follow a link. All generated links
and codes will be shown in the War Room, by running the official integration
commands.

More info at: Device Code flow - Evolved phishing

Microsoft's integrations (Graph and Azure) in Cortex XSOAR use Azure Active
Directory applications to authenticate with Microsoft APIs. These integrations
use OAuth 2.0 and OpenID Connect standard-compliant authentication services,
which use an Application to sign-in or delegate authentication. For more
information, see the Microsoft identity platform overview.

There are three application authentication methods available:

 1. Cortex XSOAR Application
 2. Self Deployed Application
 3. Azure Managed Identities


CORTEX XSOAR APPLICATION#

In this method, you grant consent for the Cortex XSOAR multi-tenant application
to access your data. The application is maintained by Cortex XSOAR. Depending on
the integration, this requires either admin consent to get access without a user
or user consent to get access on behalf of a user.

Note: This method requires that you give consent to all permissions requested by
the application.

To start the authentication process, go to the integration's detailed
instructions:

 1. Navigate to Settings > Integration > Servers & Services.

 2. Search for wanted Microsoft integration, e.g. O365 Outlook Mail (Using Graph
    API).

 3. Click Add instance.

 4. Click the Link that appears in the Help section:.

 5. In the XSOAR Web Page that appears, click the Start Authorization Process
    button to initiate the authorization flow. You will receive your ID, token,
    and key. You need to enter this information, when you configure the
    integration instance in Cortex XSOAR.


SELF DEPLOYED APPLICATION#

To use a self-configured Azure application, you need to add a new Azure App
Registration in the Azure Portal.

The application must have the required permissions for the relevant APIs, which
are documented in the integration documentation, for example see Microsoft
Defender Advanced Threat Protection required permissions.

To add the registration, refer to the Microsoft documentation


USING NATIONAL CLOUD#

 * To see which integrations support natively National Clouds,See the table
   below.
   
   * For Microsoft Azure integrations, select the appropriate cloud using the
     Azure Cloud parameter.
   * For Microsoft Defender, select the appropriate cloud using the Endpoint
     Type parameter.
   * For using the self-deployment option, select the Custom option and follow
     the instructions below.

 * Some Cortex XSOAR-Microsoft integrations support the deployment of national
   clouds through the self-deployed authorization flow. For more information
   about Microsoft National Clouds, refer to the Microsoft documentation. In
   order to use a national cloud, change the Server URL parameter to the
   corresponding address of the national cloud you are using.


CLIENT CREDENTIALS FLOW#

Some Cortex XSOAR-Microsoft integrations use the client credentials flow. The
Tenant ID, Client ID, and Client secret are required for the integration.

To configure a Microsoft integration that uses this authorization flow with a
self-deployed Azure application:

 1. Enter your client ID in the ID parameter field.
 2. Enter your client secret in the Key parameter field.
 3. Enter your tenant ID in the Token parameter field.
 4. Select the Use a self-deployed Azure Application checkbox in the integration
    instance configuration.
 5. Test and Save the instance.

Alternatively, instead of providing the Client Secret, you can authenticate
using certificate credentials by providing:

* Certificate Thumbprint - The certificate thumbprint as appears when
registering the certificate to the App
* Private Key - The private key of the registered certificate
Copy


AUTHORIZATION CODE FLOW#

Some Cortex XSOAR-Microsoft integrations (e.g., Microsoft Graph Mail Single
User) require authorization on behalf of a user (not admin consent). For more
information about this authorization flow, refer to the authorization code flow.

To configure a Microsoft integration that uses this authorization flow with a
self-deployed Azure application:

 1.  Make sure the needed permissions are granted for the app registration,
     e.g., for Microsoft Graph User: API/Permission name
     Directory.AccessAsUser.All of type Delegated.

 2.  In your app. click Authentication > Platform configurations > Add a
     platform. Choose Web and add Redirect URI. The Redirect URI can direct any
     web application that you wish to receive responses from Azure AD. If you
     are not sure what to set, you can use https://localhost.

 3.  Enter your client ID in the ID parameter field.

 4.  Enter your client secret in the Key parameter field.

 5.  Enter your tenant ID in the Token parameter field.

 6.  Enter your redirect URI in the Redirect URI parameter field.

 7.  Select the Use a self-deployed Azure Application checkbox in the
     integration instance configuration.

 8.  Save the instance.

 9.  Run the !<integration command prefix>-generate-login-url command in the War
     Room and follow the instructions:
     
     >  1. Click on the login URL to sign in and grant Cortex XSOAR permissions
     >     for your Azure Service Management. You will be automatically
     >     redirected to a link with the following structure:
     >     REDIRECT_URI?code=AUTH_CODE&session_state=SESSION_STATE
     >  2. Copy the AUTH_CODE (without the code= prefix, and the session_state
     >     parameter) and paste it in your instance configuration under the
     >     Authorization code parameter.
     >  3. For any issues, see Authorization Code flow Troubleshooting.

 10. Save the instance.

 11. Run the !<integration command prefix>-auth-test command. A 'Success'
     message should be printed to the War Room.


DEVICE CODE FLOW#

Some Cortex XSOAR-Microsoft integrations use the device code flow.

To configure a Microsoft integration that uses this authorization flow with a
self-deployed Azure application:

 1. Make sure the needed permissions are granted for the app registration.

 2. The Redirect URI can direct any web application that you wish to receive
    responses from Azure AD. If you are not sure what to set, you can use
    https://localhost.

 3. In Supported account types, Accounts in any organizational directory (Any
    Azure AD directory - Multi-tenant) should be selected.

 4. In the app registration, navigate to Authentication > Advanced Settings, and
    enable the mobile and desktop flows.

 5. Enter your application ID in the Application ID parameter field.

 6. Run the !<integration command prefix>-auth-start command - you will be
    prompted to open the page https://microsoft.com/devicelogin and enter the
    generated code.

 7. Run the !<integration command prefix>-auth-complete command.

 8. Run the !<integration command prefix>-auth-test command to ensure
    connectivity to Microsoft.


AZURE MANAGED IDENTITIES AUTHENTICATION#

NOTE: THIS OPTION IS RELEVANT ONLY IF THE INTEGRATION IS RUNNING ON AZURE VM.#

Some of the Cortex XSOAR-Microsoft integrations use the Azure Managed Identities
Authentication.

Follow one of these steps for authentication based on Azure Managed Identities:

 * TO USE SYSTEM ASSIGNED MANAGED IDENTITY#
   
   * Select Azure Managed Identities from the Authentication Type drop down or
     select the Use Azure Managed Identities checkbox and leave the Azure
     Managed Identities Client ID field empty.

 * TO USE USER ASSIGNED MANAGED IDENTITY#
   
   1. Go to Azure Portal -> Managed Identities.
   2. Select your User Assigned Managed Identity -> copy the Client ID -> paste
      it in the Azure Managed Identities Client ID field in the instance
      settings.
   3. Select Azure Managed Identities from the Authentication Type drop down or
      select the Use Azure Managed Identities checkbox.


REVOKE CONSENT#

In order to revoke consent to a Cortex XSOAR Microsoft application, refer to the
Microsoft documentation.


AZURE INTEGRATIONS PARAMETERS#

In order to use the Cortex XSOAR Azure application, you need to fill in your
subscription ID and resource group name, which you can find in the Azure Portal.

 1. Log in to the Azure Portal Home Page using your Azure credentials.

 2. Search for your Azure product, for example SQL Servers:
    
    

 3. Click on your resource:
    
    

After you a redirected to the next page, in the Overview tab you will find your
Resource group and Subscription ID:




SELF DEPLOYED APPLICATION - EXAMPLE FOR MICROSOFT GRAPH USER INTEGRATION#

 1. In Microsoft Azure portal, create a new app registration.
    
    1. Select Azure Active Directory> App registrations> New registration.
       
       
    
    2. In the Redirect URI (optional) field select Web and type a name (you can
       enter an arbitrary name). In this example we use https<nolink>://xsoar.
       
       
    
    3. Click Register.
       
       You can see the Essential information here:
       
       
    
    4. Copy the following information:
       
       * Application (client) ID
       * Directory (tenant) ID

 2. Get the client secret, which is used for the key in the integration
    settings.
    
    1. Click Certificate and secrets -> New client secret.
       
       Copy the client secret.

 3. Ensure the needed permissions are granted for the app registration.
    
    1. Go to API permissions>Add a permission>Microsoft Graph>Delegated
       permissions and search for Directory.AccessAsUser.All of type Delegated.
    
    2. Click Add permissions.
       
       
       
       NOTE: Ensure that you have the following permissions:
    * Directory.Read.All - Delegated
    * User.ReadWrite.All - Application
    * User.Read - Delegated

 4. Get the authorization code.
    
    1. Type the following in a browser:
       https://login.microsoftonline.com/<tenant_id\>/oauth2/v2.0/authorize?response_type=code&scope=offline_access%20directory.accessasuser.all&client_id=*<client_id\>*&redirect_uri=https%3A%2F%2Fxsoar
       
       Replace tenant_id and client-id with the tenant ID that was generated in
       step 1.iv.
       
       The URI is the https<nolink>://xsoar.
       
       This prompts the admin user to sign in and grant the app the appropriate
       permissions:
       
       
       
       Once completed you are redirected to the redirect URI and will receive an
       authorization code in the query parameters of the URI.
       
       NOTE: If there are multiple query parameters returned you should just
       copy the code value.
       
       
    
    2. Copy the AUTH_CODE (without the "code=" prefix). This value must be used
       in the MS Graph User in Cortex XSOAR integration in the Authorization
       Code field.

 5. Add the information to the instance in Cortex XSOAR by going to
    Settings>Integrations>Microsoft Graph User>Add Instance.
    
    1. In the ID parameter field, type the client ID.
    2. in the Token parameter field, type the tenant ID.
    3. In the Key parameter field, type your client secret.
    4. Click the Use a self-deployed Azure application checkbox.
    5. In the Redirect URI field, type the redirect URI we are entering at the
       Azure portal.
    6. In the Authorization code for self-deployed mode - received from the
       authorization step, type the code that was generated in 4.2.
    7. Save the integration settings and test the setup by running the
       !msgraph-user-test command from the Cortex XSOAR CLI.


SUPPORTED AUTHENTICATION FLOWS FOR MICROSOFT INTEGRATIONS#

Integration NameXSOAR ApplicationClient CredentialsDevice CodeAuth code
(redirect URI)Azure Managed IdentitiesSupports National CloudsAzure Compute
v2yesyesnonononoAzure Data Exploreryes -
deviceyesyesyesnonoAzureDevOpsyesyesyesyesnonoAzure
FirewallyesyesyesnoyesnoAzure Key VaultnoyesnonoyesyesAzure Kubernetes
ServicesyesyesyesyesyesyesAzure Log AnalyticsyesyesnoyesyesyesAzure Network
Security GroupsyesyesyesyesyesnoAzure Risky UsersyesyesyesnoyesnoAzure Security
Center v2yesyesnonoyesnoMicrosoft Defender for Cloud Event
CollectornoyesnonononoAzure SentinelnoyesnonoyesyesAzure SQL
ManagementyesyesyesyesyesnoAzure StorageyesyesyesyesyesnoAzure Storage
ContainernonononoyesnoAzure Storage FileSharenonononononoAzure Storage
QueuenonononoyesnoAzure Storage TablenonononoyesnoAzure Web Application
FirewallyesyesyesyesyesnoMicrosoft 365 DefenderyesyesyesnoyesnoMicrosoft 365
Defender Event Collector - XSIAMnoyesnonono - saasnoMicrosoft Defender for Cloud
AppsnoyesyesnonoyesMicrosoft Defender for Endpoint (Defender
ATP)yesyesnoyesyesyesMicrosoft Graph APIyesyesyesyesyesyesAzure Active Directory
Applicationsyes - deviceyesyesnoyesnoO365 Outlook
CalendaryesyesnonoyesnoMicrosoft Graph Device ManagementyesyesnonoyesyesO365
File ManagementyesyesnoyesyesnoMicrosoft Graph GroupsyesyesnoyesyesnoAzure
Active Directory Identity And AccessyesyesyesnoyesnoMicrosoft Graph Mail Single
UseryesnonoyesyesnoO365 Outlook MailyesyesnonoyesyesMicrosoft Graph
SecurityyesyesnoyesyesnoMicrosoft Graph UseryesyesnoyesyesnoMicrosoft Management
Activity API (O365 Azure Events)yesnonoyesyesnoMicrosoft
TeamsnoyesnoyesnonoMicrosoft Teams Managementyesyesyesnoyesno


TROUBLESHOOTING#

RESET AUTHENTICATION#

In case of errors in the authentication process, such as a token revoked/expired
or in case you generate new credentials, you can use the !<integration command
prefix>-auth-reset command in the War Room in order to rerun the authentication
process, instead of recreating a new integration instance. After running the
command, click Test to verify the connectivity of the instance.

For example, when using the "self-deployed Azure app" for Microsoft Graph Mail
Single User, in case of an expired/revoked token error:

 1. Run !msgraph-mail-auth-reset.
 2. Validate that all the credentials you entered are correct (Client ID, Client
    Secret, Tenant ID, Application redirect URI).
 3. Run !msgraph-mail-generate-login-url to generate a new Authorization code.
    See Authorization Code flow Troubleshooting.
 4. Run !msgraph-mail-test to test the connectivity of the email.

Note: If encountering an "Insufficient privileges to complete the operation"
error, ensure the necessary permissions were added according to the integration
documentation. Subsequently, reset the authentication and initiate the
authentication process again.

AUTHORIZATION CODE FLOW TROUBLESHOOTING#

If you encounter issues with the User consent, such as a "Missing scope
permissions on the request. API requires one of..." error after generating a new
authorization code using the generate-login-url command, even though you have
provided all the mentioned permissions, it may indicate that you need to trigger
the consent process again.
To do this, copy the login URL, add &prompt=consent to the end of the URL, and
then log in.
For details, see Microsoft's documentation on Request an authorization code.

Edit this page
Report an Issue
Previous
« Microsoft Azure and O365 Integrations Overview
Next
Migrating MineMeld to Cortex XSOAR »
 * Cortex XSOAR Application
 * Self Deployed Application
   * Using National Cloud
   * Client Credentials Flow
   * Authorization Code flow
   * Device Code Flow
 * Azure Managed Identities Authentication
 * Revoke Consent
 * Azure Integrations Parameters
 * Self Deployed Application - Example for Microsoft Graph User integration
 * Supported Authentication Flows for Microsoft integrations
 * Troubleshooting

DOCS

 * Developer Docs
 * Become a Technology Partner

SOCIAL

 * Blog

Copyright © 2024 Palo Alto Networks, Inc.

Feedback


WAS THIS PAGE HELPFUL?

HateLove
Next