Entra ID

Introducing a Dedicated Microsoft Graph Permission for License Assignment

For a long time, the User.ReadWrite.All permission was the least privilege possible for your application or scripts to perform Direct…

Carl Karawani

19 Jul 2024 — 1 min read

New LicenseAssignment.ReadWrite.All Permission available in EntraID

For a long time, the User.ReadWrite.All permission was the least privilege possible for your application or scripts to perform Direct License Assignment on users in Entra ID (Azure).

Previous Revision of the graph documentation — **October 27th, 2023**

This role would also allow the app to read and write all of the user’s profile properties, which is often more than you need when all you’re looking to achieve is license assignments.

Following the Principle Of Least Priviledge with `LicenseAssignment.Read.Write.All`

Starting July 15th, 2024, administrators have the ability to assign the LicenseAssignment.Read.Write.All permission. This allows an app to manage license assignments for users and groups without granting any additional permissions to user properties that it may not need, following the principle of least privilege (PoLP).

Microsoft Teams Admins can no longer create Teams Phone Resource Accounts

Less than a month ago (Apr 18, 2024), Microsoft announced via Message Center (MC780743) that the following Entra roles: * Teams Administrator * Teams Communications Administrator * Teams Telephony Administrator Will no longer grant the ability to create Resource Accounts. Starting in mid-July 2024, only Global Administrators or User Administrators can create and

How to Automatically License Resource Accounts in Microsoft Teams

As a Microsoft Teams Admin, you may face challenges creating new call queues or auto attendants if you don't have the appropriate roles to…

How to Check the Permissions of Your Microsoft Graph Application Via JWT

Check the Permissions of Your Microsoft Graph Application using Access Token (JWT) To ensure that your Microsoft Graph application is functioning properly, it is important to check its permissions (go here for a full list of graph permissions). This will help you make sure that the app has the necessary

Solutions for Managing Direct Routing Numbers in Teams

There are various reasons why your organization may choose Direct Routing as your PSTN connectivity option in Microsoft Teams. (Shameless plug to my other article on why you should consider DRaaS) * You may have an existing PSTN infrastructure (ex. SBCs / SIP Trunks) you want to continue to leverage with existing

Following the Principle Of Least Priviledge with LicenseAssignment.Read.Write.All

Read more

Microsoft Teams Admins can no longer create Teams Phone Resource Accounts

How to Automatically License Resource Accounts in Microsoft Teams

How to Check the Permissions of Your Microsoft Graph Application Via JWT

Solutions for Managing Direct Routing Numbers in Teams

Following the Principle Of Least Priviledge with `LicenseAssignment.Read.Write.All`