Article Details
While the Microsoft Graph's Read.User API endpoint is classified as a low-risk permission by default, your organization might have changed this. In order to use Gingr's SSO, users will need to have this permission on. To do this, please refer to the steps below.
Notice: If you are a regular user, you will likely need the help of your organization's IT team to review and implement this!
Before You Begin
To configure permission classifications, you need:
- An Azure account with an active subscription.
- One of the following roles: Global Administrator, Application Administrator, or Cloud Application Administrator
Allow Microsoft Graph's Read.User API
Follow these steps to classify permissions using the Microsoft Entra admin center:
- Sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator.
-
Browse to Identity » Applications » Enterprise applications » Consent and permissions » Permission classifications.
- Choose the tab for the low risk permission classification you'd like to update.
- Choose Add permissions to classify another permission.
- Select the Microsoft Graph API.
- Select the User.Read delegated permission.
Related Resources
- Microsoft Single Sign-On Topic Outline
- Enable Microsoft Single Sign-On for User Groups How-To
- Log In with Microsoft Single Sign-On How-To
- Don't Have Permission to Log In with Microsoft Troubleshooting
- Microsoft SSO: Email Address Doesn't Match Any User Account in Gingr Troubleshooting
- Microsoft SSO: Can't Accept Permission for gingr-businessportal-oauth Troubleshooting
Comments
0 comments
Article is closed for comments.