monkey365 icon indicating copy to clipboard operation
monkey365 copied to clipboard
Published 5 months ago verified publisher icon silverhack

[Bug]: Remove obsolete Graph API

Open silverhack opened this issue 8 months ago • 0 comments

What happened?
The Azure Active Directory Graph is deprecated and will be switched off on next week.

Microsoft Graph is fully integrated with Monkey365's use of MSGraph objects, so it is not necessary to use the old AAD Graph API for collecting information from tenant.

A variable was introduced several months ago that forces Monkey365 to use MSGraph API so it's safe to remove old collectors and any reference to graph.windows.net legacy API.

Collectors used to get MFA information from users, as well as rules (e.g. entra-iam-privileged-users-disabled-mfa.json) will be affected by this change.

I'll investigate how to add support to Microsoft Graph ClientId, due that permissions to list authentication methods using MSGraph was not included in both, Azure ClientId, and Azure PowerShell ClientId (both used by Monkey365 to interactive authentication).

Thanks,

silverhack avatar Jun 25 '25 09:06 silverhack