question

Ruchi-0056 avatar image
0 Votes"
Ruchi-0056 asked Ruchi-0056 commented

Clarifications on Azure AD Graph Endpoints post June 2022

Hi, There is a confusion over whether Azure AD Graph endpoint will still send us response post June 2022.
Endpoint examples:
1. https://graph.windows.net/${tenantId}/users?api-version=1.6
1. https://graph.windows.net/${tenantId}/groups?api-version=1.6
The following document makes 2 different statements Update your applications to use Microsoft Authentication Library and Microsoft Graph API

1. Apps using Azure AD Graph after this time will no longer receive responses from the Azure AD Graph endpoint.
2. Apps using ADAL on existing OS versions will continue to work after this time but will not get any technical support or security updates.

Whereas in another document microsoft-graph-or-azure-ad-graph it clearly states that
1. NOTE: For existing applications that already use Azure AD Graph , nothing changes and it's business as usual . The Azure AD Graph GA endpoint will remain fully available for all applications including production applications. We will continue to closely monitor this API, fix service issues and strive to continue to provide 99.99% service availability.

2. Also it says : For developers with existing apps that call Azure AD Graph, we will provide guidance for those who want to switch their apps over to Microsoft Graph (from Azure AD Graph). Additionally, we'll do it in such a way that existing users for your applications won’t need to re-consent to your application to access directory data through Microsoft Graph.


If Azure AD Graph endpoints will stop responding then how will ADAL still be working for existing apps?
I do understand that no support will be provided post June 2022 for ADAL or Azure AD Graph APIs but does that mean that if we are calling above mentioned endpoints then we will stop getting response from those endpoints?

If there is a document with list of APIs that will be deprecated then please provide that as well, it will be really helpful.
Also is there any way for us by which we can test the response from deprecated APIs or any environment which would have already deprecated these APIs so that we can test out existing applications against it.




azure-ad-adal-deprecation
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered Ruchi-0056 commented

Hi @Ruchi-0056,

The product team has replied that only non-Microsoft API's will stop receiving responses. We will continue to respond to requests to graph.windows.net but other 3rd party apps will no longer have support.

For our 1st party apps we will bring the complete parity. Microsoft Graph PowerShell also has all the AAD Graph functionality at a REST protocol level, but you still have to migrate within the next six months.

Let me know if this helps at all.

Thanks,

Marilee

· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Ruchi-0056 avatar image Ruchi-0056 ·

Thanks for clarifying it Marilee, though I have another question unrelated to above one.
If we have existing MultiTenant Applications with following permissions already authorised by a Tenant admin 164691-screenshot-2022-01-13-at-120641-pm.png
Will a the Tenant have to reauthorise if we add similar Microsoft API Permissions to the existing MultiTenant application?

0 Votes 0 ·
screenshot-2022-01-13-at-120641-pm.png (208.4 KiB)