June 28th Update: Accept the one-time permissions request when logging in via Microsoft SSO
Comments
-
@TE_MN - Is there any way you can share a screenshot of your API permissions so that our team can check if you granted access to the correct API changes for the Microsoft Graph API User.Read permissions? It should look something like the screenshot below.
-
Hello!
Am I understanding correctly that if an Azure Admin grants admin consent through the Azure Portal, the users will not have to accept when logging into SmartSheet on or after 6/28?
Thank you!
-
I think this reply may answer by previous comment, but I just want to confirm that if an Azure Admin consents through the Portal. Will end-users still need to consent on their end?
Thank you!
-
will continuously to use smartsheet
-
How can I know what users received the advanced notice email? I there a way I can run that report? I am a SS System Admin. Thanks.
-
@stevenwagner - if the Azure Admin consents on behalf of the organization before the migration scheduled to happen on June 28th, then end users will NOT receive a prompt to accept any permissions when they attempt to log into Smartsheet using Microsoft SSO after the deprecation takes place.
If this step didn't happen then any customers logging in via Microsoft SSO will be shown the permissions consent form. Please note, this is something that Microsoft is promoting and Smartsheet has no control over. If the Azure Admin provides org-wide consent, then any new individuals logging in will not see the permissions consent form.
Please let me know if you have any questions.
-
Thank you! So if I content on behalf of the organization today, our users should not see the consent message tomorrow?
-
This screenshot appears to be from the App Registrations blade, rather than the Enterprise Applications one. Smartsheet is not listed in my App Registrations, only in Enterprise Applications. Does it need to be added there to give Graph API permissions?
-
I love the communication that we receive on any new updates or push outs.
-
@Julie B - Please use the user list report in the Admin Center and filter down the list based on users who logged in to Smartsheet in the last 60 days. These users should have received the email from us.
-
Sorry, if this has been asked.
Is this for Smartsheet or for Smartsheet Resource Management? we have both in Enterprise admins page?
-
@TE_MN - I checked with the team and they said: The ability to consent through the Azure AD Portal varies if the application is registered through app registration vs if the Smartsheet app is added through the marketplace.
If it is done through app registration, the steps will be the same as those communicated in the main Community post above, but if the app is added through the marketplace, Admins won't see the API right away. When they click the "grant admin consent" button, Admins will get a consent screen with the new API and once they refresh they will be able to see both the APIs (the old Azure AD Graph API and the new Microsoft Graph API).
Please see the detailed steps below:
Step one - Click the button to grant admin consent on this screen.
Step 2 - Accept the permissions consent box.
Step 3 - Refresh your screen (you may have to do it 2-3 times) till the new APIs appear.
Alternatively, Admins can do this by just logging into Smartsheet through Microsoft SSO after the deprecation occurs if they do not want to do this through the Azure portal.
Let me know if you have any questions!
-
Thanks for your reply. When I run the User list report in the Admin Center, only brings licensed users or users who used to be licensed users (we have a Business Plan). We know of users who do not show on this report who received the advanced notice email (unlicensed users who have Viewer or Editor access to SS objects).
-
I am not receiving the Azure Microsoft email consent. What do I do now to receive consent so I can enter my workspaces?
-
Following the instructions to consent and use the new Microsoft GraphAPI, we need to remove the old Windows Azure Active Directory API as it no longer supports it. What is SmartSheet’s recommendation to revoke and remove the permission in the Azure AD application registration? We do not want to reinstall or leave the old permission as revoked, we want to remove the legacy API without interruption.
Below is the current API configuration:
Categories
- All Categories
- 14 Welcome to the Community
- Smartsheet Customer Resources
- 64.2K Get Help
- 419 Global Discussions
- 221 Industry Talk
- 461 Announcements
- 4.8K Ideas & Feature Requests
- 143 Brandfolder
- 142 Just for fun
- 58 Community Job Board
- 462 Show & Tell
- 32 Member Spotlight
- 1 SmartStories
- 299 Events
- 38 Webinars
- 7.3K Forum Archives
