This section describes how to revoke the access of Cloud Email and Collaboration
Protection to Microsoft 365 services, including Exchange Online, Exchange Online (Inline Mode),
SharePoint Online, OneDrive, Microsoft Teams (Teams and Chat).
The steps outlined below detail how to revoke access to a Microsoft 365 service.
Procedure
- Choose .
- (Optional) Record the App Id under the corresponding service account if you revoke access to SharePoint Online, OneDrive, or Microsoft Teams (Teams). You may need it in step 8.
- Select a Microsoft 365 service account, for example, an Exchange Online account, and
click Remove.Be cautious when revoking access to Exchange Online. The following supported Cloud Email and Collaboration Protection automation APIs will not work after the Exchange Online service account is removed: Threat Investigation, Threat Mitigation, Threat Remediation.
- On the Remove <Microsoft 365 Service Name> Service Account screen that appears, click OK.If the service account is a Delegate Account, Cloud Email and Collaboration Protection requests Microsoft 365 to verify the selected service account.
-
If the service account is valid, proceed to the next step.
-
If the service account is invalid, choose to cancel the operation or forcibly remove your data generated in Cloud Email and Collaboration Protection as instructed.
Note
Global Administrator privileges are required for removing service accounts.If your account does not have required privileges, specify the Global Administrator credentials as instructed and click OK.Cloud Email and Collaboration Protection starts to remove the selected service account. -
- Click the Details link in the
Status column to check the progress.The Remove <Microsoft 365 Service Name> Service Account screen appears, showing all the steps involved, the status of each step, and the estimated time left.
- After checking the detailed information, click Close to close the screen.
- Wait for some time and manually refresh your console.
-
If the selected service account is successfully removed, it disappears from the Service Account screen.
-
If Cloud Email and Collaboration Protection fails to remove the selected service account, you still have the option to forcibly remove your data generated in Cloud Email and Collaboration Protection as instructed.
-
- (For SharePoint Online, OneDrive, and Microsoft Teams) Open
{sharepoint_admin_site}/_layouts/15/TA_AllAppPrincipals.aspx,
find the application with name Trend Micro Cloud App
Security and the App Identifier
associated with the service which you are revoking access to, and then click
x in the front.The App Identifier for each service is the one you copied and pasted in the App Id field when granting access. If you forgot the App Id, refer to the information you recorded in step 2.
- Manually clean up the remaining data.For details, see Changes made under inline protection for Exchange Online (Inline Mode) or Changes made under API-based protection for other services.