For customers who have provisioned a Delegate Account for the SharePoint Online and OneDrive services, Cloud App Security now supports migrating the customers to a modern authentication based Authorized Account for protection.
Trend Micro recommends that customers currently with a Delegate Account complete the migration as early as possible.
Before migration to use token-based authentication is successful, Cloud App Security continues to protect your SharePoint Online and OneDrive services by using the current basic authentication.
Click Click here in the upper left of the Dashboard screen.
If you are still using the SharePoint Online or OneDrive service with a Delegate Account, the Click here link is available on the Dashboard screen, allowing you to migrate from using basic authentication to using token-based authentication to better protect your SharePoint Online or OneDrive service.
Go to Administration > Service Account, and then click Migration Available under Status of the SharePoint Online service account.
The Migrate to Use Authorized Account screen appears.
If you have provisioned the Delegate Account only for the SharePoint Online service, the Migrate to Use Authorized Account screen shows a four-step procedure for migrating to use Authorized Account for SharePoint Online; if you have provisioned the Delegate Account only for the OneDrive service, the screen shows a three-step procedure for migrating to use Authorized Account for OneDrive; if you have provisioned the Delegate Account for both services, the screen shows the procedure for SharePoint Online first, and then the procedure for OneDrive after you complete the procedure for SharePoint Online.
Here it is assumed that you have provisioned the Delegate Account for both services.
The Microsoft logon screen appears.
The message "Are you sure you have followed the instructions for step 2 to grant Cloud App Security permissions to receive notifications from Microsoft for real-time scanning on your SharePoint Online sites? Cloud App Security cannot receive notifications from Microsoft for real-time scanning on your SharePoint Online sites if you do not grant the permissions." appears.
The Migrate to Use Authorized Account screen for the OneDrive service appears.
The Microsoft logon screen appears.
The message "Are you sure you have followed the instructions for step 2 to grant Cloud App Security permissions to receive notifications from Microsoft for real-time scanning on your OneDrive sites? Cloud App Security cannot receive notifications from Microsoft for real-time scanning on your OneDrive sites if you do not grant the permissions." appears.
Cloud App Security then updates the SharePoint Online and OneDrive data in your organization. The time required depends on how much data you have in SharePoint Online and OneDrive.
If the message "Migrated to use Authorized Account for SharePoint Online" or "Migrated to use Authorized Account for OneDrive" appears, the migration is successful. Cloud App Security will protect your SharePoint Online and OneDrive services using token-based modern authentication through the provisioned Authorized Account.
The Delegate Account Cleanup and Delegate Account cleanup for SharePoint Online (or Delegate Account cleanup for OneDrive) links are available only if the Delegate Account that you previously use is not assigned to the Global Administrator role.
Go to Administration > Service Account and view the account name for SharePoint Online and OneDrive.
Log on to your Microsoft 365 admin center.
Go to Users > Active users, and then locate and select the Delegate Account to delete the account.