Blocking Azure AD Permissions

Disconnect Azure AD from Trend Vision One apps by blocking permissions granted to an app or group of apps.

If you no longer want to integrate Azure AD with an app or group of apps, you can block the permissions to effectively disconnect Azure AD from the specified apps. Blocking permissions disconnects Azure AD from the apps but does not delete or revoke the permissions in Azure AD. To delete the permissions in Azure AD, you must delete the associated enterprise application (see step 4).

  • Blocking Azure AD permissions can negatively impact the functionality of associated apps. Blocking permissions can limit the insights provided by associated apps, and you may lose the ability to perform account-related actions, such as mobile device authentication, disabling user accounts, and forcing password reset.

  • Blocking Azure AD permissions for Risk Insights and Email Account Inventory also affects Office 365 integration as a data source in Risk Insights.

  1. In the Azure AD screen, locate the Azure AD tenant and the associated app that you want to disconnect.
  2. Click Block permissions in the Status column.
  3. Click Block.
  4. If you need to delete the permissions in Azure AD, perform the following steps.
    1. Copy the application ID.
    2. In Azure AD, use the application ID to locate the enterprise application associated with the app or group of apps.
    3. Delete the enterprise application.
    For more information, see the Azure AD documentation.

    To connect Azure AD with the associated apps and grant permissions again, click Grant permissions.