We need to set the permissions for the Azure AD server application to be able to access the users in the Azure AD. Perform the following steps:
- Select Settings and go to Required permissions:
- Click on Add and go to Select an API:
- Select Microsoft Graph:
- Allow the application to read the AAD data:
- Under Application Permissions, place a checkmark next to Read directory data:
- Allow DELEGATED PERMISSIONS so that the application can read directory data on behalf of the user:
- Under DELEGATED PERMISSIONS, place a checkmark next to Sign in and read user profile and Read directory data: