Microsoft Entra Application Permissions

Veeam Backup for Microsoft 365 requires that you grant permissions to Microsoft Entra applications within the following usage scenarios:

Permissions of the Microsoft Entra application depend on the authentication method used for a Microsoft 365 organization. For more information about permissions for Microsoft organizations with modern app-only authentication, see Permissions for Modern App-Only Authentication.

Note

Since Microsoft deprecated basic authentication and legacy authentication protocols, you cannot add new Microsoft 365 organizations to Veeam Backup for Microsoft 365 using modern authentication method with legacy protocols allowed. However, you can continue to use Veeam Backup for Microsoft 365 to back up and restore data of Microsoft 365 organizations that were added to previous installations of the product using this authentication method. For more information about permissions that must be granted to Microsoft Entra applications, see Permissions for Modern Authentication and Legacy Protocols.

If you allow users to perform self-service restore using Restore Portal, they will authenticate to the portal with their Microsoft 365 user account credentials. To ensure such authentication, a Microsoft Entra application must be configured. Veeam Backup for Microsoft 365 automatically grants the required permissions to this Microsoft Entra application or you can grant permissions manually. For more information, see the following sections:

You can optionally use the Azure archiver appliance when Veeam Backup for Microsoft 365 copies backed-up data between different instances of Azure Blob Storage or to Azure Blob Storage Archive. To enable usage of the Azure archiver appliance, the Microsoft Azure service account is required. You must assign the required roles to a user account that you use to create a Microsoft Entra application for the Microsoft Azure service account. Veeam Backup for Microsoft 365 automatically grants the required permissions to this Microsoft Entra application or you can grant permissions manually. For more information, see the following sections:

For more information about Microsoft Graph permissions, see this Microsoft article.

Page updated 8/22/2024

Page content applies to build 8.0.5.20