KB 10077 Microsoft.Graph.ServiceException: Code: Authorization_IdentityNotFound

Owned by Adam Spinek
Mar 22, 2023
1 min read

KB ID: 10077

Product: Storware Backup & Recovery

Version: 5.0.0, 5.1.0, 5.1.1

Published: 2022-03-22

Last modified: 2022-03-22

Problem

During the backup of MS Teams, there are errors in cloud agent logs:

2022-10-10 11:59:39.625 [FTL] [taskId=11552a99-5077-48d9-b52f-cbdc085caf3e] [threadId=19] ExchangeMailboxBackupTask -> ExecuteTaskAsync has thrown an exception Status Code: Unauthorized Microsoft.Graph.ServiceException: Code: Authorization_IdentityNotFound Message: The identity of the calling application could not be established. Inner error: AdditionalData: date: 2022-10-10T11:59:39 request-id: fe9235b2-5be8-4679-91cc-2ac948affd55 client-request-id: fe9235b2-5be8-4679-91cc-2ac948affd55 ClientRequestId: fe9235b2-5be8-4679-91cc-2ac948affd55 at Microsoft.Graph.SimpleHttpProvider.SendAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken) at Microsoft.Graph.BaseRequest.SendRequestAsync(Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption) at Microsoft.Graph.BaseRequest.SendAsync[T](Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption) at Microsoft.Graph.GraphServiceUsersCollectionRequest.GetAsync(CancellationToken cancellationToken) at CloudAgent.Core.Office365.Providers.MSGraphProvider.GetUsersListAsync() in /opt/teamcity/buildAgent/work/e09e33f60b38875f/src/CloudAgent.Core/Office365/Providers/MSGraphProvider.cs:line 83 at CloudAgent.Core.Office365.Providers.MSGraphProvider.GetUserByIdAsync(String id, String email) in /opt/teamcity/buildAgent/work/e09e33f60b38875f/src/CloudAgent.Core/Office365/Providers/MSGraphProvider.cs:line 61 at CloudAgent.Core.Office365.Features.Exchange.ExchangeMailboxBackupTask.ExecuteTaskAsync(IOffice365TaskDetails task, IPubliccloudRestService cloudRestService, Configuration configuration) in /opt/teamcity/buildAgent/work/e09e33f60b38875f/src/CloudAgent.Core/Office365/Features/Exchange/ExchangeMailboxBackupTask.cs:line 131

Solution

Permission for TeamsApp.ReadWrite.All have been removed from GraphAPI. This permission has been removed from the setup assistant in vprotect-server-5.1.0-54. For existing applications, remove this permission manually:

  • Go to portal.azure.com and log in as the organization administrator.

  • Go to "Manage Azure Active Directory".

  • On left menu select "App registrations".

  • In Owned applications find app used by Storware Backup & Recovery and click on it.

  • On left menu select "API permissions".

  • Find permission "eb6b3d76-ed75-4be6-ac36-158d04c0a555" and remove it by clicking on 3 dots and selecting "Remove permission".

  • Confirm.

  • Scroll up and find button "Grant admin consent for $your_org_name". Click on it and confirm.

  • After information "Successfully granted admin consent for the requested permissions." your application will work properly.