Skip to main content
All CollectionsInspectorsMicrosoft 365
M365 | Inspector Failing due to Error 403
M365 | Inspector Failing due to Error 403

M365 failed, M365 Error 403

Updated over 4 months ago

Issue:

We have identified an issue affecting some partners where the M365 inspector fails due to the following error:

Inspection failed at https://graph.microsoft.com/v1.0/users?$select=id,accountEnabled,assignedLicenses,city,createdDateTime,department,displayName,givenName,jobTitle,mail,mailNickname,officeLocation,onPremisesDomainName,onPremisesLastSyncDateTime,onPremisesSamAccountName,onPremisesSyncEnabled,passwordPolicies,passwordProfile,proxyAddresses,surname,usageLocation,userPrincipalName,userType,isResourceAccount,onPremisesDistinguishedName,onPremisesImmutableId,onPremisesProvisioningErrors,onPremisesSecurityIdentifier,onPremisesUserPrincipalName,otherMails,mailFolders,ownedDevices,registeredDevices,signInActivity with status code 403: Request failed with status code 403. This is a problem with your permissions within the target system, not the Liongard inspector.

Root Cause:

The error is typically caused by a "duplicate" child inspector that shares the same Azure/Entra tenant ID as the parent M365 inspector. When the child inspector runs, it can overwrite the permissions of the Liongard Enterprise App, causing the app permissions to change from "Application" to "Delegated." This change in permissions leads to the 403 error.

Solution:

To resolve this issue, follow these steps:

  1. Reauthenticate the Parent M365 Inspector:

    • Reauthenticating the parent inspector should allow the inspector and all child inspectors to run successfully, at least temporarily.

    • Note: The error is likely to return unless the underlying issue is resolved.

  2. Identify the Duplicate Child Inspector:

    • Locate the child inspector that shares the same Azure/Entra tenant ID as the parent M365 inspector.

  3. Disable or Delete the Duplicate Inspector:

    • Disable or delete the child inspector to prevent it from overwriting the Liongard Enterprise App permissions.

Additional Notes:

  • After disabling or deleting the duplicate inspector, monitor the M365 inspectors to ensure they run successfully without encountering the 403 error again.

  • If the issue persists or you need further assistance, please contact Liongard support.

Did this answer your question?