I want to set up the Microsoft 365 Service Status sensor or the Microsoft 365 Service Status Advanced sensor to monitor the status of the services of a Microsoft 365 subscription.
For these sensors to work, I have to define credentials for Microsoft 365 in my PRTG installation and set permissions for Microsoft Graph.
Where do I get these credentials? How do I set the required permission?
Created on Aug 18, 2020 5:58:19 AM by
Last change on Nov 12, 2021 9:56:56 AM by
16 Replies
This article applies as of PRTG 22
Before you can set up the Microsoft 365 Service Status sensor or the Microsoft 365 Service Status Advanced sensor, you need to define credentials for Microsoft 365 in the settings of a parent object.
The credentials you need are the Tenant ID, the Client ID, and the Client Secret. You obtain the credentials in the Microsoft Azure Portal. There you can also set the permission that the Microsoft 365 sensors require to read data from Microsoft Graph.
The following step-by-step guide shows you how to obtain the necessary credentials and how to set the required API permission.
Log in to the Microsoft Azure Portal under https://portal.azure.com and follow the steps below:
Take the following steps to register your application with Azure AD to be assigned a client ID.
Take the following steps to create an application password, also known as client secret.
Take the following steps to set the required permission for the Microsoft 365 sensors to be able to query data from Microsoft Graph.
Take the following steps to authorize the new application.
https://login.microsoftonline.com/{your_tenant_ID}/adminconsent?client_id={your_client_ID} and click Accept to accept the request.
Note: It can take up to a few minutes until the authorization was processed.
You can now create the Microsoft 365 Service Status sensor and the Microsoft 365 Service Status Advanced sensor.
Created on Aug 18, 2020 6:05:28 AM by
Last change on Mar 4, 2022 7:12:27 AM by
Do you have a PRTG step by step guide on how to do this? The Microsoft.com docs are WAY to generic to be of ANY value.
At the moment, there is no step by step guide.
Kind Regards,
Matthias Kupfer
Created on Aug 26, 2020 11:30:19 AM by
https://team-debold.de/2016/07/22/prtg-office-365-status-ueberwachen/
here is an step by step guide
i try this today and it still works for the new sensor !
Created on Aug 28, 2020 8:29:20 AM by
Hi,
Microsoft's doc has been updated recently and yet the screenshots are still from an old version of the AAD management console ...
Anyway, I've done it all (client ID, tenant ID, secret, api permissions) and yet I'm still getting a 401 unauthorized with this sensor ...
Please check again if you have set the permissions as described in the article How do I set permissions for the Office 365 Management APIs. If the permissions do not look like the ones shown in the screenshot in the article, please use the "Add a permission" button to add them.
Kind regards,
Sasa Ignjatovic, Tech Support Team
Created on Sep 16, 2020 9:19:13 AM by
Please create a better guide how to use this sensor. It's quite difficult to go thru your documentation.
Created on Oct 19, 2020 3:34:10 PM by
Thank you for your feedback.
Currently this is the only guide we have on how to set up credentials for Azure AD, however we will try to improve it so that it is easier to follow.
Kind regards,
Sasa Ignjatovic, Tech Support Team
Created on Oct 20, 2020 5:33:39 AM by
I followed these steps but ran into this error when performing: Step 4: Authorize the new application
ERROR: AADSTS500113: no reply address is registered for the application
There is one final step missing: - Under "Authentication," you need to click on "Add a platform" - You then choose the "Web" box - In the Redirect URIs box, need to add the first part of the URL string that was listed in step 4: i.e. https://login.windows.net
Once you add this in and save, then the authorisation works fine
Created on Dec 23, 2020 4:47:40 AM by
Hello
In Step 4 you need to browse to the URL https://login.windows.net/common/oauth2/authorize?response_type=code&resource=https%3A%2F%2Fmanage.office.com&client_id={your_client_id}
But when I use the client ID I get the following error:
AADSTS70001: Application with identifier 'xxxxxxx' was not found in the directory abc.onmicrosoft.com
However a third party forum and user question pointed me in the right direction and suggested that {your_client_id} should be replaced by the AppPrincipalId and not the secret client ID. You can find the application ID via powershell by running the command(s):
(Connect-MsolService) Get-MsolServicePrincipal
Or in the M365 GUI in the overview page of the app registration you created...
Probably a stupid mistake but I'm just posting this here so others don't make the same mistake as I did :)
Created on Feb 9, 2021 10:19:14 AM by
Last change on Feb 9, 2021 11:53:07 AM by
Hello - Had the hardest time getting the Office365 sensor working. Tenet ID, Client ID and Client Secret all matched with what we had in the portal. Turns out we needed the VALUE of the Secret ID. Not the Secret ID designation.
Click on this link and scroll to the bottom to see the real value to put in the "Credentials for Microsoft 365"
We also had trouble loggin in. sign-in error code 7000215 We were successful using "Value" instead of "Secret IT" as a Client Secret. Hope that helps anyone.
But I still have problems with a few sensors, e.g. "Microsoft 365 Service Status" => invalid map<K
Created on Jun 9, 2021 4:19:55 PM by
Last change on Jun 10, 2021 7:20:10 AM by
@idivitj Thank you for sharing your solution. :)
@bsc This is a known issue, and we are working on a solution for this. A fix for this is planned to be released in the PRTG version 21.x.69 (coming in July).
Kind regards,
Sasa Ignjatovic, Tech Support Team
Created on Jun 10, 2021 6:02:35 AM by
Hello, i'm getting this error random when collecting sensor data: The request has failed. Request failed: HTTP request was not successful: 500: Internal Server Error
Sometimes it shows the state of the sensor, sometimes this error.
Any ideas?
Created on Aug 18, 2021 6:23:54 AM by
Step 4. Authorise the permissions for Graph wasn't working for me using the link. "https://login.windows.net/common/oauth2/authorize?response_type=code&resource=https%3A%2F%2Fmanage.office.com&client_id={your_client_id}". I was able to authorize the permission in the azure console. Using the control "Grant admin consent for .... " under API permissions.
Created on Dec 30, 2021 11:18:25 PM by
As per psionix above, the URL is not correct for the Microsoft Graph API permissions because it is this is no longer using the Office 365 Management API. You will need to grant consent as mentioned above or, try this URL to grant Organisation consent - https://login.microsoftonline.com/{tenant-id}/adminconsent?client_id={client-id}
Please log in or register to enter your reply.
Add comment