Introduction
Beginning with DeliverPoint 5.0.0.0 (February 2025), we added the ability to run Audit reports, making use of the new (beta) Microsoft Graph API endpoint to query Microsoft Purview audit logs. To enable this feature, a Global Administrator must approve the AuditLogsQuery.Read.All Graph API permission.
Most Graph API permissions can be approved from the API Access page of the SharePoint Admin Center. However, as of February 2025, this particular Graph API permission can only be approved from within the Entra portal. Instructions for doing this are below. NOTE: After following this procedure, this permission will still appear as Pending on the API Access page, but it really has been approved.
Navigate to the API Permissions page
Beginning in the M365 Admin Center, here's how to access the necessary API Permissions page in Entra:
Select the Identity Admin Center:
Once in the Entra portal, select App registrations under Applications:
Change tabs from Owned applications to All applications, and then click to open the SharePoint Online Client Extensibility Web Application Principal application.
Open the page to Manage API permissions:
Add and approve the required permission
1. Add a permission
2. Select Microsoft Graph as the API
3. Choose Delegated permissions
4. Search for AuditLogsQuery.Read.All, tick the box to select it, and click Add permissions.
You should now see that it's been added to the list of Configured permissions
5. Click to Grant admin consent for [Your org]
You should now see that the Status shows as Granted:
An account with the required permissions will now be able to run DeliverPoint Audit Reports. See how in this article.