Create customized Azure AD program for Restore Portal
<h3> <span id="Introduction"> Launch </span> </h3>
With the discharge of Veeam Backup for Microsoft 365 version 6, a self-support offers been added by us restore portal. The restore portal presents authentication via OAuth2 at the organization’s Azure Advertisement and therefore requires a secure link between both of these services.
This article is targeted on environments where in fact the backup administrator doesn’t have global permissions in Azure AD to create the required application registration for the restore portal of Veeam Backup for Microsoft 365 utilizing the built-in wizard. Azure Advertisement administrators may use the described measures to manually get ready and create the application form registration alongside the backup administrator.
Please read all tips before proceeding carefully.
The recommended solution to set up the application form registration would be to leverage the wizard included in Veeam Backup for Microsoft 365 .
<h3> <span id="Prepare_the_Enterprise_Application_in_Azure_AD"> Prepare the Enterprise Program in Azure Advertisement </span> </h3>
This right part should be carried out by the Azure AD administrator.
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture1.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="560" height="286" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture1.png" alt class="wp-image-147044 lazyload" loading="lazy" /> <img width="560" height="286" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture1.png" alt class="wp-image-147044" data-eio="l" /> </a> </figure> </div>
Supply the new application the self-speaking name and choose “Register a credit card applicatoin to incorporate with Azure AD (Application you’re developing)”:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture2.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="567" height="354" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture2.png" alt class="wp-image-147058 lazyload" loading="lazy" /> <img width="567" height="354" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture2.png" alt class="wp-image-147058" data-eio="l" /> </a> </figure> </div>
Select “Accounts in virtually any organizational directory (Any Azure AD directory – Multitenant)” for the supported account varieties and put in a single-web page app (SPA) as redirection for the portal server. . Extra redirect URLs can later on be added.
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture3.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="418" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture3.png" alt class="wp-image-147072 lazyload" loading="lazy" /> <img width="605" height="418" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture3.png" alt class="wp-image-147072" data-eio="l" /> </a> </figure> </div>
Switch to the dependent App sign up:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture4.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="336" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture4.png" alt class="wp-image-147086 lazyload" loading="lazy" /> <img width="605" height="336" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture4.png" alt class="wp-image-147086" data-eio="l" /> </a> </figure> </div>
Note the application form ID since this is needed afterwards in Veeam Back-up for Microsoft 365 :
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture5.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="232" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture5.png" alt class="wp-image-147100 lazyload" loading="lazy" /> <img width="605" height="232" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture5.png" alt class="wp-image-147100" data-eio="l" /> </a> </figure> </div>
If additional redirect URLs are needed, they may be added on the Authentication web page:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture6.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="286" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture6.png" alt class="wp-image-147114 lazyload" loading="lazy" /> <img width="605" height="286" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture6.png" alt class="wp-image-147114" data-eio="l" /> </a> </figure> </div>
In the Advanced configurations on the “Authentication” page, you have to enable “Enable the next cellular and desktop flows:”
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture7.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="161" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture7.png" alt class="wp-image-147128 lazyload" loading="lazy" /> <img width="605" height="161" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture7.png" alt class="wp-image-147128" data-eio="l" /> </a> </figure> </div>
Choose the “Certificates and strategies” web page and upload the certificate (public major) you intend to use because of this application. If you want to employ a self-signed certificate developed by Veeam Back-up for Microsoft 365 , skip this task for now. A later area shall discuss how exactly to use the self-signed certificate.
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture8.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="319" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture8.png" alt class="wp-image-147142 lazyload" loading="lazy" /> <img width="605" height="319" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture8.png" alt class="wp-image-147142" data-eio="l" /> </a> </figure> </div>
Choose the “Expose an API” web page to include a scope. The “Put in a scope” wizard shall offer an “App ID URI,” and this must be accepted unchanged:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture9.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="170" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture9.png" alt class="wp-image-147156 lazyload" loading="lazy" /> <img width="605" height="170" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture9.png" alt class="wp-image-147156" data-eio="l" /> </a> </figure> </div>
Set the scope title to “access_as_user” and offer display names and descriptions:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture10.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="251" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture10.png" alt class="wp-image-147170 lazyload" loading="lazy" /> <img width="605" height="251" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture10.png" alt class="wp-image-147170" data-eio="l" /> </a> </figure> </div>
Visit the “API permissions” web page and put in a permission for the exposed API simply by selecting the API…
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture11.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="201" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture11.png" alt class="wp-image-147184 lazyload" loading="lazy" /> <img width="605" height="201" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture11.png" alt class="wp-image-147184" data-eio="l" /> </a> </figure> </div>
… and enabling the “gain access to_as_user” permission:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture12.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="432" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture12.png" alt class="wp-image-147198 lazyload" loading="lazy" /> <img width="605" height="432" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture12.png" alt class="wp-image-147198" data-eio="l" /> </a> </figure> </div>
After that select “Grant admin consent for …”:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture13.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="173" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture13.png" alt class="wp-image-147212 lazyload" loading="lazy" /> <img width="605" height="173" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture13.png" alt class="wp-image-147212" data-eio="l" /> </a> </figure> </div>
<h3> <span id="Enabling_the_restore_portal_in_Veeam_Backup_for_Microsoft_365"> Enabling the restore portal in Veeam Back-up for Microsoft 365 </span> </h3>
This right part should be completed by the backup administrator.
Open the General Choices in Veeam Backup for Microsoft 365 :
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture14.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="257" height="267" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture14.png" alt class="wp-image-147226 lazyload" loading="lazy" /> <img width="257" height="267" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture14.png" alt class="wp-image-147226" data-eio="l" /> </a> </figure> </div>
In the overall Options, visit the REST API tab and allow the ongoing service, since this is actually the basic services for the Regain Portal to connect to the Veeam Backup for Microsoft 365 Server.
THE OTHERS service may also be set up on another host , which may be the suggested architecture for multitenant conditions.
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture15.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="445" height="580" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture15.png" alt class="wp-image-147240 lazyload" loading="lazy" /> <img width="445" height="580" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture15.png" alt class="wp-image-147240" data-eio="l" /> </a> </figure> </div>
A self-signed certificate could be created or perhaps a prepared one selected through the “Install…” button:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture16.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="588" height="421" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture16.png" alt class="wp-image-147254 lazyload" loading="lazy" /> <img width="588" height="421" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture16.png" alt class="wp-image-147254" data-eio="l" /> </a> </figure> </div>
Select “Apply” and change to the “Authentication” tab.
In the Authentication tab, enable the recover operator authentication:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture17.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="445" height="580" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture17.png" alt class="wp-image-147268 lazyload" loading="lazy" /> <img width="445" height="580" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture17.png" alt class="wp-image-147268" data-eio="l" /> </a> </figure> </div>
As before, whilst enabling the others service, reuse the certificate or develop a new 1. As a best exercise, work with a separate certificate for each use case.
Visit the Recover Portal tab, allow it and provide the application form ID noted inside the steps above while preparing the Enterprise Application sign up in Azure AD:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture18.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="445" height="580" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture18.png" alt class="wp-image-147282 lazyload" loading="lazy" /> <img width="445" height="580" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture18.png" alt class="wp-image-147282" data-eio="l" /> </a> </figure> </div>
Ignore the “Create…” substitute for take up a wizard, since that is about the guide way of establishing the Azure AD software. In general, we recommend utilizing the wizard when possible still.
Develop a self-signed certificate or even select a prepared a single with the “Install…” button.
If you have your personal certificate prepared, this should be the certificate (personal key) to one that has been put into the Azure AD program registration in the preparing steps above.
In the event that you used the self-signed substitute for develop a new certificate, start to see the actions in the “Export and upload certificate” area below to include it to the Azure AD app.
After closing the overall Choices with “OK,” the Portal Service will undoubtedly be enabled and will be accessed through the URLs supplied in the Azure AD applications redirection settings.
Open a browser and make use of your URL to gain access to the restore portal:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture19.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="361" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture19.png" alt class="wp-image-147296 lazyload" loading="lazy" /> <img width="605" height="361" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture19.png" alt class="wp-image-147296" data-eio="l" /> </a> </figure> </div>
When logging within, you will end up redirected to the OAuth authentication from Azure AD to authenticate:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture20.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="473" height="393" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture20.png" alt class="wp-image-147310 lazyload" loading="lazy" /> <img width="473" height="393" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture20.png" alt class="wp-image-147310" data-eio="l" /> </a> </figure> </div>
If MFA is enabled for an individual, this is handled through Azure Advertisement aswell and is transparent for Veeam Back-up for Microsoft 365 :
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture21.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="457" height="375" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture21.png" alt class="wp-image-147324 lazyload" loading="lazy" /> <img width="457" height="375" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture21.png" alt class="wp-image-147324" data-eio="l" /> </a> </figure> </div>
Following a successful authentication, an individual will undoubtedly be redirected to the initially opened URL and the bring back portal may be used:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture22.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="125" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture22.png" alt class="wp-image-147338 lazyload" loading="lazy" /> <img width="605" height="125" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture22.png" alt class="wp-image-147338" data-eio="l" /> </a> </figure> </div>
<h3> <span id="Export_and_upload_certificate"> Export and upload certification </span> </h3>
This right part should be performed in cooperation by the backup administrator and Azure AD administrator.
If the choice was used by one to develop a self-signed certificate for the restore portal, you should export the general public key which to the Azure Advertisement application registration upload.
Open the certificate administration on the Veeam Backup for Microsoft 365 server and discover the desired certificate:
<div class="wp-block-image"> <figure class="aligncenter size-full is-resized"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture23.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture23.png" alt class="wp-image-147352 lazyload" width="605" height="187" loading="lazy" /> <img src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture23.png" alt class="wp-image-147352" width="605" height="187" data-eio="l" /> </a> </figure> </div>
Right-click in the certificate and choose “All Duties” -> “Export…:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture24.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="590" height="218" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture24.png" alt class="wp-image-147366 lazyload" loading="lazy" /> <img width="590" height="218" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture24.png" alt class="wp-image-147366" data-eio="l" /> </a> </figure> </div>
Click Next twice right after reading the wizard instruction and the choice never to export the private essential:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture25.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="528" height="491" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture25.png" alt class="wp-image-147380 lazyload" loading="lazy" /> <img width="528" height="491" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture25.png" alt class="wp-image-147380" data-eio="l" /> </a> </figure> </div>
Select “DER encoded…” or even “Base-64-encoded…” because the output format:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture26.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="535" height="523" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture26.png" alt class="wp-image-147394 lazyload" loading="lazy" /> <img width="535" height="523" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture26.png" alt class="wp-image-147394" data-eio="l" /> </a> </figure> </div>
Give a file name where the public key ought to be exported and complete the export wizard:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture27.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="510" height="198" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture27.png" alt class="wp-image-147408 lazyload" loading="lazy" /> <img width="510" height="198" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture27.png" alt class="wp-image-147408" data-eio="l" /> </a> </figure> </div>
In Azure AD, visit the “Certificates & techniques” page of the application form sign up for the restore portal and upload the exported certification file:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture28.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="174" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture28.png" alt class="wp-image-147422 lazyload" loading="lazy" /> <img width="605" height="174" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture28.png" alt class="wp-image-147422" data-eio="l" /> </a> </figure> </div>
The certificate should now be observed in the list:
<div class="wp-block-image"> <figure class="aligncenter size-full"> <a href="https://infracom.com.sg/wp-content/uploads/2022/06/Picture29.png" data-wpel-link="internal" target="_blank" rel="follow noopener"> <img width="605" height="120" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture29.png" alt class="wp-image-147436 lazyload" loading="lazy" /> <img width="605" height="120" src="https://infracom.com.sg/wp-content/uploads/2022/06/Picture29.png" alt class="wp-image-147436" data-eio="l" /> </a> </figure> </div>
<h3> <span id="Conclusion"> Bottom line </span> </h3>
This complete procedure has given the data to set up the required application registration in Azure AD for the restore portal of Veeam Backup for Microsoft 365 without needing the built-in wizard. For more info please start to see the Veeam Helpcenter web pages or get in touch with our assistance .
<h3> <span id="Appendix_A_-_Azure_AD_App_registration_JSON_Manifest"> Appendix A - Azure Advertisement App sign up JSON Manifest </span> </h3>
may be the JSON Manifest for the developed Azure AD Software registration. All Identifiers, IDs and keys have already been anonymized with “ANYTHING”. This JSON manifest could possibly be used by Azure Advertisement administrators to create the application form registration after being altered to the average person needs and identifiers.
<em> </em>
<em> “id”: “Everything”, </em>
<em> “acceptMappedClaims”: null, </em>
<em> “accessTokenAcceptedVersion”: null, </em>
<em> “addIns”: [], </em>
<em> “allowPublicClient”: genuine, </em>
<em> “appId”: “ANYTHING”, </em>
<em> “appRoles”: [], </em>
<em> “oauth2AllowUrlPathMatching”: fake, </em>
<em> “createdDateTime”: “2022-05-02T12:45:45Z”, </em>
<em> “explanation”: null, </em>
<em> “qualification”: null, </em>
<em> “disabledByMicrosoftStatus”: null, </em>
<em> “groupMembershipClaims”: null, </em>
<em> “identifierUris”: [ </em>
<em> “api://ANYTHING” </em>
<em> ], </em>
<em> “informationalUrls”: </em>
<em> “termsOfService”: null, </em>
<em> “assistance”: null, </em>
<em> “personal privacy”: null, </em>
<em> “advertising”: null </em>
<em> , </em>
<em> “keyCredentials”: [ </em>
<em> </em>
<em> “customKeyIdentifier”: “ANYTHING”, </em>
<em> “endDate”: “2032-05-01T13:40:24Z”, </em>
<em> “keyId”: “ANYTHING”, </em>
<em> “startDate”: “2022-05-01T13:40:24Z”, </em>
<em> “kind”: “AsymmetricX509Cert”, </em>
<em> “use”: “Verify”, </em>
<em> “worth”: “ANYTHING”, </em>
<em> “displayName”: “VB365 Restore Portal App Certificate” </em>
<em> </em>
<em> ], </em>
<em> “knownClientApplications”: [], </em>
<em> “logoUrl”: null, </em>
<em> “logoutUrl”: null, </em>
<em> “title”: “VB365 Restore Portal”, </em>
<em> “information”: null, </em>
<em> “oauth2AllowIdTokenImplicitFlow”: fake, </em>
<em> “oauth2AllowImplicitFlow”: fake, </em>
<em> “oauth2Permissions”: [ </em>
<em> </em>
<em> “adminConsentDescription”: “Allows usage of Veeam Back-up for Microsoft 365 Restore Portal because the signed-in consumer”, </em>
<em> “adminConsentDisplayName”: “Gain access to Veeam Back-up for Microsoft 365 Restore Portal”, </em>
<em> “id”: “Something”, </em>
<em> “isEnabled”: accurate, </em>
<em> “lang”: null, </em>
<em> “origin”: “Program”, </em>
<em> “kind”: “Admin”, </em>
<em> “userConsentDescription”: “Allows usage of Veeam Back-up for Microsoft 365 Restore Portal in your stead”, </em>
<em> “userConsentDisplayName”: “Entry Veeam Back-up for Microsoft 365 Restore Portal”, </em>
<em> “value”: “entry_as_consumer” </em>
<em> </em>
<em> ], </em>
<em> “oauth2RequirePostResponse”: fake, </em>
<em> “optionalClaims”: null, </em>
<em> “orgRestrictions”: [], </em>
<em> “parentalControlSettings”: </em>
<em> “countriesBlockedForMinors”: [], </em>
<em> “legalAgeGroupRule”: “Allow” </em>
<em> , </em>
<em> “passwordCredentials”: [], </em>
<em> “preAuthorizedApplications”: [], </em>
<em> “publisherDomain”: “ANYTHING.onmicrosoft.com”, </em>
<em> “replyUrlsWithType”: [ </em>
<em> </em>
<em> “url”: “https://anything.cloud.veryimportant:4443”, </em>
<em> “kind”: “Spa” </em>
<em> , </em>
<em> </em>
<em> “url”: “https://restore.internal.veeam.laboratory:4443”, </em>
<em> “kind”: “Spa” </em>
<em> , </em>
<em> </em>
<em> “url”: “https://ANYTHING.veeam.lab:4443”, </em>
<em> “kind”: “Spa” </em>
<em> </em>
<em> ], </em>
<em> “requiredResourceAccess”: [ </em>
<em> </em>
<em> “resourceAppId”: “ANYTHING”, </em>
<em> “resourceAccess”: [ </em>
<em> </em>
<em> “id”: “Anything at all”, </em>
<em> “kind”: “Scope” </em>
<em> </em>
<em> ] </em>
<em> , </em>
<em> </em>
<em> “resourceAppId”: “00000003-0000-0000-c000-000000000000”, </em>
<em> “resourceAccess”: [ </em>
<em> </em>
<em> “id”: “Everything”, </em>
<em> “kind”: “Scope” </em>
<em> </em>
<em> ] </em>
<em> </em>
<em> ], </em>
<em> “samlMetadataUrl”: null, </em>
<em> “signInUrl”: null, </em>
<em> “signInAudience”: “AzureADMultipleOrgs”, </em>
<em> “tags”: [], </em>
<em> “tokenEncryptionKeyId”: NULL </em>
<em> </em>