barbara_hodgkin
SailPoint Employee
SailPoint Employee

Update Notice: O365 Government Community Cloud (GCC) Users Using FAM SharePoint Online/OneDrive EFix

NOTE: This only applies to customers utilizing Government Community Cloud, all Enterprise plans will be unaffected by this change.

General Announcement:

Starting Sept. 15th, 2022 Microsoft will restrict Government Community Cloud (GCC) accounts access to the Microsoft 365 Management Activity API endpoints through Enterprise Management API URL. For those accounts, Microsoft will enforce data collection using the Microsoft 365 Management Activity API through designated Government Community Cloud (GCC) URLs.  You can find details regrading this here: https://docs.microsoft.com/en-us/office/office-365-management-api/office-365-management-apis-overvie....  This has also been communicated in Microsoft announcements MC221116, MC223431 & MC395212.

What this means for FAM:

The Office 365 Management APIs provide a single extensibility platform for all Office 365 management tasks, including service communications, security, compliance, reporting, and auditing. All of the Office 365 Management APIs are consistent in design and implementation with the current suite of Office 365 REST APIs.

File Access Manager uses the Office 365 Management APIs to gather activity and audit data on OneDrive and SharePoint Online managed applications. File Access Manager uses the Authorization Code Token Acquisition flow to generate and refresh OAuth tokens.  These tokens are used to access different resources on the tenant’s environment.  This includes the O365 Management API token.

For customers utilizing the FAM SharePoint Online and OneDrive applications which utilize a GCC plan, an efix will be provided which will need to be applied to ensure connectivity is maintained after the Microsoft connectivity changes are in place.

A follow-up announcement will be released with the e-fix and details on how to apply this e-fix.

Action Needed:

An E-Fix is now available for the latest Service Packs: 8.3 SP1 and 8.2 SP2.  These changes will also be included in the upcoming Service Packs 8.3 SP2, 8.2 SP3 (targeted end of September 2022) as well as the upcoming major release 8.4.

The E-Fix should be applied as soon as possible, as to not disrupt your connectivity when the Microsoft changes occur.  Applying the E-Fix will not automatically change your current configuration, you will need to edit your existing OneDrive and SharePoint Online FAM application(s) to select a plan type.  There are steps outlined in the README to update the configuration. 

Microsoft is now supporting the GCC URL, so we highly recommend configuring the GCC plan now.  

When applying the changes, please read carefully through the README file, and if you have any questions or need help applying the changes please open a Support ticket for help.  Regrading any other questions or concerns, please reach out to your Customer Success Manager.

0 Kudos
1 Reply
barbara_hodgkin
SailPoint Employee
SailPoint Employee

**Please Note**

There was typo in the README file, under the "Affected websites" section. Affected websites should read "identityiqfam/v2" and "siqapi". These folders should be located in your target server's "..\inetpub\wwwroot" folder.

This has been corrected.

0 Kudos