How to remove a configured service account in M365 Security Plus

Note: This article applies to existing customers updating to 4700 from build number 4619 and lower.

Objective

This article explains how to remove a previously configured service account in M365 Security Plus for customers upgrading to build 4700 and above, to improve security and simplify permission management.

With this change, you can now choose to replace your configured service account from M365 Security Plus with an Entra application registration. You will have to update your Entra app permissions accordingly so that all tasks previously handled by the service account can function seamlessly.

Note: For minimal impact on your services, we suggest updating your Entra app registration and then removing your service account from M365 Security Plus.

Prerequisites

• A M365 Security Plus technician with the Super Admin role.
• A Microsoft Entra ID account with the permissions to modify Entra app permissions

Steps to follow

Step 1: Update your Entra app permissions

You can update the Entra app permissions configured for your tenant in M365 Security Plus with a single click. The process is automatic and applies all required permissions for the full functionality of the product.

1. Log in to M365 Security Plus as a technician with the Super Admin role.
2. Navigate to Tenant Settings.
3. Click Update Permissions in the REST API Access column of the Microsoft 365 Tenant from which you are removing the service account.



4. You will be redirected to the Microsoft 365 login portal where you will have to sign in with the appropriate credentials (preferably a Global Administrator if you wish to assign all permissions). Since this process does not take place within M365 Security Plus, the credentials entered will not be stored in the product database.
5. Click Accept.
6. You will be redirected to the M365 Security Plus console, where you can see the Update Permissions text has changed to Enabled.

If you wish to configure the Entra application with only the permissions necessary for your preferred actions, you can manually modify the REST API permissions assigned to your application, using the Minimum Scope page for reference.

Step 2: Remove your configured service account

Once your Entra app permissions are updated, you can now remove the configured service account without impacting M365 Security Plus' availability and functionality. You can remove it by following the steps mentioned below:

1. Navigate to Tenant Settings
2. Click the edit icon next to the Microsoft 365 Tenant you are removing the service account for.
3. Click Remove Service Account and select Yes.

Verification

• Confirm the service account is no longer listed. Click the edit icon next to the Microsoft 365 Tenant you are removing the service account for, and verify if the service account has been removed.
• Test any actions that depend on the configured permissions for the Entra application. If they do not work as expected, review and reconfigure the required app permissions.