Applies to only managed cloud deployments
Security Requirements
All app registrations must:
-
Use the Federated Identity Credentials (FIC)–based authentication mechanism.
-
Have appropriate Conditional Access policies configured and enforced.
The express configuration uses Commvault Cloud-hosted multi-tenant apps. These apps use Federated Identity Credentials (FIC) authentication mechanism and do not require app secrets or certificates.
Multi-tenant apps provide a better security posture and are the recommended authentication method from Microsoft. You can configure up to 5 multi-tenant apps via express config for better backup and restore performance.
If you are an existing customer and notice one of the following messages, follow the recommended steps to address this issue:
-
A notification in the configuration page related to authentication or app permissions (Conditional access policy check failed with exception: Access denied: Missing required permission (Policy.Read.All).
-
A "security update" notification on the overview dashboard page of Microsoft 365.
Choose Your Migration Path
Select the appropriate guide based on your current configuration:
-
If you are using a combination of Commvault hosted multi-tenant app and single tenant apps (applies to managed cloud deployments only)