Patch My PC Ideas & Feedback
A community where customers and the community can provide feedback to make a better product for everyone! For more details on how we prioritize requests, please see:
A community where customers and the community can provide feedback to make a better product for everyone! For more details on how we prioritize requests, please see:
When Multi Admin Approval App access policies are enforced, application operations using service principals can fail with generic HTTP 400 errors.
This is particularly confusing because a recent change appears to extend Multi Admin Approval enforcement to application credential flows, whereas previously it primarily impacted delegated credential flows. This means unattended automation scenarios that previously worked may now fail without clear indication that Multi Admin Approval is the cause.
Example error indicates a missing approval justification header:
Header 'x-msft-approval-justification' is required to request approvalHowever, this is not surfaced clearly in tooling or user-friendly error messages. As a result, administrators may assume:
permission issues
Graph API changes
service outages
configuration problems
instead of recognizing that Multi Admin Approval is blocking the operation.
The request here is to provide clear and explicit error messaging when Multi Admin Approval blocks a publishing operation
