We have set up an application registration for our application and ticked the permission “Read directory data” as per the instructions in the doc below:
We now want to set this permission to OFF. We don’t need any extended profiles or security groups or other group info from the directory - we just need the signed in user’s basic details.
What would happen if we turn this off?
Note: I have already seen this topic but it didn’t really tell me why this permissions was needed, so wanted to ask a further question…