After upgrading Veeam Backup for Microsoft 365 to v5, backup of Exchange Online data may fail with “Unauthorized (401)” error.
The issue affects organizations using Modern authentication and legacy protocols with application secret.
Starting v5 Veeam Backup for Microsoft 365 has switched to the SOAP Autodiscover service for resolving users during Exchange backup. To use this API, the application used for the organization’s backup must be assigned with the full_access_as_app permission.
To add the "full_access_as_app" permission to your Azure AD app registration, do the following:
Sign in to the Azure portal
Go to Azure Active Directory > App registrations, and select your application.
Select API permissions > Add a permission > APIs my organization uses
Select Office 365 Exchange Online APIin the list, go to the Application permissions tab and select the "full_access_as_app" permission.
To submit feedback regarding this article, please click this link: Send Article Feedback To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.
Spelling error in text
Your feedback has been received and will be reviewed.