To grant the necessary extra permissions, navigate to the main settings page by selecting the cog in the top navigation bar.
Then, select "Manage" in the Azure AD Sync panel.
Then, select "Manage" next to App Credentials.
Copy Client ID
Azure Admin Portal
The next 1-3 steps will continue from the Azure admin portal
1. Locate the App registration that needs extra permissions
1-1 Click on App registrations
1-2 Enter copied Client ID
1-3 Click on found App registration
2. Select – ‘API permissions’
3. Add Microsoft Graph permissions
3-1 Select – '+ Add a permission' > 'Microsoft Graph'
3-2 Select 'Delegated permissions'
3-3 Select 'Directory.Read.All'
3-4 Select 'Add permission'
3-5 – Repeat step 3-1
3-6 Select 'Application permissions'
3-7 Select 'Application.Read.All'
3-8 Select 'Directory.Read.All'
3-9 Select 'Add permissions'
3-10 Configured permissions should look like this:
3-11 Next select 'Grant admin consent for *instance_name*'