Mike Swanson
a47a97219c
- MVAN: investigated credential stuffing on Mitch VanDeveer, enforced MFA CA policy - Grabblaw: consent flow failed, needs alternative approach - Cascades Tucson: onboarded to remediation tool successfully - Memory: "365 remediation tool" = Graph API app fabb3421 - Data recovery: Hitachi Deskstar firmware/service area diagnosis Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
842 B
842 B
name: 365 Remediation Tool Reference
description: "365 remediation tool" always means the Claude-MSP-Access Graph API app (fabb3421-8b34-484b-bc17-e46de9703418), not CIPP
type: feedback
When user says "365 remediation tool" or "remediation tool", they ALWAYS mean the Claude-MSP-Access Graph API application (App ID: fabb3421-8b34-484b-bc17-e46de9703418). This is NOT CIPP.
Why: User explicitly clarified this after I incorrectly navigated to CIPP. The remediation tool is direct Graph API access using client credentials flow against customer tenants.
How to apply: Authenticate directly via Graph API using the app's client secret from SOPS vault (msp-tools/claude-msp-access-graph-api.sops.yaml), get tenant ID from OpenID discovery for the target domain, and query Graph API endpoints directly. No browser/UI needed.