From 2c50460801ab22ae40506b9c79a8baaf3d547f53 Mon Sep 17 00:00:00 2001
From: Tom Bamford <5719506+ap0phi5@users.noreply.github.com>
Date: Thu, 13 Mar 2025 13:46:38 +0000
Subject: [PATCH] Update group scope to groupMember.read.all

Signed-off-by: Tom Bamford <5719506+ap0phi5@users.noreply.github.com>
---
 connector/microsoft/microsoft.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/connector/microsoft/microsoft.go b/connector/microsoft/microsoft.go
index 2fcf6a75..5fb18d37 100644
--- a/connector/microsoft/microsoft.go
+++ b/connector/microsoft/microsoft.go
@@ -36,7 +36,7 @@ const (
 	scopeUser = "user.read"
 	// Microsoft requires this scope to list groups the user is a member of
 	// and resolve their ids to groups names.
-	scopeGroups = "directory.read.all"
+	scopeGroups = "groupMember.read.all"
 	// Microsoft requires this scope to return a refresh token
 	// see https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#offline_access
 	scopeOfflineAccess = "offline_access"