This article addresses the following error message that might appear when accessing Office 365 Apps like Forms, Tasks, Power BI, and Teams from the Okta Dashboard:

AADSTS7000112: Application '<Application ID>'(Okta Microsoft Graph Client) is disabled.

• Microsoft Office 365 (M365 / O365)
• Single Sign-On (SSO)
• OpenID Connect (OIDC)
• Microsoft Graph API Client

After performing the steps from Update Office 365 Single Sign-on Applications with Automatic Configuration to Support Microsoft Graph, Okta creates the Okta Graph API Client - Federation OIDC app on the Microsoft side. This will be used for future API calls regarding the federation and authorization required for specific Microsoft apps.

However, for some applications such as Forms, Tasks, Power BI, and Teams, Microsoft may still default the API authorization to the Okta Microsoft Graph Client OIDC app.

Okta Microsoft Graph Client is created either through enabling the Advanced API access option from the Sign on tab of the Microsoft Office 365 app within Okta or by enabling Provisioning for the app.

The issue appears when access to the OIDC app is blocked, which might occur either through policies or if "Enabled for users to sign-in?" is set to No.

Performing one of the following options should resolve the issue:

• Setting the Enabled for users to sign-in? to Yes on the Microsoft side via the Azure or Entra admin portal.

• If provisioning is NOT enabled in Okta, delete the Okta Microsoft Graph Client application. 
  NOTE:  Deleting the app will cause provisioning of the Microsoft Office 365 app within Okta to break.