Microsoft 365 Alert – Service Degradation – Microsoft Defender XDR – Some users may be unable to use unused OAuth app policies in App Governance – NEW

19/05/2026 09:15:00 AM

NHSmail Reference: INC46829911

Microsoft Reference: DZ1314603

Issue Status: OPEN

Issue Description: Users may be unable to use unused OAuth app policies in App Governance.

More info: Affected users may notice policy evaluation has been temporarily suspended, meaning alerts won’t be generated and governance actions such as app disablement won’t occur. Existing policy configurations remain unchanged and will resume once normal operation is restored.

Current Update: 19/05/2026 09:19:00 AM–Microsoft has identified a data accuracy issue affecting app usage evaluation, which has the potential to incorrectly classify active apps as unused. As a precautionary measure, they have temporarily suspended evaluation of unused OAuth app policies to prevent unintended actions while we work to address the underlying issue.

Scope of impact: Your organization is affected by this event, and any users with unused OAuth app policies configured in App Governance may be impacted.

Next update by: Tuesday, May 19, 2026, at 1:00 PM UTC