When you suspect that the app is suspicious, consider disabling the appliance and rotating qualifications of all influenced accounts. .Shared redirects to suspicious Reply URL as a result of Graph API. This action makes an attempt to point that malicious application with less privilege permission (for instance Read through scopes) could poss