Grant permissions to the Profile application in Azure

In the Azure management portal, select the Active Directory tab and an Office 365 tenant.
Select the Applications tab and click the application that you want to configure.
In the permissions to other applications section
- Add the Microsoft Graph application , and select the
  - Read items in all site collections
  - Read all files that user can access
  - Access directory as the signed in user
  - Read all users' basic profiles
- Note that the Enable sign-on and read users' profiles of the Windows Azure Active Directory is added by default. Leave that permission enabled.
Save the changes.

Provide feedback