Invalid target email address *******: EWS API client error occurred (Forbidden). (4379404)

When running a mailbox migration, you may encounter one or both of the following errors:

Task 'StartMigrationActivity' (#6) failed with an unhandled exception:

Invalid target email address user@domain.com: EWS API client error occurred (Forbidden). Forbidden

Multiple consent was granted to the tenant where granting only 1 consent is sufficient. 

Some sample scenario that will have the Error 403 occurs (as soon as multiple consent was granted for Migrate Mailboxes)

** there are more scenario that cant be covered but multiple consent will be causing the error to occurs

1) Making sure there are only 1 type of consent being granted for mailbox migration. For more information please refer to this KB if "Mailbox Migration - Custom RBAC" is being utilize.

2) High level steps to ​Revoke the consent by deleting the enterprise application for
2.1) Source tenant (if not "Mailbox Migration - Custom RBAC")

​​2.1.1) Navigate to Microsoft Entra Enterprise Application
2.1.2) Search for the application name 'Mailbox migration - Full' and 'Mailbox Migration - RBAC', and delete it.
2.2) Target tenant (if not "Mailbox Migration - Custom RBAC")
2.2.1) Navigate to Microsoft Entra Enterprise Application
2.2.2) Search for the application name 'Mailbox migration - Minimal' and 'Mailbox Migration - RBAC', and delete it.

3) Making sure that  all the other prerequisites are met by referring to this document

4) Start the Email migration again and the issue shall not be persist. 

** Please find the below Microsoft document reference of how to delete enterprise applications.
https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/delete-application-portal?pivots=portal