Service principle permissions for azuread

a8ree · November 18, 2019, 8:26am

I’m trying to setup the service principle to use AzureAD as per

It notes:

NOTE: If you’re authenticating using a Service Principal then it must have permissions to Read directory data within the Windows Azure Active Directory API.

When I go into the AAD API permissions for the Service Principle, the option for Windows Azure Active Directory isn’t there.

I’ve tried using the Graph API permissions but as I was getting an error I decided to to an AZ login as the SP

when I do

az ad user list

I get

Insufficient privileges to complete the operation.

I presume this is a valid test?

How do I assign the API permissions as documented?

a8ree · November 20, 2019, 8:50am

It looks like the documentation is out of date.

Is anyone able to help?

Topic		Replies	Views
Azuread_application as Service Principal Terraform Providers	1	1191	September 14, 2020
Azuread_service_principal permissions Directory.ReadWrite.All Azure azure	2	1180	January 25, 2022
Required Service Principal Permissions to Read AD Users and Group details Azure azure	2	686	January 19, 2022
Service Principal to access AD Azure	0	342	June 16, 2021
Insufficient Privileges when trying to create AzureAD Group (azuread 2.0.1) Azure azure	4	12460	August 4, 2022

Service principle permissions for azuread

Related topics