...
Graph API / Permissions name | Access Granted by Permissions | Used By |
AuditLog.Read.All | Read audit log data | App Service Managed Identity |
Group.Read.All | Read group data | App Service Managed Identity |
GroupMember.ReadWrite.All | Read and write group memberships | App Service Managed Identity |
User.Read.All | Read user profile | App Service Managed Identity |
Reports.Read.All | Read report data | App Service Managed Identity |
Organization.Read.All | Read organization information | App Service Managed Identity |
| Info |
|---|
Your EmpowerID consulting team can provide a PowerShell script to automate assignment of these permissions to your Managed Identity |
| Excerpt | ||||
|---|---|---|---|---|
| ||||
Required Permissions for the Service PrincipalIn addition to above required permissions for the managed identity, Azure License Manager requires the service principal (the application registered in Azure AD to represent Azure License Manager) to have an additional permission:
|