Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Developer portal: AAD Login - SPN permissions
See original GitHub issueI am using the APIM developer portal with AAD login. To get this to work the service requires a service principal with Directory.Read.All API permissions. It looks like the soon-to-be deprecated Azure Active Directory Graph is needed for this to work. I tried to use the Microsoft Graph permissions by itself, but I was not able to add AAD groups unless I added the Azure Active Directory Graph permissions.
I was not able to find the correct permissions in the MSDocs. Can anyone confirm that these permissions are needed? If they are needed, what happens after the AAD Graph API becomes deprecated (June 2022)?
Issue Analytics
- State:
- Created a year ago
- Comments:5 (1 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@johnlokerse, this should be enough for creating accounts in APIM, using Graph API permissions:
@mikebudzynski, we need only particular claims to be present in the token, regardless if it’s MS Graph or AAD Graph.
@azaslonov