and more in a single search tool across platforms. Read the announcement here. |
04/15/2024 03:42 AM
Hello,
We are intergating Azure AD with Saviynt. By following Azure AD Saviynt documentation Azure AD team has given required permissions to service user, yet Remove Access (AADGroups) is not happening.
AADGroup":{"headers":null,"message":{"error":{"code":"Authorization_RequestDenied","message":"Insufficient privileges to complete the operation.","innerError":{"date":"2024-04-15T10:34:35","request-id":"91a76b6-920b-4216-9eca-c114560d0780","client-request-id":"91a76b6-920b-4216-9eca-c114560d0780"}}},"statusCode":403,"description":null,"status":"Failed
Import Account - working as expected.
Enable/Disable - Working as Expected
Remove Access - Insufficient privileges
Add Access - Out of Scope.
04/15/2024 08:07 AM
Check Remove Access json token once again , connection establish with target issue for Remove.
04/15/2024 08:16 AM
Hi @GSR ,
Seems similar error from past article. Please refer this solved article (It's about privileges granted to service account) - Solved: AzureAD Connection Error - Saviynt Forums - 78255
This should solve your issue.
If you find the above response useful, Kindly Mark it as Accept As Solution and hit Kudos
04/15/2024 09:59 PM
Does it work from postman ?
04/16/2024 02:57 AM
it did not work from postman too. Looks like service user permisions missing. Any recomended permisions that are missing from myscreenshot
04/17/2024 06:26 PM
Refer https://forums.saviynt.com/t5/identity-governance/azuread-connection-error/m-p/78260#M49992 for permission