Click HERE to see how Saviynt Intelligence is transforming the industry. |
10/01/2024 05:00 AM
I am trying to set up an Azure Integration (not Azure AD) and am getting an error on the reconciliation connection (the provisioning one is working). I am thinking this is a permission issue on the Azure side but I can't find anywhere in the documents what the least privileged access the client needs. Does anyone have this information?
10/01/2024 07:43 AM
@MRitchie All the below permission are needed.
Make sure the subscription ID is added in the connection and also can pull the resources.
10/01/2024 08:20 AM - edited 10/01/2024 08:21 AM
@MRitchie , in case the Azure team not willing to give access to entire directory, here is what we are using
The highlighted ones are specific to one of our requirement to manage PIM groups, those can be taken down.
Invite ALl can be taken down if not inviting guest accounts via Saviynt