Saviynt Forums

GOE · ‎02/23/2024

Hello,

We got this error when trying to connect to Azure AD using the AzureAD connector type: Target Error Message: [Insufficient privileges to complete the operation.]

the following permissions were added to the API with the exception of the write permissions:

Directory.Read.All, RoleManagement.Read.All, and User.Read

Do we need to add the write access in order to connect to Azure AD?

Thanks

rushikeshvartak · ‎02/23/2024

Provide below access in Azure for Service Account.

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

AmitM · ‎02/24/2024

Hi @GOE , Don't need that many permissions. I haven't even given directory read. It depends on your requirement. If it is just importing accounts and ents and adding access. Below will work. We also send invitation so that's specific to us. If the save and test connection is failing , I would recommend setting up application correctly in Azure and follow this - https://docs.saviyntcloud.com/bundle/AzureConf-v23x/page/Content/Registering-an-Application-in-Azure...

Thanks,

Amit

GOE · ‎02/27/2024

I just tried this without the User.ReadWrite.All, since we don't want write permissions yet, and it worked. Thank you!

Saviynt Forums

AzureAD Connection Error