UnauthorizedAccessException while Create governanceRoleAssignmentRequest via Microsoft Graph api
My requirement is to Assign the 'User Access administrator' role Azure AD security Group using the microsoft graph api.
My registered app in azure AD have the below API permission,
Directory.Read.All
PrivilegedAccess.ReadWrite.AzureAD
PrivilegedAccess.ReadWrite.AzureResources
Below is the request body
{
"roleDefinitionId": "18d7d88d-d35e-4fb5-a5c3-7773c20a72d9",
"resourceId": "<subscription Id>",
"subjectId": "<Azure AD group Object Id>",
"assignmentState": "Eligible",
"type": "AdminAdd",
"reason": "Assign an eligible role",
"schedule": {
"startDateTime": "2021-12-08T23:37:43.356Z",
"endDateTime": "2021-12-10T23:37:43.356Z",
"type": "Once"
}
}
while executing getting the below response
{
"error": {
"code": "UnauthorizedAccessException",
"message": "Attempted to perform an unauthorized operation.",
"innerError": {
"date": "2021-12-09T07:52:42",
"request-id": "c111b180-322a-41f9-b072-29385b4b2199",
"client-request-id": "c111b180-322a-41f9-b072-29385b4b2199"
}
}
}