Insufficient priviliges to complete the operation in Azure Python Functions

krishna572 876 Reputation points
2022-07-21T01:28:41.14+00:00 
   python  
   DefaultAzureCredential(exclude_interactive_browser_credential=False)      
       args_str1 = 'login --identity --allow-no-subscriptions'  
       args_str2 = 'ad user get-member-groups --id someid@domain.com'  
       args1 = args_str1.split()  
       args2 = args_str2.split()  
       cli = get_default_cli()  
       cli.invoke(args1)  
       cli.invoke(args2)  
       if cli.result.result:  
          logging.info(cli.result.result)  
       elif cli.result.error:  
          logging.info(cli.result.error)

When running the above code of Azure python Function (Managed Identity), getting the error:

Insufficient priviliges to complete the operation

Can anyone help me what I'm missing here?

Azure Functions
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,231 questions
.NET CLI
.NET CLI
A cross-platform toolchain for developing, building, running, and publishing .NET applications.
322 questions
0 comments
Accepted answer
  1. Manu Philip 16,966 Reputation points MVP
    2022-07-21T03:59:10.54+00:00

    It sounds like some of the required API permissions are missing for the Managed Identity. You can try assigning the following API permissions and try again
    Azure Active Directory > Select the application > API Permissions > Add a Permission > Microsoft Graph > Delegated Permissions > Assign the following permissions one by one and try again. I guess, you need only read permissions as indicated in the code.

    222937-image.png

    222915-image.png

    If it didn't help, try assigning application permissions also (Microsoft Graph > Application Permissions)

    ----------

    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest