What is the minimal privilege to grant permission to rotate and list Azure APIM subscription key by REST API

Amy Z 291 Reputation points


We're enabling a specific API consumer to rotate their own API subscription key via APIM REST API permissions.

We require permissions for:

  • Listing secrets: https://learn.microsoft.com/en-us/rest/api/apimanagement/subscription/list-secrets
  • Regenerating primary key: https://learn.microsoft.com/en-us/rest/api/apimanagement/subscription/regenerate-primary-key

App Registration and service principal are adopted and it works.

Currently using the Contributor Role, but we think it grants broader privileges than necessary.

User's image

Can you advise a proper Role in our use case ?

Thank you

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,801 questions
0 comments No comments
{count} votes

Accepted answer
  1. SwathiDhanwada-MSFT 17,881 Reputation points

    @Amy Z Here are list of minimum permissions required for listing and rotating Subscription API Key.

    User's image

    For more information, please refer this document.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful