Hi @Oleg Tserkovnyuk Greetings! Thank you for posting this question here.
There is a difference between the roles you have outlined.
-
API Management Service Contributor
is used to grant access to API Management service. This is different from the API Connections you are referring to. This role provides read, deployment access among other permission to API Management instance. Please refer the role API Management Service Contributor for additional details. - The
Reader
access role is a much broader built-in role that allows users to view all the resources on the platform but prevent them from making any changes.
If you prefer to grant visibility access to just API connections, there is no built-in role available for it.
However, you can create a custom role and assign the appropriate permissions. This is a bit challenging as you have to look up the specific role permissions for connections based on the resource type from Azure RBAC documentation
For example, to grant permissions to Logic App API connections, you would have to grant Microsoft.Web/connections/*/read
role. The details for this specific role can be found from the documentation Logic App Operator
Please refer the documentation Create custom roles for guidance.
Hope this helps!
If the response helped, please do click Accept Answer and Yes for the answer provided. Doing so would help other community members with similar issue identify the solution. I highly appreciate your contribution to the community.