Share via

Service Principles Insufficient privileges for AAD look-up despite having Directory.Read.All

Matt 21 Reputation points
2021-06-01T19:56:33.157+00:00

Im swapping over service principles to Micrsoft Graph API from the old Azure directory API due to it becoming legacy. However when testing access, i cant do any sort of look-up to Active directory (application permissions) despite at this point having granted and consented as Admin;

Application.Read.All
Directory.Read.All
Group.Read.All
User.Read.All

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
13,518 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,279 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 117.1K Reputation points MVP
    2021-06-01T20:22:40.63+00:00

    You have to be more specific here, code samples, error messages? Did you decode the token and check that the permissions are correctly represented?

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.