question

kanishka-3236 avatar image
0 Votes"
kanishka-3236 asked

ISE developer role for Service Principal to access Integration account APIs

I am using client credential flow to access api
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Logic/integrationAccounts/{integrationAccountName}/schemas?api-version=2016-06-01

I have registered one app, when I give reader/contributor role to this app , I am able to authenticate and access api but with the "Integration Service Environment Developer /Contributor role " , I get the error :

The client 'xxxxfc7bc13e430' with object id 'xxxx7bc13e430' does not have authorization to perform action 'Microsoft.Logic/integrationAccounts/agreements/read'

I am not able to understand the reason as both the roles have same permissions for Microsoft.Logic


azure-active-directoryazure-ad-authentication-protocols
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

0 Answers