question

muruganad avatar image
0 Votes"
muruganad asked JamesTran-MSFT answered

management.azure.com Authorization Failed azure csp account

I was trying a GET request from this url .

https://management.azure.com/subscriptions/-0f71--994b-804713*/resourceGroups/*WE01/resources?api-version=2017-05-10
I have sent the authentication token & already have an application registered in Active directory

I am getting this error message.

{"error":{"code":"AuthorizationFailed","message":"The client '-22c0--bb40-416f1a*' with object id '-22c0--bb40-416f1a' does not have authorization to perform action 'Microsoft.Resources/subscriptions/resourceGroups/resources/action' over scope '/subscriptions/-0f71--994b-8047/resourceGroups/***WE01' or the scope is invalid. If access was recently granted, please refresh your credentials."}}

I already have an application registered in AD. What all permissions should I need to give to the registered application.


Thanks!
Murugan

azure-active-directoryazure-api-management
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

JamesTran-MSFT avatar image
0 Votes"
JamesTran-MSFT answered muruganad published

@muruganad
Thank you for the detailed post!

When it comes to using the Resources - List By Resource Group REST API, can you make sure that your AzureAD App registration has the user_impersonation API permission. For more info.

148383-image.png

If you're still experiencing issues - for testing purposes, you can also try assigning the Global Admin role to your AzureAD App to see if that resolves your issue.
Navigate to AzureAD -> Roles and Administrators -> Search for Global Admin -> Add the role assignment to your App (for testing purposes).
148375-image.png




If you have any other questions or are still experiencing issues, please let me know.
Thank you for your time and patience throughout this issue.


Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.


image.png (131.1 KiB)
image.png (29.5 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.