Azure Active Directory Connector Permissions

This article intends to guide Client AD administrators about the relevant permissions and the rights that our Azure AD connector requires. The AlertFind Connector needs specific permissions to be able to pull all the information from Azure Active Directory. This article details out various relevant permissions and the rights associated with each and can be used by Client AD administrators to know the scope and permissions needed for the connector.



 

Required Permissions In Azure Active Directory

  • User.Read.All


Required Role In Azure Active Directory

  • Application Manager Role. 

Suggested Microsoft Article: Assign administrator and non-administrator roles to users with Azure Active Directory

Note: The Application Manager role can be removed once the application is enabled but the User.Read.All permission should stay granted.


Useful Permissions In Azure Active Directory