The AlertFind Connector needs specific permissions to be able to pull all the information from Azure Active Directory. This article details out various relevant permissions and the rights associated with each and can be used by Client AD administrators to know the scope and permissions needed for the connector.
Useful Permissions In Azure Active Directory
In most of the cases, the below Role and Permission should suffice :
- Permission : User.Read.All
- Role : Application Manager Role.
Note : The Application Manager role can be removed once the application is enabled but the User.Read.All permission should stay granted.