az ad app permission add - 权限不足，无法完成操作 [英] az ad app permission add - Insufficient privileges to complete the operation

问题描述

我收到 ERROR: Insufficient rights to complete the operation. 运行时 az ad app permission add

我需要授予我的服务主体什么权限才能使其正常工作?

What permission do I need to grant my service principal for this to work?

我给了它 AppRoleAssignment.ReadWrite.All 权限，上面写着:

I gave it the AppRoleAssignment.ReadWrite.All permission which says:

允许应用代表登录用户管理对任何 API(包括 Microsoft Graph)的应用程序权限的权限授予和任何应用程序的应用程序分配.

Allows the app to manage permission grants for application permissions to any API (including Microsoft Graph) and application assignments for any app, on behalf of the signed-in user.

更新:我也给了它 Application.ReadWrite.All，但仍然收到错误.

Update: I also gave it Application.ReadWrite.All, but still getting the error.

推荐答案

我也给了它 Application.ReadWrite.All，但仍然收到错误.

I also gave it Application.ReadWrite.All, but still getting the error.

Application.ReadWrite.All应用权限就足够了.我想您在 Microsoft Graph 中授予了 Application.ReadWrite.All 权限，它不起作用.您需要使用 Azure AD Graph 中的 Application.ReadWrite.All ，然后才能使用.

The Application.ReadWrite.All Application permission is enough. I suppose you gave the Application.ReadWrite.All permission in Microsoft Graph, it will not work. You need to use the Application.ReadWrite.All in Azure AD Graph, then it will work.

授予权限后，稍等片刻，运行命令，返回警告，刷新门户，会发现API权限已添加.

After giving the permission, wait for a while, run the command, it returns a warning, refresh the portal, you will find the API permission was added.

这篇关于az ad app permission add - 权限不足，无法完成操作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！