Service Principles Insufficient privileges for AAD look-up despite having Directory.Read.All

Matt 21 Reputation points
2021-06-01T19:56:33.157+00:00

Im swapping over service principles to Micrsoft Graph API from the old Azure directory API due to it becoming legacy. However when testing access, i cant do any sort of look-up to Active directory (application permissions) despite at this point having granted and consented as Admin;

Application.Read.All
Directory.Read.All
Group.Read.All
User.Read.All

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,707 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,654 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 95,836 Reputation points MVP
    2021-06-01T20:22:40.63+00:00

    You have to be more specific here, code samples, error messages? Did you decode the token and check that the permissions are correctly represented?

    0 comments