问题
I'm getting ERROR: Insufficient privileges to complete the operation. when running az ad app permission add
What permission do I need to grant my service principal for this to work?
I gave it the AppRoleAssignment.ReadWrite.All permission which says:
Allows the app to manage permission grants for application permissions to any API (including Microsoft Graph) and application assignments for any app, on behalf of the signed-in user.
Update: I also gave it Application.ReadWrite.All, but still getting the error.
回答1:
I also gave it Application.ReadWrite.All, but still getting the error.
The Application.ReadWrite.All Application permission is enough. I suppose you gave the Application.ReadWrite.All permission in Microsoft Graph, it will not work. You need to use the Application.ReadWrite.All in Azure AD Graph, then it will work.
After giving the permission, wait for a while, run the command, it returns a warning, refresh the portal, you will find the API permission was added.
来源:https://stackoverflow.com/questions/59185434/az-ad-app-permission-add-insufficient-privileges-to-complete-the-operation