|
<< Click to Display Table of Contents >> Raynet One Data Hub > 2026.2 > Connectors > Alphabetic Connector List > Microsoft Entra ID > Prerequisites API Permissions |
In order to use this connector, the following application permissions must be configured for the app registration in Microsoft Entra ID. These are the minimum required permissions following the principle of least privilege:
Permission |
Necessity |
Description |
|---|---|---|
AuditLog.Read.All |
mandatory |
Read all audit log data. Sign-in logs and directory audit events will be extracted. |
Device.Read.All |
mandatory |
Read all devices registered within the organization. |
Group.Read.All |
mandatory |
Read all groups including group properties and memberships. |
RoleManagement.Read.Directory |
mandatory |
Read all directory RBAC settings. Directory roles and memberships will be extracted. |
User.Read.All |
mandatory |
Read all user profiles. Basic user data (name, mail, user principal name, etc.) and subscription details will be extracted. |
These permissions must be configured as application permissions (not delegated permissions) in the app registration. Application permissions allow the connector to run without a signed-in user context.