| PrivilegedAccess.Read.AzureAD |
4cdc2547-9148-4295-8d11-be0db1391d6b |
Read privileged access to Azure AD roles |
Allows the app to read time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD built-in and custom administrative roles in your organization, without a signed-in user. |
| PrivilegedAccess.Read.AzureADGroup |
01e37dc9-c035-40bd-b438-b2879c4870a6 |
Read privileged access to Azure AD groups |
Allows the app to read time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups in your organization, without a signed-in user. |
| PrivilegedAccess.Read.AzureResources |
5df6fe86-1be0-44eb-b916-7bd443a71236 |
Read privileged access to Azure resources |
Allows the app to read time-based assignment and just-in-time elevation of user privileges to audit Azure resources in your organization, without a signed-in user. |
| PrivilegedAccess.ReadWrite.AzureAD |
854d9ab1-6657-4ec8-be45-823027bcd009 |
Read and write privileged access to Azure AD roles |
Allows the app to request and manage time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD built-in and custom administrative roles in your organization, without a signed-in user. |
| PrivilegedAccess.ReadWrite.AzureADGroup |
2f6817f8-7b12-4f0f-bc18-eeaf60705a9e |
Read and write privileged access to Azure AD groups |
Allows the app to request and manage time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups in your organization, without a signed-in user. |
| PrivilegedAccess.ReadWrite.AzureResources |
6f9d5abc-2db6-400b-a267-7de22a40fb87 |
Read and write privileged access to Azure resources |
Allows the app to request and manage time-based assignment and just-in-time elevation of Azure resources (like your subscriptions, resource groups, storage, compute) in your organization, without a signed-in user. |