Azure M2M Scopes Mapping
How each Zluri scope maps to Azure AD's API permissions
| Zluri scope name | Required Azure API permission |
|---|---|
| Manage Administrative Unit | AdministrativeUnit.ReadWrite.All |
| App role assignment read and write | AppRoleAssignment.ReadWrite.All |
| Read Applications | Application.Read.All |
| Manage Applications | Application.ReadWrite.All |
| Read AuditLogs | AuditLog.Read.All |
| Read Directory | Directory.Read.All |
| Read & Manage Directory | Directory.ReadWrite.All |
| Read Groups | Group.Read.All |
| Write groups | Group.ReadWrite.All |
| Read Group Members | GroupMember.Read.All |
| Group members read and write | GroupMember.ReadWrite.All |
| Send email | Mail.Send |
| Manage Role Assignments | RoleManagement.ReadWrite.Directory |
| Manage Identities Of User | User.ManageIdentities.All |
| Read All Users | User.Read.All |
| Write Users | User.ReadWrite.All |
Updated about 2 months ago