Allow granular management access of AAD groups by service principals
We have a scenario where we would like to use automation to manage membership of an AAD group.
We assign group owner permissions to the service principal. However, operations against that group (using Powershell cmdlets like Add-AzureAdGroupMember) fail with a 403 Forbidden.
We cannot grant Directory.ReadWrite permissions to the AAD application, because that would allow write permissions on the entire AAD directory, not just the group that the AAD application owns.
According to Azure support, the scenario where I would like my service principal to manage groups that it owns is not currently possible. Can we make it possible?
TW Express Cars commented
We give air terminal taxi administration in Tunbridge Wells and the encompassing towns. We spread Tunbridge Wells, Frant, Wadhurst, Crowborough, Mark cross, Book you taxi move from Tunbridge Wells to Gatwick Airport with AK Car today and experience something other than an exchange.
For More Detail Visit Our Website: http://www.twexpresscars.co.uk/