cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Playbook / Auth. and Mail problems

Garfield-P
Copper Contributor

‎Nov 05 2021 10:20 AM - edited ‎Nov 05 2021 10:22 AM

‎Nov 05 2021 10:20 AM - edited ‎Nov 05 2021 10:22 AM

Playbook / Auth. and Mail problems

 

Hello community!

I have two challenges in a logic app / playbook. I have created an app registration to use it as a service principle.

 

Problem 1:

Part - Run query and visualize results

So my understanding is, that we have to grant the Role "Monitoring Reader" or "LogAnalytics Reader" the App Registration. But we got the same error message.. Whats the right way?

Raw output:

 

body": {
        "ResultStatus": "Forbidden",
        "Content": {
            "error": {
                "code": "AuthorizationFailed",
                "message": "The client 'APP REG ID' with object id 'xxxxxxxxxxx' does not have authorization to perform action 'Microsoft.OperationalInsights/workspaces/read' over scope '/subscriptions/XXXXX/resourcegroups/XXXXXX/providers/Microsoft.OperationalInsights/workspaces/A2-Sentinel01' or the scope is invalid. If access was recently granted, please refresh your credentials."
            }

 

 

Problem 2:

Send Mail with a MFA enabled account

 

The second challenge is to send a mail with active MFA. I read about APP Registration with OAuth. I couldn´t find any tutorials but i think we are not the first customer with that challange :) Any ideas?

 

Thank you!

 

GarfieldP_0-1636131473429.png

 

 

 

 

 

751 Views
0 Likes
2 Replies
Reply
2 Replies
Gary Bushey

‎Nov 06 2021 01:17 PM

‎Nov 06 2021 01:17 PM

Re: Playbook / Auth. and Mail problems

@Garfield-P Not sure about question 2, but for question 1 it appears that you need to give you app the rights on the resource directly.  It looks like it has no rights to the workspace so it cannot read it.

0 Likes
Reply
Yash_Mudaliar

‎Nov 08 2021 05:09 AM - edited ‎Nov 08 2021 05:10 AM

‎Nov 08 2021 05:09 AM - edited ‎Nov 08 2021 05:10 AM

Re: Playbook / Auth. and Mail problems

@Garfield-PIt seems like the first issue is likely due to insufficient app permissions. Many of the permissions sometimes looks very similar in the first look but you need to make sure you have provided the right one if the error is persistent.
The second issue should not be much of a problem as 'OAuth' can absolutely be used as a authentication parameter in playbooks. Can you please elaborate more on what's the issue there?

0 Likes
Reply