Azure AI Foundry Agents query Fabric Data Agents
April 28, 2025Managing PAC Script Configuration in Microsoft Edge
April 28, 2025
1. Need to enable logic app Managed Identity, and copy the Object ID
Logic app -> identity -> System assigned
2. Find the role related service principle ID and role ID:
For example, if we want to have a role: ‘WindowsDefenderATP.MachineIsolate’ roles
Reference: List servicePrincipals – Microsoft Graph v1.0 | Microsoft Learn
Method: Get
URL: https://graph.microsoft.com/v1.0/servicePrincipals?$filter=displayName eq ‘WindowsDefenderATP’
3. Copy The Id
4. Searching “Machine.Isolate”, Copy role ID: (make sure you are copying the one which Origin is “Application”
5. Invoke a Post request to grant permission:
Reference: List appRoleAssignments granted for a service principal – Microsoft Graph v1.0 | Microsoft Learn
Method: POST
URL:https://graph.microsoft.com/v1.0/servicePrincipals/(replace This with your identity’s ID from Step1)/appRoleAssignedTo
Body: { “principalId”: “(replace This with your identity’s ID from Step1)”, “resourceId”: “(replace this ID with your own ID got from step 3)”, “appRoleId”: “(replace this ID with your own ID got from step 4)” }
If execute successfully, you will see the permission is added to your system assigned managed identity.