Identity should now register with same permissions as Identity Provider Search Service does today.
(Possible to double register IdPSS and Identity side by side as different applications: 'Identity Service' and 'Identity Provider Search Service')
The claims issuer registration of Identity gets the permissions: User.Read and Directory.Read.All.
The search registration of Identity gets the permissions: Directory.Read.All
Directory.Read.All is the permission IdPSS is currently registered with.
The script then writes to the registeredApplication section of the azuresettings.config file. The claims issuer registration is designated by the 'appName' of 'Identity Service' (same as today). The search registration portion of Identity is designated by the 'appName' of 'Identity Service Search' (Equivalent to IdPSS registration of 'Identity Provider Search Service' today).
Updates to registration script around Identity
Identity should now register with same permissions as Identity Provider Search Service does today. (Possible to double register IdPSS and Identity side by side as different applications: 'Identity Service' and 'Identity Provider Search Service')
The claims issuer registration of Identity gets the permissions: User.Read and Directory.Read.All. The search registration of Identity gets the permissions: Directory.Read.All
The script then writes to the registeredApplication section of the azuresettings.config file. The claims issuer registration is designated by the 'appName' of 'Identity Service' (same as today). The search registration portion of Identity is designated by the 'appName' of 'Identity Service Search' (Equivalent to IdPSS registration of 'Identity Provider Search Service' today).