Minimum Permissions for Entra ID RPC
Secret Server requires proper permissions to perform remote password changing (RPC). The privileged Delinea Secret Server RPC service principal used for RPC of an Entra ID user account secret, must be assigned to the User Administrator role.
-
Log into the Entra ID or Azure AD Portal (https://portal.azure.com).
-
Go to Microsoft Entra ID > Roles and Administrators.
-
Select the User Administrator role.
-
Click Add Assignments.
-
Search for the desired service principal. This is the account to give permissions to, in this case, the registered application.
-
Click Add.