services / Azure / APIM identity providers
Identity provider configurations for an Azure API Management service, defining the external/federated authentication sources (AAD, OAuth, social logins) used to authenticate to the developer portal.
These configurations govern who can authenticate to the API Management portal and management surface; their secrets are usable IdP credentials.
Microsoft.ApiManagement/service/identityProviders/delete
Deleting an IdP configuration removes an authentication mechanism, disabling a defense and denying legitimate users their configured sign-in path.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog