services / Azure / Application Insights component token
GetToken returns a read access token (bearer credential) scoped to the Application Insights component's telemetry data plane.
The returned token is reusable credential material granting query access to the component's telemetry.
Microsoft.Insights/Components/GetToken/Read
Returns a usable access token for the component, exporting credential material an attacker can replay to read the telemetry data plane as that identity.
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog