services / Azure / Logic App workflow run action request history

The recorded request/response payloads (HTTP bodies, headers, query parameters) that a Logic App workflow run action exchanged with endpoints during execution.

Request histories capture the actual data that flowed through the integration, frequently including sensitive business data and credentials carried in headers.


Microsoft.​Logic/​workflows/​runs/​actions/​requestHistories/​read

Reading the run action request history returns the concrete request/response payloads processed by the workflow, exposing sensitive integration data and any credentials in headers.

Risks

Scope: HIGH

This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.

Links

  • https:​/​/​azure.​permissions.​cloud/​iam/​Microsoft.​Logic
  • https:​/​/​learn.​microsoft.​com/​en-​us/​azure/​role-​based-​access-​control/​resource-​provider-​operations
  • Contributed by P0 Security

    © 2023–present P0 Security and contributors to the IAM Privilege Catalog