services / Azure / Logic Apps API connection
A managed API connection (Logic Apps / connector instance) that stores the configuration and authentication binding linking workflows to a backend service.
Connections embed reusable backend credentials/OAuth tokens; secret material is exposed only via dedicated listsecrets/listconnectionkeys actions, while the resource itself supports a single integration function.
Microsoft.Web/apimanagementaccounts/apis/connections/listConnectionKeys/action
A listKeys-style action returning the connection's runtime access keys, reusable credential material an attacker redeems to invoke the connection and pivot into the linked backend service.
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Links
Contributed by P0 Security