services / Azure / Static Site user
An application-level authenticated user (auth-provider invitation/role assignment) governing access to authenticated content of an Azure Static Web App.
App-scoped auth principals/roles for a single static site, not tenant directory identities.
Microsoft.Web/staticSites/authproviders/users/delete
Deleting a Static Site user removes that principal's role/account binding, denying the authorized user's access and destroying the app-level account.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security
© 2023–present P0 Security and contributors to the IAM Privilege Catalog