Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Addresses #552.
Ideally, we would want to query graph APIs to get the service principal associated with the specified application client ID.
We cannot do that at the moment, because the client application used to obtain an access token does not have the appropriate delegated permissions. We can add this in the future, but it would require defining our own first party application (which would also be required for #253).
Until then we need to remove the service principal retrieval and role assignment checking. The onus will now be on the user to specify the correct application client ID and secret, and ensure the service principal has access to the selected subscription. This is how the feature was originally designed, so it's not an excessively severe limitation.