#32371 Operational | P3 | Azure AD Privileged Role Assignment @ Artichoke Consulting - MSP Free

Created from Lead: https://artichoke.shield.syncromsp.com/leads/30472857/convert

[embedded image](https://www.blumira.com/)

Operational | P3 | Azure AD Privileged Role Assignment @ Artichoke Consulting - MSP Free

Blumira has detected Azure AD Privileged Role Assignment for Artichoke Consulting - MSP Free on 2025-02-10 05:19PM MST and triggered action Create Informational Finding for Responders.

Analysis:

An Azure AD Privileged Role has been assigned to the user or group [email protected] and [email protected] in your Azure Active Directory in the tenant 28657946-dbe0-492d-817f-ddba22c59fd6.

This could be one of a number of roles that have permission to make changes in Azure AD.

The role updates include:

NewValue.Role.TemplateId=62e90394-69f5-4237-9190-012177145e10, NewValue.SPN=https://securitycenter.microsoft.com/mtp;https://api-gcc.securitycenter.microsoft.us/;https://api.securitycenter.microsoft.com/;https://api-gcc.securitycenter.microsoft.us;https://securitycenter.microsoft.com/mtp/;https://api-uk.securitycenter.microsoft.com/;https://api-eu.securitycenter.microsoft.com/;https://api-us.securitycenter.microsoft.com/;https://api-gov.securitycenter.microsoft.us/;https://securityoperations.microsoft.com/;https://api.securitycenter.windows.us;https://publicapi-prd.trafficmanager.net;https://managementapi.securitycenter.windows.com;https://securitycenter.onmicrosoft.com/windowsatpservice/;https://api.securitycenter.windows.com;https://userrequestsgraphapiep-prd.trafficmanager.net/;fc780465-2017-40d4-a0c5-307022471b92;https://userrequestsgraphapiep-prd.trafficmanager.net;https://api.securitycenter.windows.com/;https://securitycenter.onmicrosoft.com/windowsatpservice;https://managementapi.securitycenter.windows.com/;https://publicapi-prd.trafficmanager.net/;https://api.securitycenter.windows.us/;https://securityoperations.microsoft.com;https://api-gov.securitycenter.microsoft.us;https://api.securitycenter.microsoft.com;https://api-us.securitycenter.microsoft.com;https://api-eu.securitycenter.microsoft.com;https://api-uk.securitycenter.microsoft.com, NewValue.ActorId.ServicePrincipalNames=https://securitycenter.microsoft.com/mtp;https://api-gcc.securitycenter.microsoft.us/;https://api.securitycenter.microsoft.com/;https://api-gcc.securitycenter.microsoft.us;https://securitycenter.microsoft.com/mtp/;https://api-uk.securitycenter.microsoft.com/;https://api-eu.securitycenter.microsoft.com/;https://api-us.securitycenter.microsoft.com/;https://api-gov.securitycenter.microsoft.us/;https://securityoperations.microsoft.com/;https://api.securitycenter.windows.us;https://publicapi-prd.trafficmanager.net;https://managementapi.securitycenter.windows.com;https://securitycenter.onmicrosoft.com/windowsatpservice/;https://api.securitycenter.windows.com;https://userrequestsgraphapiep-prd.trafficmanager.net/;fc780465-2017-40d4-a0c5-307022471b92;https://userrequestsgraphapiep-prd.trafficmanager.net;https://api.securitycenter.windows.com/;https://securitycenter.onmicrosoft.com/windowsatpservice;https://managementapi.securitycenter.windows.com/;https://publicapi-prd.trafficmanager.net/;https://api.securitycenter.windows.us/;https://securityoperations.microsoft.com;https://api-gov.securitycenter.microsoft.us;https://api.securitycenter.microsoft.com;https://api-us.securitycenter.microsoft.com;https://api-eu.securitycenter.microsoft.com;https://api-uk.securitycenter.microsoft.com, and 3 others

Finding ID: F-25-06-763F

Finding Data Source: Microsoft365 Azure AD
Replying to this email does not open a ticket or notify the support team. Please email [email protected] or comment within the Finding.

[Learn More](https://app.blumira.com/6d44dca3-0d61-456b-9eef-18981f6fb2fc/query/findings/763f2f15-38f2-417a-bd51-4a5cc2da2f4d)

[embedded image]

[email protected]
[206 E. Huron Street, Suite 106, Ann Arbor, MI 48104](#)

804316fe-82e1-4008-a04c-c57029bd8c3d

[embedded image]

Automation Blumira ran on this ticket. Actions: Change Status to New-Blumira