![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 80%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Azure Migrate
A central hub of Azure cloud migration services and tools to discover, assess, and migrate workloads to the cloud.
819 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 63%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
Hi Mishra,
Welcome to Microsoft Q&A Forum, thank you for posting your query here!
This issue happens when the Azure user account that was used to sign in from the appliance configuration manager is different from the user account that was used to generate the Azure Migrate project key on the portal.
References: below Microsoft link has how to implement in step-by-step process
Tutorial: Troubleshoot with Azure Monitor - Azure App Service | Microsoft Learn
https://learn.microsoft.com/en-us/azure/migrate/troubleshoot-appliance?tabs=windows
To create a project and register the Azure Migrate appliance, you must have an Azure account that has these permissions:
- Contributor or Owner permissions in the Azure subscription.
- Permissions to register Microsoft Entra apps.
- Owner or Contributor and User Access Administrator permissions at subscription level to create an instance of Azure Key Vault, which is used during agentless server migration.
Remediation: -
Ensure that you have the required permissions to create and manage Microsoft Entra applications in Azure. You should have the Application Developer role or the user role with User can register applications allowed at the tenant level.
- Ensure that the currently signed-in user account on the appliance has the required permissions on the key vault mentioned in the error message. The user account needs permissions as mentioned at this website.
- Go to the key vault and ensure that your user account has an access policy with all the Key, Secret, and Certificate permissions assigned under Key Vault Access Policy.
- If you enabled the appliance for private endpoint connectivity, ensure that the appliance is either hosted in the same virtual network where the key vault was created, or it's connected to the Azure virtual network where the key vault was created over a private link. Make sure that the key vault private link is resolvable from the appliance. Go to Azure Migrate: Discovery and assessment > Properties to find the details of private endpoints for resources like the key vault created during the Azure Migrate key creation.
- If you have the required permissions and connectivity, retry the registration on the appliance after some time.
If you have any further queries, do let us know.
-----------------------------------------------------------------------------------------------------
If the answer is helpful, please click "Accept Answer" and "Upvote it".