Prompt
When creating or modifying APIs, always provide comprehensive documentation for authentication methods and prerequisites. For each authentication approach:
- Clearly state all supported authentication methods with explicit code examples
- Document the exact permissions required for each method
- Highlight any limitations or differences between authentication approaches
- Specify all prerequisite APIs or services that need to be enabled
- Include configuration requirements for billing and resource allocation
For example:
### Authentication Methods
#### Service Principal Authentication
```console
prowler microsoft365 --sp-env-auth
- Requires: Directory.Read.All, Policy.Read.All permissions
- Provides access to all service functionality
Browser Authentication
prowler microsoft365 --browser-auth --tenant-id "XXXXXXXX"
- Uses delegated permissions (assigned to user, not app)
- Limited to MS Graph API checks only
- Will not run all provider checks
Prerequisites
- Identity and Access Management (IAM) API must be enabled:
gcloud services enable iam.googleapis.com --project <your-project-id> - Quota project must be configured:
gcloud auth application-default set-quota-project <project-id>```
Complete authentication documentation helps users successfully implement your API while avoiding unexpected permission issues or missing dependencies.