Merge pull request #277640 from HeidiSteen/heidst-june7

prmerger-automator[bot] · web-flow · commit 82f8e2e662d6 · 2024-06-07T22:55:13.000Z
[azure search] RBAC note revision
diff --git a/articles/search/search-security-rbac.md b/articles/search/search-security-rbac.md
@@ -104,8 +104,8 @@ New-AzRoleAssignment -SignInName <email> `
 
 Role assignments are global across the search service. To [scope permissions to a single index](#rbac-single-index), use PowerShell or the Azure CLI to create a custom role.
 
-> [!IMPORTANT]
-> If you configure role-based access for a service or index and you also provide an API key on the request, the search service uses the API key to authenticate.
+> [!NOTE]
+> If you make a request, such as a REST call, that includes an API key, and you're also part of a role assignment, the API key takes precedence. For instance, if you have a read-only role assignment but make a request with an admin API key, the permissions granted by the API key override the role assignment. This behavior only applies if both keys and roles are enabled for your search service.
 
 #### [**Azure portal**](#tab/roles-portal)
 
