When setting up the Workday Accounts connector, we noticed that inorder to read the COMMENT (description) and DESCRIPTOR (name) of the entitlements, it is necessary to use OAuth 2.0. Currently we had it set up and working with Basic Auth, but it was not pulling in those 2 fields.
We are currently reconfiguring it to use OAuth 2.0, and have a user configured, but in looking at the permissions, I am seeing that Modify Access is needed to Fetch these two fields, not just read. See #4 in the documentation: OAuth 2.0 Authentication
Is there a reason that Modify Access is needed to Fetch these 2 fields, or will Read work. We do not plan to write back to these fields, and just want to bring in the Description values for the USER_BASED_SECURITY_GROUP entitlements.