Forum Discussion
Revoke all Graph write permission for an Enterprise Application in Azure AD
Hello, I have a enterprise application registered in my tenant which is having delegated permission consented by Global Admin(Me). I have below permission for enterprise App Graph: User.Read...
Correct.
Do you see the list of permissions by running this?
$app = Get-AzureADServicePrincipal | Where-Object {$_.DisplayName -eq "ShareGate migration tool 2.0"}
Get-AzureADOAuth2PermissionGrant | Where-Object {$_.ResourceId -eq $app.ObjectId}
Do you see the list of permissions by running this?
$app = Get-AzureADServicePrincipal | Where-Object {$_.DisplayName -eq "ShareGate migration tool 2.0"}
Get-AzureADOAuth2PermissionGrant | Where-Object {$_.ResourceId -eq $app.ObjectId}
No, The object returned for above command is empty. As Get-AzureADOAuth2PermissionGrant does not have any OAuth2PermissionGrant which matched $app.ObjectId