Forum Discussion
Azure AD v2.0 - administration and visibility
Hi,
I may be missing something here but as a Global Admin for Office 365 I have full visibility of the v1.0 applications, meaning I can see them and I can see the permissions that have been assigned for the application.
However, for the v2.0 endpoints I have no visibility of their permissions. As an admin I think this potentially dangerous.
Is there any way to have visibility of the permissions for v2 applications?
5 Replies
This question has been answered here: https://stackoverflow.com/questions/42244325/retrieve-application-permissions-of-a-service-principal-using-the-azuread-module
Not the most user friendly way though, maybe someone else has a better solution :)
Hello Terry,
Which portal you are using to add v2.0 enabled applications ?
Is it https://apps.dev.microsoft.com ..?
Regards,
Rishabh
Hi,
I'm not registering v2.0 applications, as an administrator I'm interested in seeing who is registering applications and the permissions they're requesting.
If I were to register a v2 application, I'd be following the documentation @ https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-app-registration which states the registration URL as https://apps.dev.microsoft.com/
regards
Terry
Hello Terry,
My bad for not getting the question from the previous query.
I tried checking more details and here is what I found :-
When the application is added from the "https://apps.dev.microsoft.com/portal/" portal, the application object is not created, whereas once the application is consented by either user or admin it starts getting listed in enterprise application as serviceprincipal.
Now in order to check the permission for any of the service principal you can run the below mentioned command on azure ad powershell.
Regards,
Rishabh
