Forum Discussion

Niamatullah_Faizi's avatar
Niamatullah_Faizi
Copper Contributor
Jul 11, 2023

unused azuread apps

Hello everyone,

 

I'm new in this community and happy to join.

 

I am wanting to create an script using as cli module to export/report of all unused apps for the last 3 months in AzureAD.

 

Thank you in Advance,

 

Kind Regards,

 

  • kevkelly's avatar
    kevkelly
    Brass Contributor

    Niamatullah_Faizi 

     

    You could use Azure Active Directory (Azure AD) recommendations and the preview feature Remove unused applications to list applications within your tenant that haven't been used in the past 30 days (these are applications that have not been issued any tokens).

     

    If you want to use PowerShell to query this information, one way would be to use the Microsoft Graph beta cmdlets: Get-MgBetaDirectoryRecommendation and Get-MgBetaDirectoryRecommendationImpactedResource

     

    You'd need to ensure that you have the relevant modules installed:

    Install-Module -Name Microsoft.Graph.Beta.Identity.DirectoryManagement

    Along with connecting to Graph and the appropriate scope:

    Connect-MgGraph -Scopes DirectoryRecommendations.Read.All

    You could then pull the list of stale applications:

    $staleApps = Get-MgBetaDirectoryRecommendation -Filter "recommendationType eq 'staleApps'"
    Get-MgBetaDirectoryRecommendationImpactedResource -RecommendationId $staleApps.Id

     

    • Niamatullah_Faizi's avatar
      Niamatullah_Faizi
      Copper Contributor
      kevkelly, Thanks a lot, FYI

      Can I have script for az cli modules for the same process? because only I can use az cli

      thank you

Resources