Home

Is there a REST API to revoke office 365 app permissions?

%3CLINGO-SUB%20id%3D%22lingo-sub-724384%22%20slang%3D%22en-US%22%3EIs%20there%20a%20REST%20API%20to%20revoke%20office%20365%20app%20permissions%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-724384%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20are%20using%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.npmjs.com%2Fpackage%2Fpassport-azure-ad%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.npmjs.com%2Fpackage%2Fpassport-azure-ad%3C%2FA%3E%26nbsp%3Bin%20our%20website%20and%20user%20has%20option%20to%20authenticate%20himself%20and%20grant%20permission%20of%20accessing%20contacts%20to%20our%20application.%20The%20problem%20happens%20when%20user%20delete%20%2F%20disconnect%20himself%20from%20our%20website%20and%20try%20to%20login%20again%20via%20office%20365%20account.%20This%20time%20office365%20still%20remembers%20the%20granted%20permission%20and%20doesn't%20ask%20to%20grant%20permission%20again.%20Is%20there%20a%20REST%20API%20we%20can%20hit%20to%20revoke%20the%20permission%20completely%3F%20Is%20there%20any%20way%20that%20we%20can%20programmatically%20revoke%20app%20permissions%20%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-724384%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAPI%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-725479%22%20slang%3D%22en-US%22%3ERe%3A%20Is%20there%20a%20REST%20API%20to%20revoke%20office%20365%20app%20permissions%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-725479%22%20slang%3D%22en-US%22%3E%3CP%3EShould%20be%20possible%20via%20the%20(beta)%20appRoleAssignments%20Graph%20endpoint%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fapi%2Fapproleassignment-delete%3Fview%3Dgraph-rest-beta%26amp%3Btabs%3Dcs%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fgraph%2Fapi%2Fapproleassignment-delete%3Fview%3Dgraph-rest-beta%26amp%3Btabs%3Dcs%3C%2FA%3E%3C%2FP%3E%0A%3CP%3EOr%20you%20can%20always%20use%20PowerShell.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-728004%22%20slang%3D%22en-US%22%3ERe%3A%20Is%20there%20a%20REST%20API%20to%20revoke%20office%20365%20app%20permissions%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-728004%22%20slang%3D%22en-US%22%3E%3CP%3EThank%20you!%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
sunder
New Contributor

We are using https://www.npmjs.com/package/passport-azure-ad in our website and user has option to authenticate himself and grant permission of accessing contacts to our application. The problem happens when user delete / disconnect himself from our website and try to login again via office 365 account. This time office365 still remembers the granted permission and doesn't ask to grant permission again. Is there a REST API we can hit to revoke the permission completely? Is there any way that we can programmatically revoke app permissions ?

2 Replies

Should be possible via the (beta) appRoleAssignments Graph endpoint: https://docs.microsoft.com/en-us/graph/api/approleassignment-delete?view=graph-rest-beta&tabs=cs

Or you can always use PowerShell.

Related Conversations