May 24 2018
- last edited on
Jul 24 2020
I may be missing something here but as a Global Admin for Office 365 I have full visibility of the v1.0 applications, meaning I can see them and I can see the permissions that have been assigned for the application.
However, for the v2.0 endpoints I have no visibility of their permissions. As an admin I think this potentially dangerous.
Is there any way to have visibility of the permissions for v2 applications?
May 30 2018 01:51 AM
I'm not registering v2.0 applications, as an administrator I'm interested in seeing who is registering applications and the permissions they're requesting.
If I were to register a v2 application, I'd be following the documentation @ https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-app-registration which states the registration URL as https://apps.dev.microsoft.com/
May 30 2018 04:24 AM
This question has been answered here: https://stackoverflow.com/questions/42244325/retrieve-application-permissions-of-a-service-principal...
Not the most user friendly way though, maybe someone else has a better solution :)
May 30 2018 08:36 AM
My bad for not getting the question from the previous query.
I tried checking more details and here is what I found :-
When the application is added from the "https://apps.dev.microsoft.com/portal/" portal, the application object is not created, whereas once the application is consented by either user or admin it starts getting listed in enterprise application as serviceprincipal.
Now in order to check the permission for any of the service principal you can run the below mentioned command on azure ad powershell.