Forum Discussion
Azure Active directory activities - Understanding the meaning
Add app role assignment grant to user = when you add application persmission to an app registration. For example, when you add delegated Graph API permissions
Add delegated permission grant = when you add delegated persmission to an app registration. For example, when you add application Graph API permissions
Consent to application = when you add admin consent to that application
Thank you for the response. However when I performed the mentioned activities in my subscription, I could see they are tracked as below:
"Update Service principal" OR "Update Application"
What I want to see is the activity performed when it is tracked as below:
I have checked one scenario but other possibilities I can't reproduce.
Thanks
Finally I was able to reproduce the issue. Below are my findings for these AD logs:
Add app role assignment grant to user is generated when an app is assigned to a user from the Enterprise app blade. User can access these assigned apps from myapp portal.
Add delegated permission grant can be seen when user tries to access the app from myapp portal and get a consent page. User clicks on "allow" and an entry will recorded in the AD Audit logs. A delegated Graph permission is granted from App registration's API permission tab. Eg:
