SOLVED

How to list all Application API permissions for an app in Azure AD?

Occasional Contributor

I can use oauth2permissionsgrants in the Graph REST API or the Get-MgServicePrincipalOauth2PermissionGrant PS cmdlet to get the Delegated permission grants for an application (a service principal). But how do I get a list of all the Application permission grants for an application? 

 

Kimmo

2 Replies
best response confirmed by KimmoB (Occasional Contributor)
Solution
Use the relevant endpoints/cmdlets, in particular the App role assignments. Here's a sample script I wrote a while back: https://github.com/michevnew/PowerShell/blob/master/app_Permissions_inventory_GraphAPI.ps1
Hi Vasil - that was exactly what I was looking for, got the necessary information through Get-MgServicePrincipalAppRoleAssignment. Thanks a million! Kimmo