Jun 11 2024 11:01 PM
Hi,
is there any way to access (get/set) app centric permissions from GraphAPI or any other API? Our usecase is that we want to set the configuration programatically and also assign groups to specific apps without using the admin.teams portal.
Best Regards
Lars
Jun 12 2024 10:25 PM
@LarsSchw -
We can set app management policies using the Graph API. You can check the following document for this.
appManagementPolicy resource type - Microsoft Graph v1.0 | Microsoft Learn
Please let us know if this is what you are looking for or if it is not exactly what you want?
Jun 16 2024 11:11 PM
Jun 17 2024 01:05 AM
@Nivedipa-MSFTUnfortunately, this didn't work. Trying to get all app policies using Get-MgPolicyAppManagementPolicy gives an empty list. Although I configured access for a security group using app-centric management in Teams Admin (beware, permission policies are no longer used in the Teams Admin UI; groups have been assigned under "Manage Apps").
This is the code I used:
$body = @{
Grant_Type = "client_credentials"
Scope = "https://graph.microsoft.com/.default"
Client_Id = $appid
Client_Secret = $secret
}
$connection = Invoke-RestMethod `
-Uri https://login.microsoftonline.com/$tenantid/oauth2/v2.0/token `
-Method POST `
-Body $body
$token = $connection.access_token | ConvertTo-SecureString -AsPlainText -Force
Connect-MgGraph -AccessToken $token
$catalog = Get-MgAppCatalogTeamApp -ExpandProperty "AppDefinitions" -Property "AppDefinitions"
$catalog | ConvertTo-Json -Depth 50 | Out-File -FilePath c:\temp\appcatalog.json
$policy = Get-MgPolicyAppManagementPolicy
$policy | ConvertTo-Json -Depth 50 | Out-File -FilePath c:\temp\appPolicy.json
Jun 17 2024 11:11 PM
Jun 19 2024 03:08 AM