Minimal output from Get-AzureADGraphApps.ps1

Chris Clayton (STLCC) 21 Reputation points
2021-08-20T19:19:20.263+00:00

I've tried running the script available at https://github.com/microsoft/AzureADGraphApps per the email sent out warning us that we're using the Azure Active Directory Graph (Azure AD Graph) and that it is set to be deprecated next year. Each time I run it, the only data I get back is a record for the account that executed the script. Per the documentation I ran it with a regular account as no special access was needed, but tried it again with an account that is an application administrator.

Does this mean we do not have anything making use of the AAD Graph, or that it isn't visible via Azure but something else could be making calls to it?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,466 questions
0 comments
Accepted answer
  1. Shashi Shailaj 7,581 Reputation points Microsoft Employee
    2021-08-21T16:58:41.44+00:00

    @Chris Clayton (STLCC) ,
    Yes you are correct . This exactly means that you do not have any applications which are using the old Azure AD graph API . It will be visible always when you check via this script . It is designed to check service principal permissions and it will be able to find the applications which are using graph API . You have already run this under a user with Application administrator and did not find anything which means you do not have any such app however you can run it again under any user with Global administrator privilege and that will give the script maximum access to find anything within the tenant . However that is not specifically required but will be more like a peace of mind. If you do not get any application as the output then that is perfect and you do not need to worry about anything .

    Hope this helps . Should you still have any query on this , do share the details . Please let us know and we will e happy to clarify further . In case the information provided is helpful , please do accept it as answer for improving the discoverability of this question in order to help other community members .

    Thank you .

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest