@Julian Sperling Thank you for reaching out to us, just wanted to check if you have referred to this https://learn.microsoft.com/en-us/graph/api/applicationtemplate-instantiate?view=graph-rest-1.0&tabs=http where it refers to adding an instance of an application from the Microsoft Entra application gallery into your directory via Graph Explorer with least privileged permissions. Let me know if this helps to achieve your ask, feel free to post back.
Is there a way to create a SAML Enterprise Application without Cloud App Administrator?
Julian Sperling
446
Reputation points
Creating a SAML SSO Application can currently only be done by using the Application Template from the gallery, however if an "Application Developer" tries to add an app the button is greyed out:
This is due to missing "microsoft.directory/applicationTemplates/instantiate" permissions, but even if this permission is added to a custom role, the app is created, but the user is not an app owner, so he can't continue editing. Is there a Graph API way or anything similar to create a saml sso app, that does not involve granting full Cloud App Administrator Permissions?
Accepted answer
-
Givary-MSFT 28,491 Reputation points Microsoft Employee
2024-02-26T08:51:14.9233333+00:00