Use the Roles and administrators tab, and more general, you can also create a custom role/scope as detailed here: https://learn.microsoft.com/en-us/azure/active-directory/roles/custom-enterprise-apps
Unable to assign the least amount of privilege access to Enterprise Application?
Hi People,
Can anyone here please explain as to why I cannot assign the least amount of privilege access to Enterprise Application as Contributor or read only role?
I can only see adding it as Owners:
Thank you in advance.
2 additional answers
Sort by: Most helpful
-
JamesTran-MSFT 36,626 Reputation points Microsoft Employee
2021-06-23T16:34:00.123+00:00 @EnterpriseArchitect
Thank you for your post!As Michev mentioned, you should be able to do this via the "Roles and Administrators" tab by copying your Enterprise Application's Object ID, searching for it within Roles and Administrators, and assigning the respective role(s) to your app.
For the screenshot you're sharing, the roles (App Admin, Reports Reader, etc.) within the App should be used for identities that need to manage that specific Enterprise App.
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.
-
EnterpriseArchitect 5,376 Reputation points
2021-06-24T02:09:10.303+00:00 That's great, thanks Vasil & James !