How many nested objects(like users, Apps Registrations, Enterprise Applications etc.) we can add in Azure AD groups?

Manish Aery 1 Reputation point
2022-10-10T09:46:39.363+00:00

How many nested objects(like users, Apps Registrations, Enterprise Applications etc.) we can add in Azure AD groups?
For both type of groups:

  1. Security
  2. Microsoft
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,836 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,678 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,848 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Andreas Baumgarten 98,626 Reputation points MVP
    2022-10-10T09:58:02.333+00:00

    Hi @Manish Aery ,

    please take a look here (Category "Groups"): https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/directory-service-limits-restrictions

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten


  2. Akshay-MSFT 16,511 Reputation points Microsoft Employee
    2022-10-18T06:26:58.357+00:00

    Hello @Manish Aery ,

    Thanks for posting your query adding onto @Andreas Baumgarten , please be informed that we do not have hierarchy number limitation for nested group, but in some scenarios, the nested group is not supported.
    You can check in this document: Service limits and restrictions - Azure Active Directory | Microsoft Learn.

    Also please be informed that we currently don't support:

    • Adding groups to a group synced with on-premises Active Directory.
    • Adding Security groups to Microsoft 365 groups.
    • Adding Microsoft 365 groups to Security groups or other Microsoft 365 groups.
    • Assigning apps to nested groups.
    • Applying licenses to nested groups.
    • Adding distribution groups in nesting scenarios.
    • Adding security groups as members of mail-enabled security groups.
    • Adding groups as members of a role-assignable group.

    Thanks,
    Akshay Kaushik

    Please "Accept the answer" and "Upvote" if the above-mentioned suggestion works as per your business need. This will help us and others in the community as well.