Share via

App Registrations

Handian Sudianto 4,976 Reputation points
2023-02-15T01:20:59.9766667+00:00

Hello,

my user have owner roles but when navigate to the app registrations i got 'insufficient privileges to view application'. Anyone know why?

User's image

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,902 questions
0 comments
Accepted answer
  1. JamesTran-MSFT 36,631 Reputation points Microsoft Employee
    2023-02-15T18:59:37.41+00:00

    @Handian Sudianto

    Thank you for your post!

    From your issue, I understand that your user has the Owner RBAC role assigned but when you navigate to the Azure AD App Registrations page, you're receiving the insufficient privileges to view application error message.

    To better understand the reason why you're running into this error, you'll have to first understand the difference between Azure RBAC roles (i.e. Owner), and Azure AD RBAC roles (i.e. Global Admin). The difference between these two role-based access control systems is:

    • Azure AD roles control access to Azure AD resources such as users, groups, and applications using the Microsoft Graph API
    • Azure roles control access to Azure resources such as virtual machines or storage using Azure Resource ManagementUser's image

    To resolve your issue, as shared by Dillon - you'll need to Assign the appropriate Azure AD role(s) to your user.

    1. Sign in to the Azure portal or Azure AD admin center.
    2. Select Azure Active Directory > Roles and administrators to see the list of all available roles.
    3. Find the role you need. Note: You can filter by Service: Application to get the roles able to manage App Registrations.
    4. Select Add assignments and then select the users you want to assign to this role.
    5. Select Add to assign the role.User's image

    I hope this helps!

    If you have any other questions, please let me know. Thank you for your time and patience throughout this issue!

    1 person found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Dillon Silzer 57,491 Reputation points
    2023-02-15T03:15:33.2933333+00:00

    Hello,

    Please try assigning one of the three roles to your account:

    • Application Administrator: Users in this role can create and manage all aspects of enterprise applications, application registrations, and application proxy settings. This role also grants the ability to consent to delegated permissions, and application permissions excluding Microsoft Graph. Users assigned to this role are not added as owners when creating new application registrations or enterprise applications.
    • Cloud Application Administrator: Users in this role have the same permissions as the Application Administrator role, excluding the ability to manage application proxy. Users assigned to this role are not added as owners when creating new application registrations or enterprise applications.
    • Global Administrator

    If this is helpful please accept answer.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.