Export Enterprise application with assigned groups

Vlad Toma 20 Reputation points
2023-03-06T16:18:54.01+00:00

Hi,

We're doing a cleanup of our Entr Apps (330 in total) and was looking for a way to export these apps with assigned groups included, so we can delete the ones that have no group assignments.

Thanks!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,355 questions
{count} votes

Accepted answer
  1. Shweta Mathur 27,141 Reputation points Microsoft Employee
    2023-03-07T10:05:28.9133333+00:00

    Hi @Vlad Toma ,

    Thanks for reaching out.

    You can use the Azure AD Graph API to retrieve all the service app role assignments for all enterprise applications and then filter the data to show only the enterprise applications that have group assignments

    Here is a sample script that retrieves all the service app role assignments for all enterprise applications and filters the data to show only the enterprise applications that have group assignments:

    $assignments = Get-AzureADServiceAppRoleAssignment -All $true 
    $assignments | Where {$_.PrincipalType -eq "Group"} | Select PrincipalDisplayName, PrincipalType, ResourceDisplayName, Resource | Export-Csv -Path "C:\temp\EnterpriseAppsWithGroups.csv" -NoTypeInformation
    
    

    You can then use the exported CSV file to delete the enterprise applications that have no group assignments.

    Hope this will help.

    Thanks,

    Shweta

    Please remember to "Accept Answer" if answer helped you.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Manu Philip 16,961 Reputation points MVP
    2023-03-06T17:07:46.92+00:00

    The following link can help you on finding the users and groups assigned to the AD Application

    Display users and groups assigned to an Application Proxy application


    --please don't forget to upvote and Accept as answer if the reply is helpful--

    0 comments No comments