Shifting my OAuth application from one Microsoft Azure account to another.

M Integry 0 Reputation points
2023-03-16T09:58:21.18+00:00

Hello,

I am reaching out to request assistance with shifting my OAuth application from one Microsoft Azure account to another.

I currently have an OAuth application configured on my existing Azure account, but I would like to transfer it to a different Azure account. Can you please guide me through the necessary steps to accomplish this?

I appreciate your help in advance and look forward to hearing back from you soon.

Thank you.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,455 questions
{count} votes

1 answer

Sort by: Most helpful
  1. 2023-03-22T06:19:36.9733333+00:00

    Hello @M Integry there's not out of the box feature that helps you move an Azure AD application to a new tenant. You can however copy it using tools such as the Microsoft Graph API or the Microsoft Graph PowerShell SDK.

    Depending on your application settings, the process may not be straighfoward. Some properties, like appId, should not be copied, others like identifierUris or web should be added later. Ids assigend to app roles or scopes may be persisted provided the original application is removed. References to principals should also be excluded since they won't be available in the destination tenant.

    Connect-MgGraph -Scopes "Application.Read.All" -TenantId <source tenant id>
    $Application = Get-MgApplication -Filter "appId eq '<app id>'"
    
    Connect-MgGraph -Scopes "Application.ReadWrite.All" -TenantId <destination tenant id>
    $NewApplication=New-MgApplication -Api $Application.Api -AppRoles $Application.AppRoles # etc
    Update-MgApplication -ApplicationId $NewApplication.Id -Web $Application.Web # etc
    New-MgServicePrincipal -AppId $NewApplication.AppId
    
    # Optional: delete the source application
    Connect-MgGraph -Scopes "Application.Read.All" -TenantId <source tenant id>
    Remove-MgApplication -ApplicationId $Application.Id
    

    Let us know if you need additional assistance. If the answer was helpful, please accept it and rate it so that others facing similar issues can more easily find a solution.

    0 comments No comments