Hi @Desmond Sindatry
Creating an application registration does not require a built-in role, you need to grant the Application.ReadWrite.All
application permission to your service principal, then use the unattended client credentials flow to obtain an access token and call the create application API endpoint.
Hope this helps.
If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.