Share via

Azure AD Access Review API

MS Techie 2,751 Reputation points
2023-09-07T18:27:29.6366667+00:00

Azure AD access reviews automatically apply the result for azure ad groups , but does not apply to onprem ad groups ( group write back feature from AAD to AD is disabled ). The powershell script approach that is available in the internet uses ADAL dll which is deprecated, instead of MSAL dll 1) Which access review API, helps me to get the result of access review . Give me exact api link please 2) Once i get the result,how will I know which group is onprem AD based and which group is from AAD ?

Microsoft Security | Microsoft Entra | Microsoft Entra ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Givary-MSFT 35,621 Reputation points Microsoft Employee Moderator
    2023-09-11T11:07:57.9+00:00

    @MS Techie Researched on your ask, here is the Access review API - https://learn.microsoft.com/en-us/graph/api/accessreviewset-list-definitions?view=graph-rest-1.0&tabs=http which will help to get the details of the Azure AD Access Review, however the information related to group whether it is onprem AD or Azure AD group, cant be found via this access review api, we can get the groups information via this API - https://learn.microsoft.com/en-us/graph/api/group-get?view=graph-rest-1.0&tabs=http only.

    Let me know if you have any further questions, feel free to post back.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.