Share via

How to view the list of all enterprise applications with the owner, user and date created in azure?

JYLVEN TARRAJA 80 Reputation points
2025-01-22T07:40:34.9666667+00:00

Please asking for your help on this on how to generate a report with all the list of enterprise application in Microsoft Entra with the owner, user and date created?, Anyone who can share on this solutions.

Thank you

Microsoft Security | Intune | Application management
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Graph
0 comments
Accepted answer
  1. Kavya 490 Reputation points
    2025-01-22T13:20:00.6666667+00:00

    You can run the below script to get the required details.

    Connect-MgGraph -Scopes "Application.Read.All" 
Get-MgServicePrincipal -All | foreach {
 $EnterpriseAppName=$_.DisplayName 
 $Id=$_.Id
 [DateTime]$CreationTime=($_.AdditionalProperties.createdDateTime)
 $CreationTime=$CreationTime.ToLocalTime()
 $Owners=(Get-MgServicePrincipalOwner -ServicePrincipalId $Id).AdditionalProperties.userPrincipalName
 $Owners=$Owners -join ","
 $ExportResult=[PSCustomObject]@{'Enterprise App Name'=$EnterpriseAppName;'App Id'=$Id;'App Owners'=$Owners;'App Creation Time'=$CreationTime}
  $ExportResult | Export-Csv -Path D:/EnterpriseAppReport.csv -Notype -Append}

    In case you need additional properties like sign-in status, app origin (whether the app is hosted in the home tenant or an external tenant), role assignments, etc., use this script to generate more detailed report: https://github.com/admindroid-community/powershell-scripts/blob/master/GetEnterpriseAppsReport.ps1

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marti Peig 970 Reputation points Microsoft Employee
    2025-01-22T09:10:47.9566667+00:00

    Hi JYLVEN TARRAJA

    The following should return what you need, or you can use it as a starting point.

    # Connect to Microsoft Graph
Connect-MgGraph -Scopes ("Application.Read.All")
# Get all Service Principals (Enterprise applications)
$servicePrincipals = Get-MgServicePrincipal -All
foreach ($sp in $servicePrincipals) {
    
    # Get Application Owners
    $appOwners = [System.Collections.ArrayList]@()
    $ofs = ";"
    $appOwnersIds = Get-MgServicePrincipalOwner -ServicePrincipalId $sp.Id -ErrorAction SilentlyContinue
    if ( $appOwnersIds.count -gt 0 ) {
        $appOwnersIds | ForEach-Object {
            try {
                $ownerDisplayName = (Get-MgUser -UserId $_.Id -ErrorAction SilentlyContinue).DisplayName
                $appOwners.add($ownerDisplayName) | Out-Null
            }
            catch {
                $appOwners.add("Invalid Owner") | Out-Null
            }
            
        }
    }
    Else {
        $appOwners.add("None") | Out-Null
    }
    # Get Application Users
    $appRoleAssignments = Get-MgServicePrincipalAppRoleAssignedTo -ServicePrincipalId $sp.Id -ErrorAction SilentlyContinue
    # Construct report data
    $reportData = [PSCustomObject]@{
        "Application Name"  = $sp.DisplayName
        "Application ID"    = $sp.AppId
        "Created Date"      = [String]$sp.AdditionalProperties.createdDateTime
        "Owners"            = [String]$appOwners
        "Users"             = ($appRoleAssignments | ForEach-Object { $_.PrincipalDisplayName }) -join ", "
    }
# Output or append to a CSV file
$reportData | Export-Csv -Path "C:\temp\service-principals-report.csv" -Append -NoTypeInformation
}

    As usual, if this answers your query, do click Accept Answer and Yes for what if this answer was helpful. And, if you have any further queries do let us know. 

    I hope it helps

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.