![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 73%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 99%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Hello Rajesh Gudibanda Nagaraja,
Yes, you will be able to delete Application owners using Application.ReadWrite.All delegated API permission but in delegated scenarios with work or school accounts, the signed-in user must be assigned a supported Microsoft Entra role or a custom role with a supported role permission. The following least privileged roles are supported for this operation.
- Hybrid Identity Administrator
- Cloud Application Administrator
- Application Administrator
Hence, you are getting the 403 error.
Only Application.ReadWrite.All delegated API permission isnt sufficient, the user must also have role assigned as stated above.
After assigning the role, you will be able to delete the Application owner successfully.
Reference:Remove application owner - Microsoft Graph v1.0 | Microsoft Learn
If the resolution was helpful, kindly take a moment to click on 
and click on Yes for was this answer helpful. And, if you have any further query do let us know.