In this post, I am going to share Powershell script to find and retrieve the list of Azure AD Integrated apps (Enterprise Applications) with their API permissions. Also, list users who are authorized to use the app.
In Azure AD, the integrated apps or Enterprise applications are nothing but an instance (ServicePrincipal object) or mirror of the apps (Application object) which are generally published in other company tenants (or in your own tenant). We can use the Get-AzureADServicePrincipal cmdlet to fetch all the integrated apps.
List and add users in an Azure enterprise application via powershell
We have a few users to populate and I'm trying to
1) export the list of users and app roles for all azure enterprise applications via powershell.
I was able to retrieve the list of users
Get-AzureADServicePrincipal -searchstring "AWS engineering" | Get-AzureADServiceAppRoleAssignment|select Resourcedisplayname,Principaldisplayname
But haven't managed to pull down the appropriate app role assignment for each user
2) be able to populate the list via a csv file.