Full AzureAD Applications Permission overview

So you’d like to know which applications are living in your AzureAD?

And you’d like to know which of those were added by your admins, and what permissions those applications have?

And you’d also like to know which applications your users are consenting to, and what rights those applications have on your users?

Look no further, I wrote a script to export all of that to Excel for you!

Application overview

Apps an admin has consented to and the type of rights it needs

Apps a user has consented to and the type of rights it needs

Apps to user mapping, for an easy overview of which user has consented to which app

Get it at:

Credits to Doug Finke for the Excel module I’m using!

 

1
Leave a Reply

avatar
1 Comment threads
0 Thread replies
1 Followers
 
Most reacted comment
Hottest comment thread
1 Comment authors
Ruth de Groot Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
Ruth de Groot
Guest
Ruth de Groot

I love the script, I needed to tweak it a little to get it running. Like you described get-azureRMtoken doesn’t work with MFA. Maybe you can add an extra parameter for MFA users that calls login-azurermaccount without credentials. I also got the following error with the export-excel function while exporting the application in line 65 of your script. Failed exporting data to worksheet ‘Applications’ to ‘c:\temp\report.xlsx’: Cannot find an overload for “TryParse” and the argument count: “4”. At C:\Program Files\WindowsPowerShell\Modules\ImportExcel\5.1.0\Export-Excel.ps1:671 char:17 + … throw “Failed exporting data to worksheet ‘$WorkSheetname … + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : OperationStopped: (Failed exportin…ent count:… Read more »