Jack Chen (jchen5)

My feedback

  1. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Jack Chen (jchen5) shared this idea  · 
  2. 5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Jack Chen (jchen5) supported this idea  · 
  3. 4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Jack Chen (jchen5) supported this idea  · 
  4. 8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    This API does exist and you can find it here:
    https://docs.microsoft.com/en-us/graph/api/serviceprincipal-list-approleassignments?view=graph-rest-beta&tabs=http

    Granted – this documentation can be massively improved. In the response you need to look at the principalType as it can be user, group or servicePrincipal. For your scenario, you can ignore servicePrincipal, but if a group is provisioned to an enterprise application, you’ll need to get the group’s direct group members (using GET ../groups/{id)/members) to find the users assigned (indirectly) to this enterprise application.

    An error occurred while saving the comment
    Jack Chen (jchen5) commented  · 

    ha!

    https://graph.microsoft.com/v1.0/servicePrincipals/<appid>/appRoleAssignedTo

    did what I need.

    Jack Chen (jchen5) supported this idea  · 
    An error occurred while saving the comment
    Jack Chen (jchen5) commented  · 

    The mentioned API doesn't really work for me.

    I have tried several enterprise applications owned by me, run

    GET https://graph.microsoft.com/beta/servicePrincipals/<app objectid>/appRoleAssignments

    The result is always
    {
    "@odata.context": "https://graph.microsoft.com/beta/$metadata#appRoleAssignments",
    "value": []
    }

    Those applications do have assigned groups .

Feedback and Knowledge Base