Question 197521 in Azure Question posted in
The official documentation to get you started can be found here.

Retrieve App Owners from Azure Portal App Registration using Microsoft Graph API and REST Method

I am trying to retrieve app owners from Azure Portal App Registration under the Manifest using the Microsoft Graph API and REST Method via a PowerShell script. I am using a service principal account (client secret key), tenant, and client ID (app ID) to authenticate to the Graph API.

Here is the code for getting specific app info:

Invoke-RestMethod -Uri "https://graph.microsoft.com/v1.0/applications?$filter=appId eq 'appIdhere'" -Headers $headers -Method GET

I am using the following request headers and body:

$requestBody = @{
"grant_type"    = "client_credentials"
"client_id"     = $clientId
"client_secret" = $clientSecret
"scope"         = "https://graph.microsoft.com/.default"
}

$headers = @{
Authorization = "Bearer $accessToken"
}

However, this code above works only on the graph. Please see the documentation below. (I used the /applications endpoint and it still works with the reference below)
Microsoft Graph API – List owners of a service principal

I want to use the URL mentioned above to access the application manifest under App Registration Azure Portal, but the URL retrieves all the applications from the Azure Portal instead of just the specified one from the URL when using Invoke-RestMethod from PowerShell ISE.

I would like to request assistance on how to retrieve specified information under this URL: "https://graph.microsoft.com/v1.0/applications?$filter=appId eq ‘f059f748-6b42-46ec-8d5b-23a0fee126ee’". Thank you in advance to those who will assist.

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    Updated: I've figured out what I am looking for.

    To access the manifest data from the applications of App Registration on Azure Portal - you may use this url endpoint below.

    https://graph.microsoft.com/v1.0/applications/ObjectIDofApphere/?=manifest

    I am not so sure how I'd figured this out and I am looking for any reference for this endpoint above from the microsoft graph but it shows the manifest data of the application, be sure to put the objectID next to applications/

    For the permissions, I do have these permissions below

    List of permissions


  2. 0

    I registered one Azure AD Application and added API permissions like below:

    enter image description here

    Now, I added below users as Application owners for the Application:

    enter image description here

    To retrieve App Owners from Azure Portal App Registration under the Manifest using the Microsoft Graph API, you can use below query:

    GET https://graph.microsoft.com/v1.0/applications/<AppID>/owners

    To get the same results by invoking REST API using PowerShell, you can execute below script:

    $requestbody = @{
    client_id = "ClientID"
    client_secret = "ClientSecret"
    scope = "https://graph.microsoft.com/.default"
    grant_type = 'client_credentials'
}
$AccessToken = Invoke-RestMethod -Uri "https://login.microsoftonline.com/TenantID/oauth2/v2.0/token" -Method Post -Body $requestbody
$token = $AccessToken.access_token
$query = "https://graph.microsoft.com/v1.0/applications/AppID/owners"
(Invoke-RestMethod -Headers @{Authorization = "Bearer $($token)"} -Uri $query -Method Get).value | select id

    When I ran the script, I got the Object IDs of the Application owners in the response like below:

    enter image description here

    Reference:
    List owners – Microsoft Graph v1.0 | Microsoft

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search