Getting blank while fetching Delegated permissions of Service Principal via PowerShell
I am trying to get the list of delegated permissions that I granted to Service principal by querying via PowerShell like below:
Get-AzureADOAuth2PermissionGrant | Where-Object { $_.ClientId -eq 'myappclientid' } | Select-Object -Property *
But I am getting blank in response.
I can see the Service principal permissions in my Azure Portal. But still, I'm facing the same error.
Can anyone help me out with what am I missing here?
I'm giving ObjectID of my application registered in Azure AD like this:
Please note that when you are registering application in Azure AD it automatically creates a Service Principal under Enterprise Applications with same name but with different object_id
Make sure to pass that object_id of your Enterprise application not your registered application like below:
Go to Azure Portal -> Azure Active Directory -> Enterprise Applications -> Your Application -> Overview
I tried to reproduce the same in my environment and got the below results:
When I passed object_id of registered application in the query like below I got the same response like below:
When I passed the object_id of Enterprise application, I got the delegated permissions successfully like below:
References:
Apps & service principals in Azure AD - Microsoft Entra | Microsoft Docs
azure - How to list Service principal permissions using powershell - Stack Overflow by fabrisodotps1
- How to create scope using Azure CLI (az ad app)
- Property 'onPremisesSyncEnabled' does not exist as a declared property or extension property
- TLS version issue is being raised while connecting to AzureAD using the Azure Functions
- Cannot find type [Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy] Error
- Azure AD - how to set app manifest properties programatically (accessTokenAcceptedVersion to v2 and signInAudience)?
- Retrieve last sign-in time of all guest users via PowerShell?
- Error occurred while executing GetServicePrincipalOAuth2PermissionGrants
- Grant admin consent failed for office 365 api permissions
- How can I read the mobile value from a B2C user record and transform it to a strongAuthenticationPhoneNumber?
- Getting blank while fetching Delegated permissions of Service Principal via PowerShell
- Authentication_Unauthorized while fetching list of applications in AAD
- Deleting an Application's AppRole in Azure Active Directory
- Unable to fetch ID of SharePoint API permissions
- Invalid value specified for property 'groupTypes' of resource 'Group'
- Is it possible to update the SignInNames of already existing users in Azure AD using Powershell
- Get all users for the Azure AD group in Azure CLI - 100 limit issue
- Get-AzureADMSPrivilegedResource comlet is failing with Gateway Timeout! <AzureADPReview module>
- Azure ad app - Updating manifest programmatically
- How do I get all the details of an Azure AD computer object?
- Bulk Azure AD Update
- Create Teams-room with DynamicMembership using PowerShell module
- Get Azure AD audit logs using Reporting API
- Add-AzureADApplicationPolicy: Error occurred while executing AddApplicationPolicy (Request_ResourceNotFound)
- Grant O365 Management API permissions to a managed identity
- Updating Multiple Users ADGroup by EmployeeID
- Updating Multiple Users to ADGroup
- Get-MsolUserRole Azure AD V2 cmdlet equivalent
- What are the EXACT perms needed to use Get-AzureRmRoleAssignment as an app via a ServicePrincipal
- Azure Graph 403 Authorization_RequestDenied using service principal from VSTS
- Creation of new AzureAD application with powershell