get appRoleAssignment permission description from REST API

Question

How can I get the permission descriptions of service principal appRoleAssignment based on it's appRoleId or all the list of existing permissions?

I've found this list of AAD available application permissions, but I want to get all the information like I can get it in UI. This is a sample of response that I get from the call

{
            "appRoleId": "0e41f393-f9db-4450-91db-ae2269384572",
            "createdDateTime": "...",
            "deletedDateTime": null,
            "id": "...",
            "principalDisplayName": "...",
            "principalId": "...",
            "principalType": "ServicePrincipal",
            "resourceDisplayName": "Windows Azure Active Directory",
            "resourceId": "..."
        }

Answer 1

You can do it and get the results from Graph API as below: -

Step 1: Get the id’s of assigned roles with Microsoft Graph API. In below picture user is assigned with 3 Assigned Role.

Graph API: https://graph.microsoft.com/beta/rolemanagement/directory/roleAssignments?$filter=principalId eq ‘Object ID’

Step 2 : Now take each roleDefinationID separately to get the AssignedRole's Name. Using this MS Graph API.

https://graph.microsoft.com/beta//roleManagement/directory/roleDefinitions/{id}

Refernce : https://learn.microsoft.com/en-us/graph/api/unifiedroledefinition-get?view=graph-rest-beta&tabs=http

Answer 2

The only way that I found is to get all service principals and then filter on "appOwnerOrganizationId": "f8cdef31-a31e-4b4a-93e4-5f571e91255a". This is the id of microsoft and then to get role name from appDisplayName permissions from appRoles.