Reputation: 1
Can't find Serviceprincipal in the List of Azure AD Roleassignements
I'm trying to get a List of all Members of an Azure AD Role with the Graph API. Users and Groups with that Role are displayed properly. But there should be a Service Principal with that Role as well, but i can't find it with the Graph API. Does anyone know why & maybe how to get the Serviceprincipal as well?
I tested both Endpoint-options: https://graph.microsoft.com/v1.0/directoryRoles/{ID}/members https://graph.microsoft.com/v1.0/directoryRoles/roleTemplateId={ID}/members"
The Setup in Azure Portal:
Upvotes: 0
Views: 419
Answers (1)
Reputation: 4610
To get the service principal with that role you can make use of below Graph Api query:
GET https://graph.microsoft.com/v1.0/servicePrincipals/your service_principal_id/appRoleAssignedTo
Make sure to have below permissions before running the query :
Note: That only active assignments will be displayed in response when you ran the above query.
To know more in detail, you can refer this article List appRoleAssignments granted for a service principal - Microsoft Graph v1.0 .
Upvotes: 0
Related Questions
- azure permission to create "service principal"
- Adding employee id to claims in azure AD, Add-AzureADServicePrincipalPolicy is giving does not exist error for service principal id
- Service Principal added as unknown in keyvault access policy
- How to view Azure Service Principal Group Memberships in Azure AD?
- Azure create servicePrincipal results in Insufficient privileges to complete the operation
- Azure Active Directory ServicePrincipal SecurityGroup AppRoleAssignment fails to resolve appRole
- Azure Service principal insufficient permissions to manage other service principals
- Could not create a service principal with the right permissions
- Execute Get-AzureRmRoleAssignment as Service Principal in Azure Powershell
- Unable to add Credential to a Service Principal in Azure AD