Getting blank while fetching Delegated permissions of Service Principal via PowerShell

Question

I am trying to get the list of delegated permissions that I granted to Service principal by querying via PowerShell like below:

Get-AzureADOAuth2PermissionGrant | Where-Object { $_.ClientId -eq  'myappclientid' } | Select-Object -Property *

But I am getting blank in response.

I can see the Service principal permissions in my Azure Portal. But still, I'm facing the same error.

Can anyone help me out with what am I missing here?

I'm giving ObjectID of my application registered in Azure AD like this:

Answer 1

Please note that when you are registering application in Azure AD it automatically creates a Service Principal under Enterprise Applications with same name but with different object_id

Make sure to pass that object_id of your Enterprise application not your registered application like below:

Go to Azure Portal -> Azure Active Directory -> Enterprise Applications -> Your Application -> Overview

I tried to reproduce the same in my environment and got the below results:

When I passed object_id of registered application in the query like below I got the same response like below:

When I passed the object_id of Enterprise application, I got the delegated permissions successfully like below:

References:

Apps & service principals in Azure AD - Microsoft Entra | Microsoft Docs

azure - How to list Service principal permissions using powershell - Stack Overflow by fabrisodotps1