azurepowershellchartsazure-active-directory
Get display name for App Ids in Azure conditional access policies
Getting all the CA policies using,
$uri = "https://graph.microsoft.com/beta/identity/conditionalAccess/policies"
$response = Invoke-MgGraphRequest -Uri $uri -Method GET -Headers $CustomHeader -OutputType PSObject
Property, for example,
$response.value[0].conditions.applications.includeApplications
list App Id, not the App display name.
Get-MgApplication -all
Only returns custom applications and not Azure default Apps. Found this link, https://github.com/emilyvanputten/Microsoft-Owned-Enterprise-Applications/blob/main/Microsoft%20Owned%20Enterprise%20Applications%20Overview.md Helpful but not complete.
Any ideas on how to get the Azure default app list using Graph or (Azure) PowerShell module?
Thanks ...
Solution
I have few conditional access policies that included with applications like this:
To get these display names for App IDs in all Azure Conditional Access policies, you can make use of below sample PowerShell script:
$uri = "https://graph.microsoft.com/beta/identity/conditionalAccess/policies"
$response = Invoke-MgGraphRequest -Uri $uri -Method GET -Headers $CustomHeader -OutputType PSObject
$AppIds = @()
# Iterate through each policy to extract application IDs
foreach ($policy in $response.value) {
$applicationIds = $policy.conditions.applications.includeApplications
$AppIds += $applicationIds | Where-Object { $_ -notin $AppIds }
}
$output = @()
foreach ($appId in $AppIds) {
$servicePrincipals = Get-MgServicePrincipal -Filter "appId eq '$appId'"
foreach ($sp in $servicePrincipals) {
$output += [PSCustomObject]@{
'Application DisplayName' = $sp.displayName
'AppId' = $sp.appId
}
}
}
$output | Format-Table -AutoSize
Response:
