Microsoft
7 years ago
Ability to Grant Permissions via API or Powershell
Azure AD allows you to create app registrations, define roles on them and give permissions to each other (as application identities). This way you can have a Web application talking to your API with its service principal and you can protect your API with roles.Service Principal creation, role definition and permission assignment can be done through Portal, Powershell and API. But in order to make Application Permissions (which requires admin consent) work, you need someone with Global Administrator role to go to Azure Portal and click Grant Permissions button (or do the same thing via OAuth prompt on your web apps). Right now there is no way to automatize Grant Permissions and it is a manual process at the moment. We confirmed this with the Microsoft Support and Product Teams as well.If this can be managed via Powershell or API, we would like to include it in our Automation Runbooks and take the work load off of our security teams.
Under Review
Developer Experiences(App Reg, App model and Permissions & Consent)Under Review
Company Response
Microsoft
Company Response
2 years agoThank you for the feedback! This is in the backlog and we are looking into this.
We don�t have an ETA yet, but we will share once we have one. Please keep voting
if this feature matters to you.
Vote
0 Comments