How can we improve Azure Active Directory?

Administrative control of apps registered to Microsoft Graph

It would be nice to allow administrators to reassign apps registered into their tenant. In a scenario where the AD account assigned as the single owner of an app is terminated, the registered application appears to continue working. *But* the only way I've been able to add a new owner to the app is to re-enable the account, reset the password to some known value, then log in under the terminated user's credentials.

Additionally, it would be beneficial to be able to restore deleted applications. As with reassigning apps, there's a workaround: register a new app then edit the code to use the new ID/secret. No matter how many "are you sure that you're sure" prompts you throw, accidents happen. So do non-accidents - an irate employee looking to sabotage systems and walk out could easily delete apps they own. The workaround is fairly time consuming and may require trial-and-error to get the proper app settings.

1 vote
Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)

We’ll send you updates on this idea

Lisa J shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)
Submitting...
  • Lisa J commented  ·   ·  Flag as inappropriate

    It appears that some of this functionality is in preview in the Azure portal Azure AD mgmt. I've got "App Registrations" that didn't show dev-registered apps and I've got "App Registrations (preview)" through which I am now able to manage the apps I'd registered. I don't see a way to restore incorrectly deleted apps, but that's a pretty rare scenario where "go register a new one" is a decent answer.

Feedback and Knowledge Base