AdminAzure AD Team (Product Manager, Microsoft Azure)

My feedback

  1. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    planned  ·  2 comments  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment

    It totally makes sense. We don't have an explicit option in the Azure AD portal or APIs to export service principals (Enterprise apps) and app objects (App registration), but you could use the servicePrincipal APIs (https://docs.microsoft.com/en-us/graph/api/resources/serviceprincipal?view=graph-rest-1.0) and application API (https://docs.microsoft.com/en-us/graph/api/resources/application?view=graph-rest-1.0) to retrieve the information store there with all its dependencies.

    Current limitations I can think of:
    - You can't export secrets. Only the public part can be exported
    - Some SAML related settings for service principal (Enterprise apps). Settings like PreferredSingleSignOnMode, ApplicationTemplateID, singleSignOnSettings. Since this are new properties expose in the resource, we're working on a mechanism to expose these properties from existing apps created before this year.
    - Claims mapping policies created via UI. We also have a work item for exposing the policies.

    Let me know if you see any other gap using those APIs.

    Luis

  2. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
    AdminAzure AD Team (Product Manager, Microsoft Azure) shared this idea  · 
  3. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
    AdminAzure AD Team (Product Manager, Microsoft Azure) shared this idea  · 
  4. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
    AdminAzure AD Team (Product Manager, Microsoft Azure) shared this idea  · 
  5. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
    AdminAzure AD Team (Product Manager, Microsoft Azure) shared this idea  · 
  6. 9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →
    AdminAzure AD Team (Product Manager, Microsoft Azure) shared this idea  · 
  7. 7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    An error occurred while saving the comment
    AdminAzure AD Team (Product Manager, Microsoft Azure) commented  · 
  8. 25 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for your feedback, some of the suggestions are already available:

    - Ability to rename applications
    - Provide visibility of what users created an application: You can use audit activity reports: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-activity-audit-logs

    Regarding the other suggestions, I’ll update this once it’s a planned feature. In the meantime, keep the voting coming so we can prioritize this higher.

    /Luis
    Program Manager

    An error occurred while saving the comment
    AdminAzure AD Team (Product Manager, Microsoft Azure) commented  · 

    Regarding "Allow applications in Azure AD to be organised into folders so business units who work in this space can 'claim' applications" - We are exploring enabling tagging applications. Would a capability where we allow free-form tagging be helpful to address this? That way you can "tag" applications based on the business unit.

    /Arvind
    Program Manager

Feedback and Knowledge Base