How can I set an AAD group as an owner on an AAD application?
Question
I'm provisioning a bunch of Azure Active Directory (AAD) apps, and would like the same set of users to be owners on all apps. I created an AAD group to put those users in, but when I tried to assign the group as the owner, I get an error:
> Add-AzureADApplicationOwner -ObjectId $app.ObjectId -RefObjectId $ownershipGroup.ObjectId
Add-AzureADApplicationOwner : Error occurred while executing AddApplicationOwner
Code: Request_BadRequest
Message: The reference target 'Group_<mygroupid>' of type 'Group' is invalid for the 'owners' reference.
Is my scenario not a supported one, or am I simply trying to do it in the wrong way? I'm not sure whether the error message is meant to be read as "reference target - which happens to be a group - is invalid" or "reference target is invalid because it's a group".
Thanks!
2 answers
solution1
0 2017-03-12 00:41:01
As this point in time, only Users can be assigned as application owners .
I'd recommend you add an entry in the Azure AD UserVoice forum to request this feature.
solution2
0 2017-03-13 08:50:34
Based on the official definition, the owners are a set of non-admin users who are allowed to modify this object.
If a request for a property that is not valid for a specific entity is sent, a 400 Bad Request response is returned.
Therefore, I think the owners currently only support for Users .
More information about properties for application entity, please see the article below.
Entity and complex type reference | Graph API reference
The feature requirement for supporting Azure AD group in application owner, has already been submitted in user voice website below.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.