stackoom
  简体   繁体   中英

Is there a role that allows me to access the app page (after app registration) to manage the app related info? I'm not admin

 原文  2020-12-28 06:49:43       azure/ azure-active-directory

Question

Understand that there is control on Azure portal that allow non-admin to register app but admin are not opening up the access to all people. Is there a way that admin give me access to the app that I own? I need to perform tasks and going through admin is taking substantial overhead.

3 answers

solution1
 1 ACCPTED  2020-12-28 09:21:59

If you are just a general user and own the registered app, you can access and manage it without any specific role.

Make sure the admin team add you as the owner of the registered apps.

solution2
 0  2020-12-28 07:46:19

You could grant/get yourself granted one of the below roles:

Application Administrator:

Users in this role can create and manage all aspects of enterprise applications, application registrations, and application proxy settings.

Cloud Application Administrator:

Users in this role have the same permissions as the Application Administrator role, excluding the ability to manage application proxy.

solution3
 0  2023-01-20 12:47:28

This problem is due to the following:

If the user setting " Restrict access to Azure AD administration portal " is set to Yes, non-admin users will not be able to use the Azure portal to manage the applications they own.

Owned application registrations shows Application Owners only get Update , Delete , and Restore permissions, without any corresponding Read access!

The official solution is to add the Application Owners to the Directory Readers role, which likely gives you more access than is really required:

Directory Readers

Users in this role can read basic directory information. This role should be used for:

  • Granting a specific set of guest users read access instead of granting it to all guest users.
  • Granting a specific set of non-admin users access to Azure portal when "Restrict access to Azure AD portal to admins only" is set to "Yes".
  • Granting service principals access to directory where Directory.Read.All is not an option.

Your admins can however create a new custom role , for example:

Name: Application Reader

Permission Description
microsoft.directory/applications/standard/read Read standard properties of applications.

You should then be able to access the App Registrations page, while only being able to amend the apps you own.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Azure AD add App Role in App Registration using REST API I have a problem with my permissions. i'm grant role App Engine Deployer but error i'm not has role App Engine Deployer How do I create a login feature for my iOS app that only allows authorized users (determined by me) and does not include a "register account" feature Can't Access Admin Control Panel or Deploy App Engine App Application to handle registration to Intercom on subsequent login after registration on my app in flutter Restore access to amplify app after aws-amplify-admin that performs the amplify operations accidentally deleted Trigger Angular app logic after Firebase notifications registration and device token Redirect to login page after logout in angular app What should be principal id while assigning role access to App? Azure App Registration "Roles and administrators"
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM