Azure App Registration "Roles and administrators"
Question
can anyone tell what "Roles and administrators" under App Registration (as well as Enterprise Application) is there for?
Seems that it always has "Cloud Application Administrator", but this role is NOT assigned to the service principal. I didn't find any documentation about it, maybe I'm missing something here.
Thank you!
1 answers
solution1
1 2023-01-27 14:15:49
Well, after searching/debugging for hours it seems that I just solved it a few minutes later when searching for a slightly different thing:
- Role assignments at the organization-wide scope are added to and can be seen in the list of single application role assignments.
- Role assignments at the single application scope aren't added to and can't be seen in the list of organization-wide scoped assignments.
So the Cloud Application Administrator is scoped to this app registration only. This also explains why I wasn't able to create SP's with this service principal (since it would need the organisation-wide assignment)
https://learn.microsoft.com/en-us/azure/active-directory/roles/view-assignments
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.