Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#Get a access Token
$tokenResponse = az account get-access-token --resource-type ms-graph | convertFrom-Json
#Get all App Role Assignment Permission for the Service prinipal ObjectId.
$apiUrl = "https://graph.microsoft.com/v1.0/servicePrincipals/$ServicePrincipalObjectId/appRoleAssignments"
$appRoleAssignmentCollection = @(Invoke-RestMethod -Uri $apiUrl -Headers @{Authorization = "Bearer $($tokenResponse.accessToken)" } -Method GET -ContentType "application/json").value
$appRoleAssignmentCollection | ForEach-Object {
$appRoleAssignment = $PSItem
$deleteApiUrl = "$apiUrl/$($appRoleAssignment.id)"
Invoke-RestMethod -Uri $deleteApiUrl -Headers @{Authorization = "bearer $($tokenResponse.accessToken)" } -Method Delete -ContentType "application/json"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment