Skip to content

Instantly share code, notes, and snippets.

@rkhan99e

rkhan99e/azureinfo.md

Created March 17, 2024 13:06
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save rkhan99e/791f8503fd71f6867305f66788d4bc0a to your computer and use it in GitHub Desktop.
Save rkhan99e/791f8503fd71f6867305f66788d4bc0a to your computer and use it in GitHub Desktop.
Download ZIP
Azure Entra ID Knoweldge
Raw
azureinfo.md

App registration permissions

There are two permissions available for granting the ability to create application registrations, each with different behavior.

microsoft.directory/applications/createAsOwner: Assigning this permission results in the creator being added as the first owner of the created app registration, and the created app registration counts against the creator's 250 created objects quota.
microsoft.directory/applications/create: Assigning this permission results in the creator not being added as the first owner of the created app registration, and the created app registration won't count against the creator's 250 created objects quota. Use this permission carefully, because there's nothing preventing the assignee from creating app registrations until the directory-level quota is hit. If both permissions are assigned, this permission takes precedence.
@rkhan99e
Copy link
Author

Microsoft Identity Platform

https://learn.microsoft.com/en-us/entra/identity-platform/v2-overview

Microsoft Azure RBAC documentation

https://learn.microsoft.com/en-us/azure/role-based-access-control/

Microsoft Entra roles documentation

https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment