Hi All, I have exported a csv file by running Get-OrganizationAddIn cmdlet script , but with that file i am not able to find out the owners of these integradted apps. Now i am importing this CSV file into Get-AzureADApplication cmdlet but i am unable to list any results by using the filter for ServicePrincipalObjectID , I am thinking just because it is going through thousands of applications within the tenant, so any help would be really helpful. Below is the snippet:
Is there a reason you are using -all?I know Get-AzureADApplication (AzureAD) | Microsoft Learn suggests you can use that with ObjectID, but I don’t think that works, at least based on my quick testing, it errors out when also specifying an objectID. Also, I don’t know why anyone would want to do that. If you are providing an ObjectID (a unique identifier of an application) it seems counter intuitive to also request all the applications, so I don’t think those are meant to work together.
I’ve not used the Get-OrganizationAddIn cmdlet, but you may want to take a closer look at the ServicePrincipalObjectId. The cmdlet you are using, Get-AzureADApplication, gets a list of azure applications (application registrations). These are not the same as service principals (enterprise applications). I have a feeling that the cmdlet you are using to get service principal Object IDs is potentially getting the object ID of the service principals. If so I think you’ll need to figure out if you’re wanting the enterprise app or the app registration. The entities are often tied together and there are quite a few articles that explain the difference, though it is admittedly confusing.
Side note: I’d like to using Graph instead of AzureAD, just because they are phasing that module out. that said it still works for a lot of things and the barrier to entry is quite a bit less than graph.