Hi, does anyone know the equivalent command or method to add app api permissions using the graph module instead of the Az or Azure modules?
When I grant permissions with New-MgServicePrincipalAppRoleAssignment
or New-MgOauth2PermissionGrant
before adding them to the list, they go to the bottom part to the “other permissions” and can’t find how to do this. If I run the below command before granting permissions, it works fine.
Thanks.
$myApp = New-AzureADApplication -DisplayName $appName
# equivalent to this
$req = New-Object -TypeName "Microsoft.Open.AzureAD.Model.RequiredResourceAccess"
$req.ResourceAppId = "00000003-0000-0000-c000-000000000000"
$req.ResourceAccess += $reqPermissions | ForEach-Object { New-Object -TypeName "Microsoft.Open.AzureAD.Model.ResourceAccess" -ArgumentList (@("7438b122-aefc-4978-80ed-43db9fcc7715","Role")) }
Set-AzureADApplication -ObjectId $myApp.ObjectId -RequiredResourceAccess $req