The Azure Active Directory is a service that provides you with an identity for your Microsoft Account. In order to use the services provided by Azure, you must have access to this account via the mechanism of using an AppReg name. If you don’t know how to find one or can’t get it because they’ve been taken away from your AD
The “azure application id lookup” is a command-line tool that allows users to find an AppReg name without access to Azure Active Directory.
Table of Contents
Why isn’t the AppRegistration name the Service Connection name in Azure Active Directory?
This was discovered by accident on the Azure DevOps interface.
I recommend that you go to one of the following categories for urgent assistance:
My intro
A Service Connection, also known as a Service Principal or AppRegistration in the Azure AD environment, is used in a YAML pipeline. We may access numerous Azure resources via this Service Connection.
I constructed an Azure Storage Container in our test environment to which I wanted to add files using the Service Connection and the Microsoft Graph API.
To upload files to an Azure Container, you’ll require the ‘Storage Blob Data Contributor’ permission on the Container itself. In Azure, you can only add Service Principals by inputting their entire names (and not with the AppId). I figured it would be the same name since I only had the Service Connection name on the Azure DevOps site, but that was not the case.
Without access to Azure Active Directory, how can you discover an AppReg name?
When your IT team has activated the Restrict access to Azure AD management interface option, you will no longer be able to view Objects in the Azure Active Directory because you will get an error.
You do not have permission to see this page. In the Azure portal, your administrator has blocked the App registrations experience. PowerShell or another client, such as Visual Studio, may still be used to register or administer apps.
The option that allows you to solve this issue is shown in the image below.
Without access to Azure Active Directory, how can you discover an AppReg name?
The following information is shown in the information bubble:
If you choose ‘No,’ a non-administrator may utilize this Azure AD administration portal experience to access Azure AD resources that the user has authority to view or manage. ‘Yes’ conceals Azure AD data from non-administrators via the administrative portal, but does not prevent access through PowerShell or another client like Visual Studio. Hiding Azure AD capabilities may assist prevent users from misconfiguring resources they control, but it offers no additional security protection.
This signifies that the information is accessible, but it is hidden on the Azure site.
When we look at the URL of the link, we find AppregistrationId.
Without access to Azure Active Directory, how can you discover an AppReg name?
- My website address is: https://portal.azure.com/3047d88e-63ee-4341-83a3-3086c6230826/#blade/Microsoft AAD RegisteredApps/ApplicationMenuBlade/Overview/appId/e98b0879-1716-4c1d-8e0e-ab970e3be1b2/isMSAApp/
- e98b0879-1716-4c1d-8e0e-ab970e3be1b2 is my AppId.
That’s fantastic because we now have an ID to look for in Azure Active Directory.
We can use the browser or PowerShell to do this.
Because not everyone wants or knows how to use PowerShell yet, I’ll teach you how to utilize it via the browser first. The PowerShell option is covered in the following section.
Show me where on the site I can discover an app registration.
We may search for Objects in the portal by going to the Azure Portal and opening the Azure Active Directory App there. It will still say you don’t have access, but you can utilize the Azure AD app’s search feature to discover things.
Without access to Azure Active Directory, how can you discover an AppReg name?
I may now add the service principal by name to Azure resources.
Show me how to use PowerShell to locate an app registration.
Start Powershell & import the AzureAD module.
You may use Connect-AzureAD to connect in with your usual user account and then use the cmdlet below to get the rest of the information.
-Filter Get-AzureADApplication “AppId eq ‘YOUR ID HERE’” “AppId eq ‘YOUR ID HERE’” DisplayName for AppId e98b0879-1716-4c1d-8e0e-ab970e3be1b2 BasWijdenesAppRegistration e98b0879-1716-4c1d-8e0e-ab970e3be1b2
Can I still view the Service Principals in AzureAD if I don’t know the DisplayName or AppId?
But what if you don’t have the DisplayName or AppId, but you can figure out which app registration you need only by looking at the DisplayName?
- Import or install the AzureAD module in PowerShell.
- Connect-AzureAD and your usual user account are used to log in.
- You can then use the cmdlet below to look for the app in the list.
Get-AzureADApplication -all $true AppId DisplayName ——- —————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————-
You can check whether your app is listed and if it has a name that is similar to it by looking at the DisplayName.
Related
To find the AppReg name without access to Azure Active Directory, you will need to use a tool called “azure app registration certificate authentication.”
Related Tags
- how to get client secret in azure portal
- azure app registration vs enterprise application
- how to get client id and client secret in azure portal
- app registration in azure active directory
- azure enterprise applications
