The “Application permissions” zeroes in on the consents (app role assignments) that apps require through admin consent, itemizing each specific permission granted to the apps.
In contrast to the “Service principal delegated permissions" report, where permissions for a single app might be concatenated into a single entry, this report adopts a different approach. Each entry in this report signifies an individual consent that has been delegated to either an enterprise app or an app registration. These are detailed under the “Permission (App role)” column. Consequently, permissions assigned to a single app are delineated across multiple entries, providing a granular view of the consents.
This structure ensures a clearer understanding of the specific permissions each app has been granted, facilitating a more detailed oversight of app roles and their respective permissions within your tenant.
Multi-permission filter
To search for multiple permissions simultaneously, use the filter in the “Permission (App role)” column. Simply select the permissions you need from the dropdown menu. This will display tailored results, speeding up your security checks.