@@ -94,7 +94,40 @@ test adms2 iiiiiiii-aaaa-bbbb-cccc-jjjjjjjjjjjj jjjjjjjj-bbbb-cccc-dddd
9494
9595This example demonstrates how to get all applications from Microsoft Entra ID.
9696
97- ### Example 3: Get applications with expiring secrets in 30 days
97+ ### Example 3: Get all applications without owners (ownerless applications)
98+
99+ ``` powershell
100+ Connect-Entra -Scopes 'Application.Read.All'
101+ $apps = Get-EntraBetaApplication -All
102+ $appsWithoutOwners = @()
103+ foreach ($app in $apps) {
104+ try {
105+ $owners = Get-EntraBetaApplicationOwner -ApplicationId $app.Id
106+ if (-not $owners) {
107+ $appsWithoutOwners += $app
108+ }
109+ }
110+ catch {
111+ Write-Warning "Failed to check owners for app: $($app.DisplayName)"
112+ }
113+
114+ # Optional: throttle to avoid rate limits (especially in large tenants)
115+ #Start-Sleep -Milliseconds 100
116+ }
117+ $appsWithoutOwners | Select-Object DisplayName, Id, AppId
118+ ```
119+
120+ ``` Output
121+ DisplayName Id AppId
122+ ----------- -- -----
123+ Contoso HR App aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb bbbbbbbb-1111-2222-3333-cccccccccccc
124+ Contoso Helpdesk App cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eeeeeeeeeeee
125+ Contoso Helpdesk App eeeeeeee-6666-7777-8888-ffffffffffff hhhhhhhh-9999-aaaa-bbbb-iiiiiiiiiiii
126+ ```
127+
128+ This example demonstrates how to get all applications without owners from Microsoft Entra ID.
129+
130+ ### Example 4: Get applications with expiring secrets in 30 days
98131
99132``` powershell
100133$expirationThreshold = (Get-Date).AddDays(30)
@@ -123,7 +156,7 @@ Helpdesk Application dddddddd-5555-6666-7777-eeeeeeeeeeee Helpdesk Password
123156
124157This example retrieves applications with expiring secrets within 30 days.
125158
126- ### Example 4 : Get applications with expiring certificates in 30 days
159+ ### Example 5 : Get applications with expiring certificates in 30 days
127160
128161``` powershell
129162$expirationThreshold = (Get-Date).AddDays(30)
@@ -152,7 +185,7 @@ Helpdesk Application dddddddd-5555-6666-7777-eeeeeeeeeeee My cert
152185
153186This example retrieves applications with expiring certificates within 30 days.
154187
155- ### Example 5 : Get an application by display name
188+ ### Example 6 : Get an application by display name
156189
157190``` powershell
158191Connect-Entra -Scopes 'Application.Read.All'
@@ -167,7 +200,7 @@ ToGraph_443DEMO cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777-eee
167200
168201In this example, we retrieve application by its display name from Microsoft Entra ID.
169202
170- ### Example 6 : Search among retrieved applications
203+ ### Example 7 : Search among retrieved applications
171204
172205``` powershell
173206Connect-Entra -Scopes 'Application.Read.All'
@@ -182,7 +215,7 @@ My new application 2 kkkkkkkk-cccc-dddd-eeee-llllllllllll llllllll-dddd-eeee-fff
182215
183216This example demonstrates how to retrieve applications for specific string from Microsoft Entra ID.
184217
185- ### Example 7 : Retrieve an application by identifierUris
218+ ### Example 8 : Retrieve an application by identifierUris
186219
187220``` powershell
188221Connect-Entra -Scopes 'Application.Read.All'
@@ -191,7 +224,7 @@ Get-EntraBetaApplication -Filter "identifierUris/any(uri:uri eq 'https://wingtip
191224
192225This example demonstrates how to retrieve applications by its identifierUris from Microsoft Entra ID.
193226
194- ### Example 8 : List top 2 applications
227+ ### Example 9 : List top 2 applications
195228
196229``` powershell
197230Connect-Entra -Scopes 'Application.Read.All'
@@ -207,7 +240,7 @@ ToGraph_443DEM cccccccc-4444-5555-6666-dddddddddddd dddddddd-5555-6666-7777
207240
208241This example shows how you can retrieve two applications. You can use ` -Limit ` as an alias for ` -Top ` .
209242
210- ### Example 9 : List application app roles
243+ ### Example 10 : List application app roles
211244
212245``` powershell
213246Connect-Entra -Scopes 'Application.Read.All'
@@ -225,6 +258,58 @@ AllowedMemberTypes Description DisplayName Id
225258
226259This example shows how you can retrieve app roles for an application.
227260
261+ ### Example 11: List application oauth2PermissionScopes (delegated permissions exposed by the app)
262+
263+ ``` powershell
264+ Connect-Entra -Scopes 'Application.Read.All'
265+ (Get-EntraBetaApplication -Filter "displayName eq 'Contoso Helpdesk Application'").Api.Oauth2PermissionScopes
266+ ```
267+
268+ ``` Output
269+ AdminConsentDescription : Allows the app to read HR data on behalf of users.
270+ AdminConsentDisplayName : Read HR Data
271+ Id : bbbbbbbb-1111-2222-3333-cccccccccccc
272+ IsEnabled : True
273+ Origin :
274+ Type : User
275+ UserConsentDescription : Allows the app to read your HR data.
276+ UserConsentDisplayName : Read your HR data
277+ Value : HR.Read.All
278+ ```
279+
280+ This example shows how you can retrieve ` oauth2PermissionScopes ` (i.e., delegated permissions exposed by the app) to a service principal. These scopes are part of the application object.
281+
282+ ### Example 12: List applications and their secret details
283+
284+ ``` powershell
285+ Connect-Entra -Scopes 'Application.Read.All'
286+ Get-EntraBetaApplication -All -Property displayName, appId, passwordCredentials |
287+ Where-Object { $_.PasswordCredentials } |
288+ ForEach-Object {
289+ $app = $_
290+ foreach ($cred in $app.PasswordCredentials) {
291+ [PSCustomObject]@{
292+ DisplayName = $app.DisplayName
293+ AppId = $app.AppId
294+ PasswordCredentialsDisplayName = $cred.DisplayName
295+ PasswordCredentialStartDate = $cred.StartDate
296+ PasswordCredentialEndDate = $cred.EndDate
297+ }
298+ }
299+ } |
300+ Format-Table -AutoSize
301+ ```
302+
303+ ``` Output
304+ DisplayName AppId PasswordCredentialsDisplayName PasswordCredentialStartDate PasswordCredentialEndDate
305+ ----------- ----- ------------------------------ --------------------------- -------------------------
306+ Helpdesk Application gggggggg-6666-7777-8888-hhhhhhhhhhhh Helpdesk Application Password 8/20/2024 7:54:25 AM 11/18/2024 7:54:25 AM
307+ Helpdesk Application gggggggg-6666-7777-8888-hhhhhhhhhhhh Helpdesk Application Backend 8/7/2024 4:36:49 PM 2/3/2025 4:36:49 PM
308+ Contoso Automation App bbbbbbbb-1111-2222-3333-cccccccccccc AI automation Cred 5/3/2025 7:03:11 PM 5/3/2026 7:03:11 PM
309+ ```
310+
311+ This example shows how you can retrieve applications that have secrets.
312+
228313## Parameters
229314
230315### -All
0 commit comments