Some time ago I had to validate who or what has access to the applications we created in our Azure environment.
There were hundreds of different applications with each their own specific Application Roles. Both users and service principals had roles assigned to the applications to perform the required operations.
It is possible to click through every application in Entra ID and validate the assigned roles. However, this takes quite a bit of time.
Read more →