This script was created for a specific use-case. It retrieves the Azure AD enterprise applications with delegated Exchange Online and SharePoint Online app permissions.
-
Microsoft Graph PowerShell SDK installed
-
Connected to Microsoft Graph PowerShell with
Directory.Read.All
andApplication.Read.All
scopes.Connect-MgGraph -TenantId TENANT.onmicrosoft.com -Scopes Directory.Read.All,Application.Read.All
-
Run the script. This example stores the output to the
delegated_scopes
variable..\Get-AppsWithDelegatedSpoExoScope.ps1 -OutVariable delegated_scopes
-
Export to CSV. This example exports the result to
.\delegated_scopes.csv
.$delegated_scopes | Export-Csv -NoTypeInformation -Path .\delegated_scopes.csv
Example 2: Get a Specific Enterprise App Service Principals with EXO and SPO Delegated Permissions by Service Principal Id
.\Get-AppsWithDelegatedSpoExoScope.ps1 -ServicePrincipalId 055a453a-4cd4-4c6a-8049-6b9b9a502d99
Example 3: Get a Specific Enterprise App Service Principals with EXO and SPO Delegated Permissions by Display Name
.\Get-AppsWithDelegatedSpoExoScope.ps1 -DisplayName MailboxQuotaStatus