Merill Fernando Watch on YouTube

Run a quick OAuth app audit of your tenant using this command and protect yourself

2 min read 1 year ago
Published on Apr 23, 2024 This response is partially generated with the help of AI. It may contain inaccuracies.

Table of Contents

How to Run an OAuth App Audit on Your Microsoft Tenant

  1. Update MS Identity Tools Module:

    • Make sure you have the latest version of the MS Identity Tools module installed on your system.

  2. Connect to Microsoft Graph:

    • Use the application.read.all permission to connect to your Microsoft tenant.

  3. Export MSID Consent Grant Report:

    • Run the command to export the report in Excel format.
    • Provide a path for the Excel file (e.g., app_consent.xlsx).
    • Depending on the size of your tenant, this process may take some time.

  4. Review the Exported Excel File:

    • Once the export process is complete, you will have an Excel file containing all the permissions granted to users.
    • Use the pivot table in the Excel file to view and analyze different permissions.
    • Apply filters to drill down into permissions by users and resources.

  5. Customize Permission Ranking:

    • Visit ak.ms/msid to access the report.
    • In the assets folder, find the CSV file for customization.
    • Customize the ranking of permissions as high, medium, or low based on your requirements.

  6. Granting Delegate Permissions:

    • Be aware that you can grant permissions to individual users or to the entire organization.
    • Use the Graph Explorer to modify consent settings and grant permissions accordingly.

  7. Identifying Individual Permissions:

    • Use the PNP Management Shell to view permissions granted to individual users.
    • The report generated will help you easily identify who has been granted specific permissions.

  8. Manage Risks and Review Permissions:

    • Use the report to manage risks associated with permissions granted in your Microsoft tenant.
    • Review and adjust permissions based on the risk assessment provided in the report.

  9. Stay Informed:

    • Subscribe for more informative videos on Microsoft identity tools and best practices.

By following these steps, you can efficiently run an OAuth app audit on your Microsoft tenant, analyze permissions, and ensure better security and compliance within your organization.

Table of Contents

Recent