Introduction:

This post will go over a three different ways to add owner to Azure AD Application using Azure Powershell, Azure AD Graph, and Microsoft Graph endpoint.  The Microsoft Graph documentation on this may not be clear to point out that an Application owner can be either a User object or a Service Principal object.

Various technique to add Application Owner:

Azure AD Powershell:

Use the Azure AD Powershell command Add-AzureADApplicationOwner.  Below is an example:

# prerequisite:  You may need to run Install-Module -Name AzureADPreview to install AzureADPreview module first

$AppObj = (Get-AzureADApplication -Filter “DisplayName eq ‘DeleteMe'”).ObjectId

$UserObj = (Get-AzureADUser -ObjectId xyz@tenant.onmicrosoft.com).ObjectId

Echo ‘Get Application Owner list Before Adding Owner….’

Get-AzureADApplicationOwner -ObjectId $AppObj

Add-AzureADApplicationOwner -ObjectId $AppObj -RefObjectId $UserObj

Echo ‘Get Application Owner After Adding Owner….’

Get-AzureADApplicationOwner -ObjectId $AppObj

image

Azure AD Graph API:

Request:

# Directory ID can be obtained from the Azure portal –> Azure Active Directory –> Properties –> Directory ID

POST https://graph.windows.net/<Directory ID>/applications/<Application Object ID>/$links/owners?api-version=1.6

Request Header:

Content-Type:  application/json

Request payload:

{
“url”:https://graph.windows.net/<Directory ID>/directoryObjects/<Object ID>
}

Notethe above Object ID can be either a User Object ID or a Service Principal Object ID

Microsoft Graph API:

Request:

POST https://graph.microsoft.com/beta/applications/<Application Object ID>/owners/$ref

Request Header:

Content-Type:  application/json

Request payload:

# for User Object:

{
“@odata.id”: “https://graph.microsoft.com/beta/users/<User Object ID>
}

# for Service Principal Object:

{
“@odata.id”:”https://graph.microsoft.com/beta/servicePrincipals/<Service Principal Object ID>
}

References:

https://developer.microsoft.com/en-us/graph/docs/api-reference/beta/api/application_post_owners

https://github.com/microsoftgraph/microsoft-graph-docs/issues/1645

Leave a Comment