Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/merill/microsoft-info
Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily
https://github.com/merill/microsoft-info
apps entra microsoft
Last synced: 3 days ago
JSON representation
Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily
- Host: GitHub
- URL: https://github.com/merill/microsoft-info
- Owner: merill
- License: mit
- Created: 2023-08-07T11:46:20.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-12-17T21:19:57.000Z (24 days ago)
- Last Synced: 2025-01-06T06:11:42.129Z (5 days ago)
- Topics: apps, entra, microsoft
- Language: PowerShell
- Homepage: https://aka.ms/AppNames
- Size: 1.81 MB
- Stars: 99
- Watchers: 4
- Forks: 16
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-entra - Microsoft First Party AppNames aka.ms/AppNames - Repository hosting a daily updated csv/json of Microsoft first party app names and their GUIDs (useful for kql queries and scripts). [![stars](https://badgen.net/github/stars/merill/microsoft-info)](https://badgen.net/github/stars/merill/microsoft-info) (Tools / CLI)
README
# Microsoft First Party App Names & Graph Permissions
## 💡 Overview
Looking up the names of Microsoft first party applications and Graph Permissions can be quite tricky.
Microsoft publishes a static list of the common app names in the [Verify first-party Microsoft applications in sign-in reports](https://learn.microsoft.com/troubleshoot/azure/active-directory/verify-first-party-apps-sign-in) doc.
There are a few problems with this.
* It is in markdown and is not easily consumable by scripts and KQL queries that need to perform lookups.
* It does not list all of the Microsoft apps that can be found through Microsoft Graph API.With Graph Permissions you need to authentication with Microsoft Graph to get the list of application and delegate permissions. This is not always possible in a script or a KQL query.
## 🖥️ The solution
This repository provides an up-to-date list of Microsoft first party apps and Graph Permissions that can be easily consumed by scripts.
Use the following urls to consume this data in your scripts.
* **First Party Apps**
* :diamond_shape_with_a_dot_inside: JSON → [https://raw.githubusercontent.com/merill/microsoft-info/main/_info/MicrosoftApps.json](https://raw.githubusercontent.com/merill/microsoft-info/main/_info/MicrosoftApps.json)
* :clipboard: CSV → [https://raw.githubusercontent.com/merill/microsoft-info/main/_info/MicrosoftApps.csv](https://raw.githubusercontent.com/merill/microsoft-info/main/_info/MicrosoftApps.csv)
* **Graph Permissions - App permissions**
* :diamond_shape_with_a_dot_inside: JSON → [https://raw.githubusercontent.com/merill/microsoft-info/main/_info/GraphAppRoles.json](https://raw.githubusercontent.com/merill/microsoft-info/main/_info/GraphAppRoles.json)
* :clipboard: CSV → [https://raw.githubusercontent.com/merill/microsoft-info/main/_info/GraphAppRoles.csv](https://raw.githubusercontent.com/merill/microsoft-info/main/_info/GraphAppRoles.csv)
* **Graph Permissions - Delegate permissions**
* :diamond_shape_with_a_dot_inside: JSON → [https://raw.githubusercontent.com/merill/microsoft-info/main/_info/GraphDelegateRoles.json](https://raw.githubusercontent.com/merill/microsoft-info/main/_info/GraphDelegateRoles.json)
* :clipboard: CSV → [https://raw.githubusercontent.com/merill/microsoft-info/main/_info/GraphDelegateRoles.csv](https://raw.githubusercontent.com/merill/microsoft-info/main/_info/GraphDelegateRoles.csv)## 📘 Data source
This repository runs a daily automation to generate the latest list of Microsoft first party application. The source of the data includes
* **Microsoft Graph** → `$filter = appOwnerOrganizationId eq [MicrosoftTenant]`
* Run a query against a demo Microsoft 365 tenant and get a list of all the apps that belong to Microsoft.
* **Microsoft Learn** → [Verify first-party Microsoft applications in sign-in reports](https://learn.microsoft.com/troubleshoot/azure/active-directory/verify-first-party-apps-sign-in)
* Parse the markdown from the tables in [this Microsoft Learn doc](https://learn.microsoft.com/troubleshoot/azure/active-directory/verify-first-party-apps-sign-in)
* **Community contributed app names** → [./customdata/OtherMicrosoftApps.csv](/customdata/OtherMicrosoftApps.csv)
* App names contributed by the community to this repository. Submit a PR to add entries to this file.If an app id exists in more than one list the order of precedence for the app name is → Graph, Learn and then GitHub
![Image with a funnel illustrating the three data sources and the two output files.](/assets/overview.png)
## ⋔ Forking this repo
Follow the steps below if you need to set up this automation in your own repo.
* Fork this repo
* Create an app in your tenant with the Application.Read.All app permission following the instructions on this page to configure [Workload ID federation](https://github.com/marketplace/actions/azure-ad-workload-identity-federation)## Contributors