Entra apps: overview

The “Entra apps” reports consolidate data from the “Enterprise applications” and “App registrations” sections of the Microsoft Admin Center into a straightforward, easily customizable format. This eliminates the need for cross-referencing information across different reports and aims to streamline the app management process. These reports provide a more efficient and transparent approach to overseeing your apps.

Reports included in the “Entra apps” section

• Service principals
• Delegated permissions 
• Application permissions 
• Service principal owners
• Service principal users 
   
• App registrations 
• App registration permissions 
• App secrets 
• App certificates 
• App registration owners 

Understanding service principals

Service principals represent each application instance installed on the tenant. These applications can be third-party apps, referred to as "Enterprise apps" in the Microsoft Admin Center, or those created by your company, known as "App registrations".

Detailed report insights

• Service principals: this report provides a comprehensive list of Entra ID apps with access to your tenant data. It includes essential details such as owners, verification status, publisher, and more, offering a clear overview at a glance.
• Delegated permissions: this report details all permissions that an admin has delegated to apps. It displays a unified view of the permissions (Scope) assigned to each app (Service Principal) across specified resources, making permission management more straightforward.
• Application permissions: focusing on the consents (app role assignments) required by apps (admin consent), this report enumerates each permission granted to the apps, enhancing clarity in permission assignment.
• Service principal owners: this report consolidates the ownership details of your service principals into a single view.
• Service principal users: this report provides a quick overview of the enterprise apps used by the operators in your tenant and the consents they have delegated to these apps.
   
• App registrations: this report offers a detailed list of the apps created by your organization. It displays app and delegated permission counts, expiration status of secrets, owners, and sign-in audience. 
• App registration permission: this report outlines all permissions requested by apps to admins or users. It shows all the permissions (Value) assigned to each app across specified resources, simplifying permission management.
• App secrets: this report provides an overview of the app secrets within your tenant. This allows you to easily identify and act on apps with expired or soon-to-expire secrets, ensuring uninterrupted management.
• App certificates: this report offers a comprehensive list of all your application certificates. This allows you to easily identify and act on apps with expired or soon-to-expire certificates, ensuring uninterrupted management.
• App registration owners: this report provides a detailed list of app registration owners, facilitating effective oversight and security management.

By providing these detailed reports, the “Entra apps” section aims to simplify and improve the management of app permissions within your environment.

Required consents

To ensure the reports are displayed correctly, please ensure that the following consents have been granted to the “CoreView API Integration” app:

AuditLog.Read.All
Directory.Read.All