Enterprise Apps and App Registrations have tags. With App Registrations you can see it in the manifest in the portal; with Enterprise Apps you can’t, but it’s still useful.
In my case I add an Owner tag to a bunch of these so its easy to know which team or department it belongs to. This can be done via Graph, for example:
1 2 3 |
$tags = "Owner: $ownerName","Owner: $ownerName2" # this is an array Update-MgApplication -ApplicationId $appId -Tags $tags -ErrorAction Stop |
Once this is done, next time I want to find all Enterprise Apps or App Registrations belonging to a team I can filter for them.
1 2 3 |
Get-MgServicePrincipal -Filter "tags/any(c:c eq 'Owner: XXX')" Get-MgApplication -Filter "tags/any(c:c eq 'Owner: XXX')" |
Useful!