Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Data Days is here! Join us now for 60+ days of learning, challenges, and connection. Learn more

Reply
lbendlin
Super User
Super User

How to retrieve app permissions?

‎06-18-2020 11:28 AM

We instruct our developers not to give app access to the "Entire organization"  but to specify individual email addresses and groups (PDLs).  This is working fine for a while until that access list grows so large that it is no longer maintanable  (for example you add an employee but the "update app"  fails because some other employee on the list has left the company and their email is no longer valid).  It would also be nice to be able to reduce the number of individuals and increase the use of PDLs (of course being careful not to overshare).

 

Has anyone found a way to retrieve the list of users and PDLs that are currently given access to a particular app? Copy&Paste does not seem to work, and I could not find any API calls around that request.

Labels:
Message 1 of 4
1,398 Views
0
1 ACCEPTED SOLUTION
lbendlin
Super User
Super User
In response to lbendlin

‎09-03-2020 04:45 PM

Found it.  Combine the CreateApp and UpdateApp tenant audit logs and use the OrgAppPermission of the latest CreationTime timestamp for each App ItemName.  Also shows whodunnit.

View solution in original post

Message 4 of 4
1,336 Views
0
3 REPLIES 3
collinq
Super User
Super User

‎06-18-2020 12:45 PM

Hi @lbendlin ,

 

There is no API that I am aware of that gives you this access.  However, there is a github script that might work for you.

 

https://github.com/msfttimmac/MyPowerBIPowerShellSamples/blob/master/Get_AllReportsInAllWorkspaces.p...

 

I would appreciate Kudos if my response was helpful. I would also appreciate it if you would Mark this As a Solution if it solved the problem. Thanks!



Did I answer your question? Mark my post as a solution!

Proud to be a Datanaut!
Private message me for consulting or training needs.




Message 2 of 4
1,382 Views
0
lbendlin
Super User
Super User
In response to collinq

‎06-18-2020 01:27 PM

Yeah, none of the Powershell cmdlets come anywhere close to the app object, or the permission settings, as far as I can tell.

Message 3 of 4
1,376 Views
0
lbendlin
Super User
Super User
In response to lbendlin

‎09-03-2020 04:45 PM

Found it.  Combine the CreateApp and UpdateApp tenant audit logs and use the OrgAppPermission of the latest CreationTime timestamp for each App ItemName.  Also shows whodunnit.

Message 4 of 4
1,337 Views
0

Helpful resources

Announcements
Fabric Data Days is here Carousel

Fabric Data Days 2026

Don't miss out on Data Days, June 15 through August 7. Learn Fabric, Power BI, SQL, AI and more.

May Power BI Update Carousel

Power BI Monthly Update - May 2026

Check out the May 2026 Power BI update to learn about new features.

Power BI DataViz World Championships carousel

Power BI DataViz World Championships - June 2026

A new Power BI DataViz World Championship is coming this June! Don't miss out on submitting your entry.

View All