Share via

Export full list of Overprivileged apps in Defender for Cloudapps

Landrover 20 Reputation points
2025-09-10T07:19:06.93+00:00

From cloud app Security portal , How can i export a detailed report of Over privileged apps including granted permissions per app,whether in use or not,Privileged level, Type(Application or delegated).
The default export does not include all these details

Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud Apps
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 123.5K Reputation points MVP Volunteer Moderator
    2025-09-10T15:41:07.4+00:00

    There are plenty of PowerShell scripts/free tools out there that do this, and most the information is available without even needing additional licensing. Look them up an pick the one that best suits your needs, or modify it accordingly. Here's one of mine for example: https://michev.info/blog/post/5922/reporting-on-entra-id-integrated-applications-service-principals-and-their-permissions

    0 comments
  2. EduardsGrebezs 1,096 Reputation points
    2025-11-18T07:56:33.89+00:00

    Hi,

    Check this one - https://github.com/AzureAD/MSIdentityTools

    User's image

    1. PS > Install-Module MSIdentityTools,
    2. PS > Import-Module MSIdentityTools,
    3. PS > Install-Module ImportExcel,
    4. PS > Connect-MgGraph -Scope Application.Read.All
    5. PS > Export-MsIdAppConsentGrantReport -ReportOutputType ExcelWorkbook -ExcelWorkbookPath .\Appconsent.xlsx (change location before execution)
    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.