Table: azuread_application - Query Azure Active Directory Applications using SQL
Azure Active Directory (Azure AD) is Microsoft's cloud-based identity and access management service. It helps your employees sign in and access resources in external resources, such as Microsoft Office 365, the Azure portal, and thousands of other SaaS applications. Azure AD Applications are the entities that are used to manage and secure app resources within your Azure AD tenant.
Table Usage Guide
The azuread_application table provides insights into applications registered within Azure Active Directory. As a security administrator, explore application-specific details through this table, including the application's ID, display name, and whether it's available to other tenants. Utilize it to uncover information about applications, such as those that are multi-tenanted, the types of permissions they have, and their associated service principals.
Examples
Basic info
Explore which applications are registered in your Azure Active Directory by identifying their display names and associated IDs. This can help you manage and monitor your applications effectively.
select display_name, id, app_idfrom azuread_application;select display_name, id, app_idfrom azuread_application;List owners of an application
This query helps to identify the owners of a specific application within a system, which is useful for understanding who has control over and responsibility for that application. It's particularly beneficial in scenarios where there is a need to audit access rights or investigate potential security issues.
select app.display_name as application_name, app.id as application_id, o as owner_id, u.display_name as owner_display_namefrom azuread_application as app, jsonb_array_elements_text(owner_ids) as o left join azuread_user as u on u.id = owhere app.id = 'a6656898-3879-4d35-8a58-b34237095a70';select app.display_name as application_name, app.id as application_id, o.value as owner_id, u.display_name as owner_display_namefrom azuread_application as app, json_each(app.owner_ids) as o left join azuread_user as u on u.id = o.valuewhere app.id = 'a6656898-3879-4d35-8a58-b34237095a70';Schema for azuread_application
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| api | jsonb | Specifies settings for an application that implements a web API. | |
| app_id | text | = | The unique identifier for the application that is assigned to an application by Azure AD. |
| created_date_time | timestamp with time zone | The date and time the application was registered. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. | |
| description | text | Free text field to provide a description of the application object to end users. | |
| display_name | text | = | The display name for the application. |
| id | text | = | The unique identifier for the application. |
| identifier_uris | jsonb | The URIs that identify the application within its Azure AD tenant, or within a verified custom domain if the application is multi-tenant. | |
| info | jsonb | Basic profile information of the application such as app's marketing, support, terms of service and privacy statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. | |
| is_authorization_service_enabled | boolean | Is authorization service enabled. | |
| key_credentials | jsonb | The collection of key credentials associated with the application. | |
| oauth2_require_post_response | boolean | Specifies whether, as part of OAuth 2.0 token requests, Azure AD allows POST requests, as opposed to GET requests. The default is false, which specifies that only GET requests are allowed. | |
| owner_ids | jsonb | Id of the owners of the application. The owners are a set of non-admin users who are allowed to modify this object. | |
| parental_control_settings | jsonb | Specifies parental control settings for an application. | |
| password_credentials | jsonb | The collection of password credentials associated with the application. | |
| publisher_domain | text | = | The verified publisher domain for the application. |
| sign_in_audience | text | Specifies the Microsoft accounts that are supported for the current application. | |
| sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| spa | jsonb | Specifies settings for a single-page application, including sign out URLs and redirect URIs for authorization codes and access tokens. | |
| tags | jsonb | A map of tags for the resource. | |
| tags_src | jsonb | Custom strings that can be used to categorize and identify the application. | |
| tenant_id | text | =, !=, ~~, ~~*, !~~, !~~* | The Azure Tenant ID where the resource is located. |
| title | text | Title of the resource. | |
| web | jsonb | Specifies settings for a web application. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azureadYou can pass the configuration to the command with the --config argument:
steampipe_export_azuread --config '<your_config>' azuread_application