Update API Permissions

As an Azure application owner, you have the essential responsibility of maintaining the delegated and application permissions of your application. Through Resource Admin, you can initiate updates to these permissions, tailoring them to meet evolving requirements and security standards. Once an update is requested, EmpowerID efficiently processes and implements these changes by updating the API permissions in Azure. This article will lead you through the process of adjusting your application's permissions, ensuring they align accurately with your application's operational and security needs.

Procedure

1. Select Applications from the Resource Type menu in Resource Admin and search for the Azure application you want to manage.

2. Click the Friendly Name link for the application.
   
   

   Open

   

    

   This directs you to the Overview page for the application.
   
   

   Open

   

    

3. Click API Permissions and then expand the Actions accordion.

4. Click Update Azure Application API Permissions.
   
   

   
   This initiates the Update Azure App API Permissions workflow with the selected application as the target.
   
   

    

5. Review the configured API permissions and toggle the button from Selected to Remove for each permission you want to remove from the application, and then click Next to progress to the next step of the workflow.
   
   

   If you do not want to remove any configured permissions, simply click Next.
   
   

    

   The workflow progresses to the Add Delegated API Permissions selector. Here you select Microsoft and/or custom application APIs from the tree to add delegated permissions to the application.
   
   

    

6. In the tree, search for and select the API with the delegated permissions you want to add to the application. For example, search for and select Microsoft Graph from the Microsoft Apps tree to add permissions from the Microsoft Graph API.
   
   

   
   
   

   If you do not want to add delegated permissions to the application, click Next and skip to Step 9 below.
   
   

    

7. Enter the delegated permission in the primary search field, press ENTER, and select the delegated permission(s) you want to add to the application.
   
   

    

8. Repeat, adding any other permissions needed, and when ready, click Next to progress to the next step.

9. In the tree, search for and select the API with the application permissions you want to add to the application. If you do not want to add application permissions to the application, click Next and skip to step 12 below.

10. Close the tree and then search for and select the specific related application permission you want to add to the application.

11. Repeat, adding any other permissions needed, and when ready, click Next to progress to the next step.

12. Review the summary information of your proposed changes, and when ready, click Submit.