search

Update Application Registration

Update an application registration in Azure AD

hashtag
Description

This runbook updates an existing application registration and its related configuration in Microsoft Entra ID. It compares the current settings with the requested parameters and applies only the necessary updates. Use it to manage redirect URIs, SAML settings, visibility, assignment requirements, and token issuance behavior.

hashtag
Location

Organization → Applications → Update Application Registration

Full Runbook name

rjgit-org_applications_update-application-registration

hashtag
Permissions

hashtag
Application permissions

  • Type: Microsoft Graph

    • Application.ReadWrite.OwnedBy

    • Organization.Read.All

    • Group.ReadWrite.All

hashtag
RBAC roles

  • Application Developer

hashtag
Parameters

hashtag
ClientId

The application client ID (appId) of the application registration to update.

Property
Value

Required

true

Default Value

Type

String

hashtag
RedirectURI

Used for UI selection only. Determines which redirect URI type to configure.

Property
Value

Required

false

Default Value

Type

String

hashtag
webRedirectURI

Redirect URI or URIs for web applications. Multiple values can be separated by semicolons.

Property
Value

Required

false

Default Value

Type

String

hashtag
publicClientRedirectURI

Redirect URI or URIs for public client/native applications. Multiple values can be separated by semicolons.

Property
Value

Required

false

Default Value

Type

String

hashtag
spaRedirectURI

Redirect URI or URIs for single-page applications. Multiple values can be separated by semicolons.

Property
Value

Required

false

Default Value

Type

String

hashtag
EnableSAML

If set to true, SAML-based authentication is configured on the service principal.

Property
Value

Required

false

Default Value

False

Type

Boolean

hashtag
SAMLReplyURL

The SAML reply URL.

Property
Value

Required

false

Default Value

Type

String

hashtag
SAMLSignOnURL

The SAML sign-on URL.

Property
Value

Required

false

Default Value

Type

String

hashtag
SAMLLogoutURL

The SAML logout URL.

Property
Value

Required

false

Default Value

Type

String

hashtag
SAMLIdentifier

The SAML identifier (Entity ID).

Property
Value

Required

false

Default Value

Type

String

hashtag
SAMLRelayState

The SAML relay state parameter.

Property
Value

Required

false

Default Value

Type

String

hashtag
SAMLExpiryNotificationEmail

Email address for SAML certificate expiry notifications.

Property
Value

Required

false

Default Value

Type

String

hashtag
isApplicationVisible

Determines whether the application is visible in the My Apps portal.

Property
Value

Required

false

Default Value

True

Type

Boolean

hashtag
UserAssignmentRequired

Determines whether user assignment is required for the application.

Property
Value

Required

false

Default Value

False

Type

Boolean

hashtag
groupAssignmentPrefix

Prefix for the automatically created assignment group.

Property
Value

Required

false

Default Value

col - Entra - users -

Type

String

hashtag
implicitGrantAccessTokens

Enable implicit grant flow for access tokens.

Property
Value

Required

false

Default Value

False

Type

Boolean

hashtag
implicitGrantIDTokens

Enable implicit grant flow for ID tokens.

Property
Value

Required

false

Default Value

False

Type

Boolean

hashtag
disableImplicitGrant

If set to true, disables implicit grant issuance regardless of other settings.

Property
Value

Required

false

Default Value

False

Type

Boolean

Back to Runbook Reference overview

Last updated

Was this helpful?