Unable to implement Prerequisites to use PowerShell or Graph Explorer for Microsoft Entra roles

Question

Hello everyone,

I am trying to create a new test administrative unit inside entra id admin center per https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/admin-units-manage?tabs=ms-powershell

Step one "Prerequisites to use PowerShell or Graph Explorer for Microsoft Entra" roles are from https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/prerequisites says to do this:

To manage Microsoft Entra roles using the Microsoft Graph API and Graph Explorer, you must do the following:

1. Sign in to the Microsoft Entra admin center.
2. Browse to Identity > Applications > Enterprise applications.
3. In the applications list, find and select Graph explorer.
4. Select Permissions.
5. Select Grant admin consent for Graph explorer.

However after I do Step 2 above I do not see any application in the application list at all to search for Graph explorer.

Does Anyone know how to get this to work?

I am just doing this as a test to build out a test environment before building a dev or prod environment.

Thanks in advance!

Answer 1

If this is a fresh new environment, those service principals will be missing. The easy way to address this is to connect via the Graph PowerShell/Graph SDK for PowerShell as any user, which in turn will result in provisioning the corresponding service principal. After that, you can follow the steps in the article above.

Do note that this effectively grants some permissions on the tenant level. If you want to be more thorough, you can grant access just to the desired users by following the instructions here: https://www.michev.info/blog/post/6080/how-to-manage-entra-id-delegate-permissions-for-specific-users