How to generate a report via powershell,list of all Enterprise applications using a single sign on authentication

JYLVEN TARRAJA 80

Hi,

Good day

Please asking on your expertise in generating a list of enterprise applications in Microsoft Entra to identify who are using the Single Sign On authentication.

Thank you in advance.

1 answer

Sandeep G-MSFT 20,701 Reputation points Microsoft Employee

2025-01-31T06:09:27.5866667+00:00
@JYLVEN TARRAJA

Thank you for posting this in Microsoft Q&A.

As I understand you are looking to pull list of enterprise applications in Microsoft Entra which are SSO enabled.

To get a list of Single Sign-On (SSO) enabled applications in an Azure AD tenant, you can use PowerShell. Specifically, the Azure AD PowerShell module can be utilized for this purpose. Here's a general approach:

Install the Azure AD PowerShell Module (if not already installed):PowerShellCopy

Install-Module -Name AzureAD

Connect to Your Azure AD Tenant:PowerShellCopy

Connect-AzureAD

Retrieve SSO Enabled Applications: You can use a command like Get-AzureADServicePrincipal to list applications, and then filter or inspect these to determine which have SSO enabled.PowerShellCopy

Get-AzureADServicePrincipal -All $true | Where-Object { $_.Tags -like "*WindowsAzureActiveDirectoryIntegratedApp*" }

This command lists all service principals (applications) and filters for those with a specific tag that typically denotes SSO integration.

Remember, the specific command and its filters might vary based on how SSO is set up in your environment.

Let us know if you have any further questions on this.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Please sign in to rate this answer.
Sandeep G-MSFT 20,701 Reputation points Microsoft Employee

2025-02-03T11:56:45.7866667+00:00

@JYLVEN TARRAJA

Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread.

JYLVEN TARRAJA 80 Reputation points

2025-02-04T01:28:46.06+00:00

Hi @Sandeep G-MSFT

Thank you for your comments it helps me, but how to generate this via CSV file then filter the applications with the SSO enabled.

Thank you so much.

JYLVEN TARRAJA 80 Reputation points

2025-02-04T02:54:04.44+00:00

Hi Sandeep G-MSFT,

This is a very big help thank you for your expertise, please can i ask how to generate exported as CSV file?

Thank you

Sandeep G-MSFT 20,701 Reputation points Microsoft Employee

2025-02-04T06:11:09.1+00:00

@JYLVEN TARRAJA

You can use the "Export-Csv" command to export the output to csv file. You can use below command

Get-AzureADServicePrincipal -All $true | Where-Object { $_.Tags -like "WindowsAzureActiveDirectoryIntegratedApp" } | Export-Csv -path C:\example\excel.csv

Note: Change the path where you want to save the csv file.

JYLVEN TARRAJA 80 Reputation points

2025-02-05T02:18:41.71+00:00

Hi @Sandeep G-MSFT

already run the script but upon checking on the interface in Entra, disabled SSO still appear in the list of enabled SSO via the script that you give.

Thank you for your comment, appreciated much.

please help me on this can easily generate a list of all applications with the SSO authentication enabled via powershell then exported as csv file.

Thank you so much in advance.

Sandeep G-MSFT 20,701 Reputation points Microsoft Employee

2025-02-07T03:52:40.06+00:00

@JYLVEN TARRAJA

Let's try to connect offline to work on this issue. You can check the "private message" option on the top of the thread to get instructions on working offline.
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

How to generate a report via powershell,list of all Enterprise applications using a single sign on authentication

1 answer

Your answer