I am trying to grant user_impersonation = scope rights to Azure AD App programatically .But unfortunately i am not getting the correct GUID of user_impersonation. I took it from another application manifest file but it seems it changes every time. Can someone assist me here.
I tried the below command to grant access
az ad app permission add --id --api --api-permissions user_impersonation=Scope
I have the way around by using below approach, Please suggest if it is right
$sp = Get-AzureADServicePrincipal -ObjectId "ObjectId" $sp.Oauth2Permissions | select Id,AdminConsentDisplayName,Value
For this you get the below :
Id AdminConsent DisplayName Value
fb5a-c16f-4e30-49cd-ad2b3 Access ddudisplay user_impersonation
As soon as you have highlighted ID then you can put in the below command
az ad app permission add --id "appid" --api"resourceid" --api-permissions fb5a5asncdb-c16f-4e30-49cd-ada072b3=Scope
and viola it works.
