The preview of a new app governance add-on for Microsoft Client App Security gives Office 365 administrators insight into Graph-based apps. The add-on depends on information gathered from Azure AD and MCAS to generate insights about apps and their usage, including highlighting apps which are overprivileged or highly privileged. Although you can do some of the auditing yourself, the add-on makes it easier. It’s a preview, so some glitches are present.
Over time, a Microsoft 365 tenant might accumulate many Azure AD integrated apps. Do you know what these apps do or who uses them? It’s good to do a regular audit and cleanout of unwanted apps left behind for tests, trials, or expired applications. We use a script published on Practical365.com to grab the data from Azure AD and then import it into Microsoft Lists. The results we got might surprise you.