| title | Get application |
|---|---|
| description | Get the properties and relationships of an application object. |
| author | Jackson-Woods |
| ms.localizationpriority | high |
| ms.subservice | entra-applications |
| doc_type | apiPageType |
| ms.date | 04/05/2024 |
Namespace: microsoft.graph
[!INCLUDE beta-disclaimer]
Get the properties and relationships of an application object. This API can be used to get agentIdentityBlueprint objects as well by their ID.
[!INCLUDE national-cloud-support]
Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
[!INCLUDE permissions-table]
[!INCLUDE rbac-application-apis-read]
You can address the application using either its id or appId. id and appId are referred to as the Object ID and Application (Client) ID, respectively, in app registrations in the Microsoft Entra admin center. Replace {applicationObjectId} with the id for the application object.
GET /applications/{applicationObjectId}
GET /applications(appId='{appId}')This method supports the $select OData query parameter to retrieve specific application properties.
By default, this API doesn't return the value of the key thumbprint in the keyCredentials property unless keyCredentials is specified in a $select query. For example, $select=id,appId,keyCredentials.
The use of $select to get keyCredentials for applications has a throttling limit of 150 requests per minute for every tenant.
| Name | Description |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Don't supply a request body for this method.
If successful, this method returns a 200 OK response code and an application or agentIdentityBlueprint object in the response body.
The following example shows a request.
GET https://graph.microsoft.com/beta/applications/03ef14b0-ca33-4840-8f4f-d6e91916010e
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
The following example shows the response.
Note: The response object shown here might be shortened for readability.
HTTP/1.1 200 OK
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#applications/$entity",
"id": "03ef14b0-ca33-4840-8f4f-d6e91916010e",
"deletedDateTime": null,
"isFallbackPublicClient": null,
"appId": "631a96bc-a705-4eda-9f99-fdaf9f54f6a2",
"applicationTemplateId": null,
"identifierUris": [],
"createdDateTime": "2019-09-17T19:10:35.2742618Z",
"disabledByMicrosoftStatus": null,
"displayName": "contoso",
"isDeviceOnlyAuthSupported": null,
"groupMembershipClaims": null,
"optionalClaims": null,
"addIns": [],
"publisherDomain": "contoso.com",
"samlMetadataUrl": "https://graph.microsoft.com/2h5hjaj542de/app",
"signInAudience": "AzureADandPersonalMicrosoftAccount",
"verifiedPublisher": {
"displayName": "publisher_contoso",
"verifiedPublisherId": "9999999",
"addedDateTime": "2021-04-24T17:49:44Z"
},
"certification": {
"isPublisherAttested": true,
"isCertifiedByMicrosoft": true,
"lastCertificationDateTime": "2021-05-11T23:26:20Z",
"certificationExpirationDateTime": "2022-05-11T23:26:20Z",
"certificationDetailsUrl": "https://learn.microsoft.com/microsoft-365-app-certification/forward/azure/631a96bc-a705-4eda-9f99-fdaf9f54f6a2"
},
"tags": [],
"tokenEncryptionKeyId": null,
"api": {
"requestedAccessTokenVersion": 2,
"acceptMappedClaims": null,
"knownClientApplications": [],
"oauth2PermissionScopes": [],
"preAuthorizedApplications": []
},
"appRoles": [],
"publicClient": {
"redirectUris": []
},
"info": {
"termsOfServiceUrl": null,
"supportUrl": null,
"privacyStatementUrl": null,
"marketingUrl": null,
"logoUrl": null
},
"keyCredentials": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [],
"requiredResourceAccess": [],
"uniqueName": null,
"web": {
"redirectUris": [],
"homePageUrl": null,
"logoutUrl": null,
"implicitGrantSettings": {
"enableIdTokenIssuance": false,
"enableAccessTokenIssuance": false
}
},
"windows": {
"packageSid": null,
"redirectUris": []
}
}The following example shows a request to retrieve an application and some of its properties.
GET https://graph.microsoft.com/beta/applications(appId='46e6adf4-a9cf-4b60-9390-0ba6fb00bf6b')?$select=id,appId,displayName,signInAudience,signInAudienceRestrictions
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE snippet-not-available] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
The following example shows the response.
Note: The response object shown here might be shortened for readability.
HTTP/1.1 200 OK
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#applications(id,appId,displayName,signInAudience,signInAudienceRestrictions)/$entity",
"id": "7bec5fd1-a25f-474c-a6ca-5492082c6a9b",
"appId": "46e6adf4-a9cf-4b60-9390-0ba6fb00bf6b",
"displayName": "PostmanWeb",
"signInAudience": "AzureADMultipleOrgs",
"signInAudienceRestrictions": {
"@odata.type": "#microsoft.graph.unrestrictedAudience",
"kind": "unrestricted"
}
}