🔐 Category

Entra ID & Identity

User provisioning, role assignments, conditional access, and SSO

Identify Administrators with Group Management Permissions in Entra ID

Audit directory role assignments to discover who can create, modify, or manage group memberships in your tenant

intermediatesecuritycomplianceaccess-reviewprivileged-access

Create Dynamic Groups in Entra ID with Location and Group Membership Rules

Combine location-based criteria and group membership using nested dynamic groups

intermediateaccess-managementgroup-lifecycleautomationentra-id

Bulk Assign Custom Security Attributes to Users in Entra ID

Tag users matching an email-domain filter with a Custom Security Attribute value for governance and Conditional Access scoping

intermediateidentity-governancebulk-operationconditional-accessattribute-based-access-control

Identify What an Unknown Entra ID GUID Refers To

Resolve a mystery GUID to a user, group, app, service principal, role, license, or other directory object — then count assignments

intermediatetroubleshootingauditidentityaccess-review

List Users Assigned to an Enterprise Application in Entra ID

Enumerate every user (and group) granted access to a specific enterprise app via the service principal's app role assignments

beginneraccess-reviewauditread-onlyidentity

Remove an Enterprise Application and its Service Principals from Entra ID

Find all related app registrations and service principals by name, then cleanly delete them from your tenant

intermediatesecurityaccess-controlapp-lifecyclecleanup

Find a User's Last Sign-In Activity via Microsoft Graph (without Entra ID P1)

Retrieve the most recent sign-in event for a user from audit logs when the tenant lacks Entra ID Premium licensing

intermediatesecurityauditidentitytroubleshooting

Assign the Global Administrator Role to a User in Entra ID

Grant tenant-wide admin rights by activating the Global Administrator directory role and adding a member

intermediatehigh-privilegetenant-widesecurity-sensitiveaudit-logged

Troubleshoot AADSTS65001 Consent Required Errors for Enterprise Applications

Diagnose and resolve 'invalid_grant' consent errors by auditing OAuth2 permission grants and granting tenant-wide admin consent for missing resources

intermediateaccesstroubleshootingapplicationsconsententra-id

Find Entra ID App Registrations With Secrets or Certificates Expiring Soon

Audit all app registrations for client secrets and certificates nearing expiration so you can coordinate renewals before outages occur

intermediateprevents-outagesecurity-hygieneautomation-friendlyscheduled-audit

Assign an Entra ID Directory Role to a User via Microsoft Graph

Grant administrative privileges by assigning a built-in directory role such as Cloud Application Administrator to a user account

intermediatesecurityaccess-controlprivileged-accessidentity

Troubleshoot Admin Consent Failures for Delegated Graph API Permissions

Diagnose why users with User Administrator role cannot grant admin consent, and assign the correct least-privilege role to enable consent for delegated Graph API scopes like User.Read.All

intermediatesecurityaccess-managementleast-privilegetroubleshooting

Generate a Temporary Access Pass (TAP) for a user via Microsoft Graph

Issue a time-limited passcode to bootstrap MFA, recover locked accounts, or onboard passwordless users in Entra ID

intermediateidentityauthenticationmfaonboardingaccount-recovery

Look Up a User's Address Attributes in Entra ID

Retrieve the postal address, city, state, country, and office location stored on an Entra ID user profile

beginneruser-dataread-onlyprivacydirectory-audit

Check When a Microsoft 365 User's Password Expires

Determine the password expiration date for any Microsoft 365 user and proactively notify them before lockout

beginneruser-supportsecuritypassword-policyentra-idread-only