Administrators use Azure Active Directory (AD) groups to manage users and their permissions collectively. A user application role is a preset category that can be assigned to users. These roles are used to assign permission of an application to users conveniently. This allows organizations to manage access to applications and resources based on users' assigned roles. The below mentioned PowerShell syntax allows you to remove a user's application role.
Where <ObjectId> refers to the ID of a user, <RoleId> refers to the ID of an application role assignment, <ActionPreference> describes the way in which this cmdlet reacts to an information event, and <var> refers to the information variable.
ManageEngine ADManager Plus is a unified Active Directory (AD), Microsoft 365, Exchange, and Google Workspace management and reporting solution. It comes with predefined management actions that can be executed at the click of a button and more than 200 reports to report on your AD comprehensively. ADManager Plus' automation capabilities allows you to automate mundane and routine AD tasks, associate workflows to them, and have them executed at a defined frequency. It also lets you securely delegate tasks to technicians and non-admin users. ADManager Plus can be integrated with enterprise applications to holistically manage your AD environment. To learn more about ADManager Plus, click here
Simplify Azure AD management and reporting with ADManager Plus
Get 30-day free trial.Entra ID user management
Entra ID reporting
Entra ID group management
Entra ID group reporting
Entra ID domain management
Entra ID contact management and reporting
Other Entra ID tasks
