EntraAnalyzer
High

Applications with excessive permissions

Identifies apps with high-risk Graph API permissions

Category
Application Security
Default severity
High
Rule key
CHECK_APP_EXCESSIVE_PERMISSIONS
Last updated

How to fix it

Review and reduce application permissions to least-privilege required.

Further reading

Microsoft documentation →

Run this check on your tenant

EntraAnalyzer evaluates this rule automatically on every scan and emails you the results.

Get started — free first scan →