Cloud Conformity allows you to automate the auditing process of this resolution page. Register for a 14 day evaluation and check your compliance level for free!
Start a Free Trial Product featuresEnsure that "Users can register applications" feature is disabled within your Azure Active Directory (AD) settings so that only AD administrators can register third-party applications after these are reviewed and evaluated from the security standpoint.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for Azure
Security
To adhere to cloud security best practices, it is strongly recommended to allow only users with administrator roles to register custom-developed applications using Azure Active Directory. This ensures that each application goes through a rigorous security review before exposing Active Directory data to it.
To determine if all Active Directory (AD) users are allowed to register third-party applications, perform the following actions:
Note: Getting "Users can register applications" AD setting status using Microsoft Graph API or Azure CLI is not currently supported.By setting "Users can register applications" to "No", the Azure administrators can review the custom-developed applications before these are registered and used within your Active Directory account. To disable the required setting, perform the following actions:
Note: Restricting AD users' ability to register applications using Microsoft Graph API or Azure CLI is not currently supported.Unlock the Remediation Steps
Gain free unlimited access to our full Knowledge Base
Over 600 rules & best practices for 
and 
Get started for FREE
Thank you!
Please click the link in the confirmation email sent to
You are auditing:
Restrict Application Registration for Non-Privileged Users
Risk level: High
|