Users Can Register Applications

Best practices

Users Can Register Applications

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Azure CIS
Brazilian General Data Protection (LGPD)
CCPA
CPRA
essential_8_au
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

'User settings' is default configurations of consent and permissions for all tenant users. It was detected that users can register require administrators or appropriately delegated users to register third-party applications. This will create over privilege permissions over of all tenant with all outcomes. Certain users like developers or other high-request users may also be delegated permissions to prevent them from waiting on an administrative user.

Recommended Mitigation

It is recommended to allow only administrators or appropriately delegated users to register third-party applications. This ensures that the application undergoes a formal security review and approval process prior to exposing Azure Active Directory data. For more information: <a href="https://learn.microsoft.com/en-us/azure/active-directory/roles/delegate-app-roles" target="_blank" rel="noopener noreferrer">https://learn.microsoft.com/en-us/azure/active-directory/roles/delegate-app-roles</a>

Users Can Register Applications

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS