Skip to content

CORE by Simova GmbH - App Registration

The CORE by Simova GmbH App Registration is an Enterprise Application hosted in our tenant, it can be consented to by Administrators of your Organization. This appregistration has only delegated permissions, meaning the app itself cannot change data in your tenant on itself, only on behalf of a person that has the Permission to do it. The app registration is used for the creation and fetching of single tenant appregistrations in youre Entra AD Tenant, to assign azure management permissions to certain service principals and to manage user groups.

Permissions

  • Azure Service Management
    • user_impersonation - Used to assign permissions to certain azure ressources to created service principals, these are used to create certain azure ressources, such as Azure Storage Accounts, Azure Webservices, Azure Search Service, e.t.c..
  • Microsoft Graph
    • Directory.ReadWrite.All - Used to create and read users and usergroups, it does not allow the app to delete users or groups, or reset user passwords.
    • User.EnableDisableAccount.All - Allows the app to enable and disable users' accounts, on behalf of the signed-in user.
    • User.Read - Sign you in and read your profile, used for delegated permission flow.
    • User.ReadWrite.All - Allows the app to read and write the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.
    • Application.ReadWrite.All - Used to create app registrations automatically in you tenant.