blog.atwork.at

news and infos about microsoft, technology, cloud and more

Delegate365–Cleanup unused apps

Delegate365 is registered as an app in the customer’s Azure Active Directory. When a Delegate365 setup is executed, it may be necessary that a new app is registered and is used from then on. So, what happens with old apps? See how to cleanup unused Delegate365 apps here.

Technically, the app needs permissions to sign-in the user and to read data from the tenant. If new app permissions are necessary through an update (as this was the case with version 6.5 and the new service health feature), the Delegate365 setup must be re-run. When a new app is created, the Administrator then has to confirm the app consent for his users as described here.

Usually this is not the case for regular updates. So, in very rare cases, a new app is created during the setup. As mentioned, an app has an expiration date, but apps that are no longer used, can be removed easily if desired. Otherwise, they exist in the AAD as every other app that was registered once (and may be no longer valid). So, it’s up to the IT-Administrator to decide if he wants to perform a cleanup or not.

For doing a cleanup, you need two things: A Global Admin in your AAD tenant and the Application ID of the current Delegate365 – you don’t want to remove the existing app, just the old ones. To get the current Delegate365 App ID of your tenant, pls. contact atwork at support@atwork.at. We will send you the App ID so that you can identify the Delegate365 app in use.

Open the Azure Portal, your Azure Active Directory and the App registrations. Search for "delegate" and see the registered apps in the list as shown here.

image

In this scenario, there are 4 Delegate 365 apps existing. The currently used app starts with App ID 7dd9191f… – we do not want to remove that, but the other 3 apps (bacf…, 7b76… and 79ee…). Check the App IDs and open each app and delete it.

image

Repeat that step for all unused apps until just the used Delegate365 app remains. That’s it.

If you are insecure, leave the apps untouched. If you removed the current Delegate365 app by mistake, you need to re-run the Delegate365 setup as described in the setup process.

Loading