modules/Azure/Checks/Test-EntraPolicyRestrictsUserConsentForApps.ps1
|
function Test-EntraPolicyRestrictsUserConsentForApps { <# .SYNOPSIS Entra authorization policy disallows user consent for applications .DESCRIPTION Microsoft Entra authorization settings are evaluated to determine if the default user role permits **user consent to applications**. The check looks at permission grant policies to see whether end users can authorize apps to access organization data on their behalf, or if consent is restricted (e.g., `Do not allow user consent`). .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] $Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: entra_policy_restricts_user_consent_for_apps [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check entra_policy_restricts_user_consent_for_apps for reference.', 'N/A', 'entra Resources') } |