create a application role using Microsoft Graph API

Question

I have created app registration in azure aad. I want to add a app role using Microsoft Graph API programmatic.

Answer 1

It seems that there is no Microsoft Graph API to do that. If Azure AD graph is acceptable, you use the following rest API to do that.

PATCH https://graph.windows.net/{tenantId}/directoryObjects/{objectId}/Microsoft.DirectoryServices.Application?api-version=1.6 

Note: objectId not applicationId, we could get it from Azure portal.

The following is the test body

appRoles": [
    {
      "allowedMemberTypes": [
        "User"
      ],
      "displayName": "SurveyAdmin",
      "id": "c20e145e-5459-4a6c-a074-b942bbd4cfe1",
      "isEnabled": true,
      "description": "Administrators can manage the Surveys in their tenant",
      "value": "SurveyAdmin"
    }
  ]

Test result:

We also could check it in the application manifest from Azure portal.