Have you ever tried to find out the number of users of an enterprise application in your Office 365 tenant? This could be needed for multiple different reasons: maybe your organization is paying for the app and you want to know who’s actually using it, maybe the usage is required by a company policy and it’s useful to know if organization’s members are actually using it, or maybe you just want to know about the user adoption of an app.
For apps with under 100 users it’s easy – just open Azure AD and check the user count. For more popular apps, it’s a lot more difficult, however. Azure AD just shows “100+”, which is weirdly useless. However, with some PowerShell magic, we can dig out the real user count!
When you have an “Enterprise Application” in your Azure AD, you can quite easily access its properties from the Azure Portal. However, if you want to find out the number of users using the app, that’s not as straightforward.
Even for less popular apps, you’ll have to be using the right Azure AD instance (there are usually multiple Azure AD instances/directories associated with your Office 365 subscription!) and have permissions to access the Azure portal. If you’re using the app to access data in SharePoint Online, see this page on how to access the right Azure AD instance.
For more popular apps (with more than a hundred users), Azure AD will just show “100+” as the user count. It appears you cannot get the actual user count by using the Azure Portal web UI. An interesting solution by Microsoft, that’s for sure!
Solution: Use PowerShell to get Azure AD user count for the application’s Service Principal
You can luckily achieve this pretty easily with PowerShell!
The following script gets the AAD Service Principal for the Enterprise Application, and counts its assignments to users. Since Enterprise Applications are actually registered at another directory (the one their publisher uses), your Azure AD instance just provisions service principals for them in your directory, adds required permissions to these principals, and then assigns users to these service principals.
We can get the actual user count by counting the number of these assignments. By default, this is equivalent to users, who’ve used the app at least once. In some cases it’s possible that someone has assigned users to it otherwise (programmatically or by using a script before).
These next few lines of some PowerShell magic should do the trick.
That’s it. Hope it helps!
Latest posts by Antti K. Koskela (see all)
- Thanks for coming to my session at SPS New England 10/20 ! - October 20, 2018
- Speaking at SPS New England on 10/20! - October 17, 2018
- Ignite 2018 recap: What’s new for Azure Functions? - October 16, 2018
- Problematic behavior of web.AddSupportedUILanguage(int lcid) in SharePoint 2013 and 2016 - October 10, 2018