Finding all Azure AD Application Registrations that have the Web Platform configured with the OAuth 2.0 Implicit Flow.

For security reasons, the Implicit Flow is not recommended for Single-Page Applications. The latest version of MSAL and the SPA configuration offer the recommended authorization code flow with PKCE and CORS support.

PowerShell Example

Note: This code requires Microsoft Graph PowerShell.

Sample Output

DisplayName                      AppId
-----------                      -----
myAngularApp                     67362857-...
ReactApp1                        95g3db84-...
WebAppTest                       6b26734fa-...

Updated: