How to $filter appRoleAssignments based on appRoleId

Question

I have an enterprise application registered in Azure AD Tenant. It contains certain appRoles which have been assigned to Azure AD Users. Now, I would like to fetch all the Users having some specific appRoles. I have tried this

GET /servicePrincipals/{id}/appRoleAssignedTo taken from here:https://learn.microsoft.com/en-us/graph/api/serviceprincipal-list-approleassignedto?view=graph-rest-beta&tabs=http#optional-query-parameters

It seems I am able to fetch all the appRoleAssignments successfully using this API, but whenever I put a filter such as:
appRoleId eq {app-role-id}, I am facing error like:
{
"error": {
"code": "Request_BadRequest",
"message": "Invalid filter clause appRoleId: System.Guid",
"innerError": {
"date": "2021-10-25T15:59:30",
"request-id": "{request-id}",
"client-request-id": "{client-request-id}"
}
}
}

And Whenever I put a single quote, like appRoleId eq '{app-role-id}', I get this error:
{
"error": {
"code": "BadRequest",
"message": "Invalid filter clause",
"innerError": {
"date": "2021-10-25T16:02:09",
"request-id": "{req-id}",
"client-request-id": "{client-request-id}"
}
}
}

I tried with both v1 and beta endpoint. So how do I filter on appRoleId?

Answer 1

This endpoint currently does not support filters based on appRoleId. In fact, except that the id parameter can be filtered, the three parameters appRoleId, principalId, and resourceId do not support filtering. Similar issues have been raised before.

So I suggest you submit user voice to add filtering support for the appRoleId parameter, and I will vote for you.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.