I am trying to accomplish the task described in the title.
From what I could gather so far, the only way to do this seems to be to first retrieve the appRoleAssignments for the user via
/users/${user-id}/appRoleAssignments
and then make a separate call for every unique resourceId like so
/servicePrincipals/${resource-id}
but this strikes me as a very suboptimal way to go about this...
Am I correct in my assumption that this is the only way?
I have considered that it might be possible to formulate a filter query along the lines of this pseudo query
/servicePrincipals?$filter=where any appRolesAssignedTo has principalId equal to ${user-id}
but if it is I couldn't figure out how to do it