Najam Ul Saqib njmulsqb
💻
njmulsqb
/ AppRegRoleFinder.ps1
Last active
June 5, 2025 06:44
— forked from kfosaaen/AppRegRoleFinder.ps1
PowerShell 3-liner to find roles attached to your current user
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get token in system.security.securestring format and decode it | |
| $securestring = (Get-AzAccessToken).token | |
| $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($secureString) | |
| $plaintext = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr) | |
| $token = $plaintext.Split(".")[1].Replace('-', '+').Replace('_', '/') | |
| while ($token.Length % 4) {$token += "="} | |
| # Decode the token, and match the ObjectIds returned by Get-AzRoleAssignment with oid section of JWT. You can also manually decode the JWT and pass oid to Get-AzRoleAssignment -ObjectId $oid | |
| Get-AzRoleAssignment | where ObjectId -EQ ([System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String($token)) | ConvertFrom-Json).oid |