Created
February 15, 2021 12:41
-
-
Save 0xffhh/470be47356f7c54956f5ce192dacd5f6 to your computer and use it in GitHub Desktop.
List of ALL Azure AD Permission
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| List is based on the documentation provided on https://docs.microsoft.com/en-us/graph/permissions-reference as of 15-02-2021 | |
| AccessReview.Read.All | |
| AccessReview.ReadWrite.All | |
| AccessReview.ReadWrite.Membership | |
| AdministrativeUnit.Read.All | |
| AdministrativeUnit.ReadWrite.All | |
| Agreement.Read.All | |
| Agreement.ReadWrite.All | |
| AgreementAcceptance.Read | |
| AgreementAcceptance.Read.All | |
| Analytics.Read | |
| AppCatalog.Read.All | |
| AppCatalog.ReadWrite.All | |
| AppCatalog.Submit | |
| Application.Read.All | |
| Application.ReadWrite.All | |
| Application.ReadWrite.OwnedBy | |
| AppRoleAssignment.ReadWrite.All | |
| BitlockerKey.Read.All | |
| BitlockerKey.ReadBasic.All | |
| Bookings.Manage.All | |
| Bookings.Read.All | |
| Bookings.ReadWrite.All | |
| BookingsAppointment.ReadWrite.All | |
| Calendars.Read | |
| Calendars.Read.Shared | |
| Calendars.ReadWrite | |
| Calendars.ReadWrite.Shared | |
| Calendars.Send | |
| CallRecords.Read.All | |
| Calls.AccessMedia.All | |
| Calls.Initiate.All | |
| Calls.InitiateGroupCall.All | |
| Calls.JoinGroupCall.All | |
| Calls.JoinGroupCallasGuest.All | |
| Channel.Create | |
| Channel.Delete.All | |
| Channel.ReadBasic.All | |
| ChannelMember.Read.All | |
| ChannelMember.ReadWrite.All | |
| ChannelMessage.Delete | |
| ChannelMessage.Edit | |
| ChannelMessage.Read.All | |
| ChannelMessage.Send | |
| ChannelMessage.UpdatePolicyViolation.All | |
| ChannelSettings.Read.All | |
| ChannelSettings.ReadWrite.All | |
| Chat.Read | |
| Chat.Read.All | |
| Chat.ReadBasic | |
| Chat.ReadBasic.All | |
| Chat.ReadWrite | |
| Chat.UpdatePolicyViolation.All | |
| ChatMessage.Send | |
| CloudPC.Read.All | |
| CloudPC.ReadWrite.All | |
| Contacts.Read | |
| Contacts.Read.Shared | |
| Contacts.ReadWrite | |
| Contacts.ReadWrite.Shared | |
| Device.Command | |
| Device.Read | |
| Device.ReadWrite.All | |
| DeviceManagementApps.Read.All | |
| DeviceManagementApps.ReadWrite.All | |
| DeviceManagementConfiguration.Read.All | |
| DeviceManagementConfiguration.ReadWrite.All | |
| DeviceManagementManagedDevices.PrivilegedOperations.All | |
| DeviceManagementManagedDevices.Read.All | |
| DeviceManagementManagedDevices.ReadWrite.All | |
| DeviceManagementRBAC.Read.All | |
| DeviceManagementRBAC.ReadWrite.All | |
| DeviceManagementServiceConfig.Read.All | |
| DeviceManagementServiceConfig.ReadWrite.All | |
| DeviceManagementServiceConfiguration.Read.All | |
| DeviceManagementServiceConfiguration.ReadWrite.All | |
| Directory.AccessAsUser.All | |
| Directory.Read.All | |
| Directory.ReadWrite.All | |
| Domain.ReadWrite.All | |
| EduAdministration.Read | |
| EduAdministration.Read.All | |
| EduAdministration.ReadWrite | |
| EduAdministration.ReadWrite.All | |
| EduAssignments.Read | |
| EduAssignments.Read.All | |
| EduAssignments.ReadBasic | |
| EduAssignments.ReadBasic.All | |
| EduAssignments.ReadWrite | |
| EduAssignments.ReadWrite.All | |
| EduAssignments.ReadWriteBasic | |
| EduAssignments.ReadWriteBasic.All | |
| EduRoster.Read | |
| EduRoster.Read.All | |
| EduRoster.ReadBasic | |
| EduRoster.ReadBasic.All | |
| EduRoster.ReadWrite | |
| EduRoster.ReadWrite.All | |
| EntitlementManagement.Read.All | |
| EntitlementManagement.ReadWrite.All | |
| ExternalItem.Read.All | |
| ExternalItem.ReadWrite.All | |
| Files.Read | |
| Files.Read.All | |
| Files.Read.Selected | |
| Files.ReadWrite | |
| Files.ReadWrite.All | |
| Files.ReadWrite.AppFolder | |
| Files.ReadWrite.Selected | |
| Financials.ReadWrite.All | |
| Group.Create | |
| Group.Read.All | |
| Group.ReadWrite.All | |
| Group.Selected | |
| GroupMember.Read.All | |
| GroupMember.ReadWrite.All | |
| IdentityProvider.Read.All | |
| IdentityProvider.ReadWrite.All | |
| IdentityRiskEvent.Read.All | |
| IdentityRiskyUser.Read.All | |
| IdentityRiskyUser.ReadWrite.All | |
| IdentitytUserFlow.ReadWrite.All | |
| IdentityUserFlow.Read.All | |
| IdentityUserFlow.ReadWrite.All | |
| IMAP.AccessAsUser.All | |
| InformationProtectionPolicy.Read | |
| InformationProtectionPolicy.Read.All | |
| Mail.Read | |
| Mail.Read.Shared | |
| Mail.ReadBasic | |
| Mail.ReadBasic.All | |
| Mail.ReadWrite | |
| Mail.ReadWrite.Shared | |
| Mail.Send | |
| Mail.Send.Shared | |
| MailboxSettings.Read | |
| MailboxSettings.ReadWrite | |
| Member.Read.Hidden | |
| Notes.Create | |
| Notes.Read | |
| Notes.Read.All | |
| Notes.ReadWrite | |
| Notes.ReadWrite.All | |
| Notes.ReadWrite.CreatedByApp | |
| Notifications.ReadWrite.CreatedByApp | |
| OnlineMeetings.Read | |
| OnlineMeetings.Read.All | |
| OnlineMeetings.ReadWrite | |
| OnlineMeetings.ReadWrite.All | |
| Organization.Read.All | |
| Organization.ReadWrite.All | |
| OrgContact.Read.All | |
| People.Read | |
| People.Read.All | |
| Place.Read.All | |
| Place.ReadWrite.All | |
| Policy.Read.All | |
| Policy.Read.ApplicationConfiguration | |
| Policy.Read.PermissionGrant | |
| Policy.ReadWrite.ApplicationConfiguration | |
| Policy.ReadWrite.AuthenticationFlows | |
| Policy.ReadWrite.AuthenticationMethod | |
| Policy.ReadWrite.Authorization | |
| Policy.ReadWrite.ConditionalAccess | |
| Policy.ReadWrite.FeatureRollout | |
| Policy.ReadWrite.PermissionGrant | |
| Policy.ReadWrite.TrustFramework | |
| POP.AccessAsUser.All | |
| Presence.Read | |
| Presence.Read.All | |
| PrintConnector.Read.All | |
| PrintConnector.ReadWrite.All | |
| Printer.Create | |
| Printer.FullControl.All | |
| Printer.Read.All | |
| Printer.ReadWrite.All | |
| PrinterShare.Read.All | |
| PrinterShare.ReadBasic.All | |
| PrinterShare.ReadWrite.All | |
| PrintJob.Create | |
| PrintJob.Manage.All | |
| PrintJob.Read | |
| PrintJob.Read.All | |
| PrintJob.ReadBasic | |
| PrintJob.ReadBasic.All | |
| PrintJob.ReadWrite | |
| PrintJob.ReadWrite.All | |
| PrintJob.ReadWriteBasic | |
| PrintJob.ReadWriteBasic.All | |
| PrintSettings.Read.All | |
| PrintSettings.ReadWrite.All | |
| PrintTaskDefinition.ReadWrite.All | |
| PrivilegedAccess.Read.AzureAD | |
| PrivilegedAccess.Read.AzureADGroups | |
| PrivilegedAccess.Read.AzureADResources | |
| PrivilegedAccess.ReadWrite.AzureAD | |
| PrivilegedAccess.ReadWrite.AzureADGroups | |
| PrivilegedAccess.ReadWrite.AzureResources | |
| ProgramControl.Read.All | |
| ProgramControl.ReadWrite.All | |
| Reports.Read.All | |
| RoleManagement.Read.All | |
| RoleManagement.Read.Directory | |
| RoleManagement.ReadWrite.Directory | |
| Schedule.Read.All | |
| Schedule.ReadWrite.All | |
| SecurityActions.Read.All | |
| SecurityActions.ReadWrite.All | |
| SecurityEvents.Read.All | |
| SecurityEvents.ReadWrite.All | |
| ShortNotes.Read | |
| ShortNotes.Read.All | |
| ShortNotes.ReadWrite | |
| ShortNotes.ReadWrite.All | |
| Sites.FullControl.All | |
| Sites.Manage.All | |
| Sites.Read.All | |
| Sites.ReadWrite.All | |
| Sites.Selected | |
| SMTP.Send | |
| Tasks.Read | |
| Tasks.Read.Shared | |
| Tasks.ReadWrite | |
| Tasks.ReadWrite.Shared | |
| Team.Create | |
| Team.ReadBasic.All | |
| TeamMember.Read.All | |
| TeamMember.ReadWrite.All | |
| TeamsActivity.Read | |
| TeamsActivity.Read.All | |
| TeamsActivity.Send | |
| TeamsApp.Read.All | |
| TeamsApp.ReadWrite.All | |
| TeamsAppInstallation.ReadForTeam | |
| TeamsAppInstallation.ReadForTeam.All | |
| TeamsAppInstallation.ReadForUser | |
| TeamsAppInstallation.ReadForUser.All | |
| TeamsAppInstallation.ReadWriteForTeam | |
| TeamsAppInstallation.ReadWriteForTeam.All | |
| TeamsAppInstallation.ReadWriteForUser | |
| TeamsAppInstallation.ReadWriteForUser.All | |
| TeamsAppInstallation.ReadWriteSelfForTeam | |
| TeamsAppInstallation.ReadWriteSelfForTeam.All | |
| TeamsAppInstallation.ReadWriteSelfForUser | |
| TeamsAppInstallation.ReadWriteSelfForUser.All | |
| TeamSettings.Read.All | |
| TeamSettings.ReadWrite.All | |
| TeamsTab.Create | |
| TeamsTab.Read.All | |
| TeamsTab.ReadWrite.All | |
| Teamwork.Migrate.All | |
| TermStore.Read.All | |
| TermStore.ReadWrite.All | |
| ThreatAssessment.Read.All | |
| ThreatAssessment.ReadWrite.All | |
| ThreatIndicators.Read.All | |
| ThreatIndicators.ReadWrite.OwnedBy | |
| User.Export.All | |
| User.Invite.All | |
| User.ManageIdentities.All | |
| User.Read | |
| User.Read.All | |
| User.ReadBasic.All | |
| User.ReadWrite | |
| User.ReadWrite.All | |
| UserActivity.ReadWrite.CreatedByApp | |
| UserAuthenticationMethod.Read | |
| UserAuthenticationMethod.Read.All | |
| UserAuthenticationMethod.ReadWrite | |
| UserAuthenticationMethod.ReadWrite.All | |
| WorkforceIntegration.Read.All | |
| WorkforceIntegration.ReadWrite.All |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment