![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 7.000000000000001%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
Hi Glenn,
Yas here, Technical Trainer part of the worldwide learning team. Based on what you have written I am not sure whether you're asking which APIs you would use or how to assign the correct permission to your app registration. If you want to assign those permissions to your app registration you should assign one of the below directory roles to your app:
- "Conditional Access Administrator" Recommended.
- Global Administrator
- Security Administrator
If you want to call Graph APIs to manage named locations and conditional access policies, you would then need to assign permission to the Conditional Access APIs via the Policy category. Below image shows the selection:
Hope this helps.
PS: Also the tag you've used is not the correct tag for this question.