This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 49%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA4%3C/text%3E%3C/svg%3E)
Hi,
I have a new app registered in Azure AD. I'd like to grant minimum permissions required for the app users to perform their work. Is there a way to get more details on the predefined permissions such as user.read.all and user.export.all?
For example, user.read.all delegated permission has description "Allows the app to read the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user." What reports does it refer to? sign-in reports?
Another example, user.export.all delegated permission is described as "Allows the app to export data (e.g. customer content or system-generated logs), associated with any user in your company, when the app is used by a privileged user." What "customer content" and "system-generated logs" does it refer to?
Comparing the above two permissions, can't the user with user.read.all permission retrieve all users' info and aggregate them offline? If so, how is it different from explicitly granting user.export.all?
I am hoping there is documentation explaining in more details but I could not find it. I wonder if anybody knows..
thanks.
In this context, "reports" refer to direct reports for the user, i.e. all the people that he is a manager for. As for the "export" permission, this is with relation to the GDPR and similar controls, it's likely not something your app would be using.
Thanks, @Vasil Michev . Could you share where you get the info from? I was hoping there are some documentation I can read for future reference. Thanks.