Share via

How to add additional MSGraph scopes into Azure account?

EnterpriseArchitect 5,401 Reputation points
2023-08-19T13:30:52.09+00:00

How can I add my service account additional MS Graph Azure Read-only permissions?

Connect-MgGraph -Scopes "Application.Read.All","AuditLog.Read.All","CrossTenantInformation.ReadBasic.All"

Because even granting it as a Global reader https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#global-reader I got the below prompt:

User's image

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,072 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,535 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,844 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Manu Philip 18,561 Reputation points MVP
    2023-08-19T14:13:33.2733333+00:00

    You may try the following steps to get automatic consent to all the applications to the user

    1.Sign into the Azure portal as a Global Administrator and open Azure Active Directory > Enterprise applications > Consent and permissions > User consent settings.

    2.Under User consent for applications, select which consent setting you'd like to configure for all users and save the settings.

    User's image

    --please don't forget to upvote and Accept as answer if the reply is helpful--

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.