Share via

Graph API : Delegated set of permissions

Christophe Humbert 126 Reputation points
2022-07-17T08:08:14.293+00:00

Hello,

I would like to authorize some permissions to a group of users for making graph api request in either graph explorer (for their test) and later in BI for their reporting

Example I want to give Group_SomeFolks the following permissions User.Read.All and Directory.read.All

Is there a way to achieve this

Thanks

Microsoft Security | Microsoft Graph
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 123.5K Reputation points MVP Volunteer Moderator
    2022-07-17T08:52:57.783+00:00

    Sure, you can use the /oauth2PermissionGrants endpoint: https://learn.microsoft.com/en-us/graph/api/oauth2permissiongrant-post?view=graph-rest-1.0&tabs=http
    Or the New-MgServicePrincipalOauth2PermissionGrantByRef cmdlet from the Microsoft Graph SDK for PowerShell.

    If you want to grant permissions to specific people only, use consentType value of "Principal" and specify a principalId ref value. Here's an example using the Graph explorer:

    221524-image.png

    1 person found this answer helpful.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.