Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Work IQ APIs are protected by Microsoft Entra ID. Applications that access the Work IQ APIs must use Microsoft Entra ID OAuth 2.0 to authenticate and request authorization. This article lists the permissions exposed by Work IQ APIs.
Enable Work IQ API in your organization
An organization administrator must create a service principal for the Work IQ API before applications can request access tokens for it. This is a one-time setup step for the organization.
Run the following command to create the Work IQ API service principal.
az ad sp create --id fdcc1f02-fc51-4226-8753-f668596af7f7
Application ID URI
The application ID URI for Work IQ APIs is api://workiq.svc.cloud.microsoft. This URI is the prefix for all Work IQ permission scopes in the OAuth protocol.
For example, to request the WorkIQAgent.Ask permission, use the OAuth scope value api://workiq.svc.cloud.microsoft/WorkIQAgent.Ask.
Permissions
WorkIQAgent.Ask
| Category | Application | Delegated |
|---|---|---|
| Identifier | - | 0b1715fd-f4bf-4c63-b16d-5be31f9847c2 |
| DisplayText | - | Ask Work IQ agents on behalf of the user |
| Description | - | Allows the app to ask Work IQ agents questions and receive responses on behalf of the signed-in user. This includes read and write access to Microsoft 365 resources that are accessible to Work IQ agents and scoped to the signed-in user. |
| AdminConsentRequired | - | Yes |