permissionScope resource type
Namespace: microsoft.graph
Represents the definition of a delegated permission.
Delegated permissions can be requested by client applications needing an access token to the API that defined the permissions. Delegated permissions can be requested dynamically, using the scopes
parameter in an authorization request to the Microsoft identity platform, or statically, through the requiredResourceAccess collection on the application object.
Properties
Property | Type | Description |
---|---|---|
adminConsentDescription | String | A description of the delegated permissions, intended to be read by an administrator granting the permission on behalf of all users. This text appears in tenant-wide admin consent experiences. |
adminConsentDisplayName | String | The permission's title, intended to be read by an administrator granting the permission on behalf of all users. |
id | Guid | Unique delegated permission identifier inside the collection of delegated permissions defined for a resource application. |
isEnabled | Boolean | When you create or update a permission, this property must be set to true (which is the default). To delete a permission, this property must first be set to false. At that point, in a subsequent call, the permission may be removed. |
type | String | The possible values are: User and Admin . Specifies whether this delegated permission should be considered safe for non-admin users to consent to on behalf of themselves, or whether an administrator consent should always be required. While Microsoft Graph defines the default consent requirement for each permission, the tenant administrator may override the behavior in their organization (by allowing, restricting, or limiting user consent to this delegated permission). For more information, see Configure how users consent to applications. |
userConsentDescription | String | A description of the delegated permissions, intended to be read by a user granting the permission on their own behalf. This text appears in consent experiences where the user is consenting only on behalf of themselves. |
userConsentDisplayName | String | A title for the permission, intended to be read by a user granting the permission on their own behalf. This text appears in consent experiences where the user is consenting only on behalf of themselves. |
value | String | Specifies the value to include in the scp (scope) claim in access tokens. Must not exceed 120 characters in length. Allowed characters are : ! # $ % & ' ( ) * + , - . / : ; < = > ? @ [ ] ^ + _ ` { | } ~ , and characters in the ranges 0-9 , A-Z and a-z . Any other character, including the space character, aren't allowed. May not begin with . . |
JSON representation
The following JSON representation shows the resource type.
{
"id": "Guid",
"adminConsentDisplayName": "String",
"adminConsentDescription": "String",
"userConsentDisplayName": "String",
"userConsentDescription": "String",
"value": "String",
"type": "String",
"isEnabled": true
}
피드백
https://aka.ms/ContentUserFeedback
출시 예정: 2024년 내내 콘텐츠에 대한 피드백 메커니즘으로 GitHub 문제를 단계적으로 폐지하고 이를 새로운 피드백 시스템으로 바꿀 예정입니다. 자세한 내용은 다음을 참조하세요.다음에 대한 사용자 의견 제출 및 보기