GraphMinimalPermissionsGuidancePlugin

Compares the permissions used in the JWT token sent to Microsoft Graph against the minimum required scopes needed for requests that proxy recorded and shows the difference.

Configuration example

{
  "$schema": "https://raw.githubusercontent.com/dotnet/dev-proxy/main/schemas/v2.0.0/rc.schema.json",
  "plugins": [
    {
      "name": "GraphMinimalPermissionsGuidancePlugin",
      "enabled": true,
      "pluginPath": "~appFolder/plugins/DevProxy.Plugins.dll",
      "configSection": "graphMinimalPermissionsGuidancePlugin"
    }
  ],
  "graphMinimalPermissionsGuidancePlugin": {
   "$schema": "https://raw.githubusercontent.com/dotnet/dev-proxy/main/schemas/v2.0.0/graphminimalpermissionsguidanceplugin.schema.json",
    "permissionsToExclude": [ 
      "profile", 
      "openid", 
      "offline_access", 
      "email"
    ]
  }
}

Configuration properties

Property	Description	Default
`permissionsToExclude`	The scopes to ignore and not include in the report.	`profile openid offline_access email`

Command line options

None

Next step

Check if you're using excessive Microsoft Graph API permissions

Atsauksmes

Vai šī lapa palīdzēja?

Last updated on 2026-01-06

Kopīgot, izmantojot

GraphMinimalPermissionsGuidancePlugin

Configuration example

Configuration properties

Command line options

Next step

Atsauksmes

Papildu resursi