Forum Discussion
Clemay300
Nov 21, 2023Copper Contributor
Reviewing User Permissions
Hello,
I had a quick question about reviewing user permissions within Microsoft Graph. At one point in time, I am pretty sure a co-worker showed me a location in Azure, where you could review all of the Graph API permissions that a user had been consented too and been approved to use. For example, if I looked up user a user who had previously been authorized to access SharePoint/Teams data via Graph, I would see something like this ->
SharePoint:
- Sites.Read.All
- Site.ReadWrite.All
Teams:
-Teams.ReadBasic.All
- Users.Read.All
I remember it looking very similar to the "Modify Permissions" page that is available when you are using the Graph Explorer in the browser. Sadly, I cannot remember how my co-worker at the time was able to access information. Currently within Azure I can look-up the following graph access related info:
- The Graph API access that our app registrations have.
Enterprise Applications -> Select App Registration -> Permissions
- The access that users have to the Graph Explorer App and Graph PowerShell app.
Enterprise Applications -> Select Microsoft App - Users and groups
I however would like to be able to see the individual permissions that users have been approved for, if possible?
- There is no UI to review user's permissions across all apps. You can do it on a per-app basis by going to Enterprise apps > select the app > Permissions > User consent.
- There is no UI to review user's permissions across all apps. You can do it on a per-app basis by going to Enterprise apps > select the app > Permissions > User consent.