Forum Discussion

Clemay300's avatar
Clemay300
Copper Contributor
Nov 21, 2023

Reviewing User Permissions

Hello, 

 

I had a quick question about reviewing user permissions within Microsoft Graph. At one point in time, I am pretty sure a co-worker showed me a location in Azure, where you could review all of the Graph API permissions that a user had been consented too and been approved to use. For example, if I looked up user a user who had previously been authorized to access SharePoint/Teams data via Graph, I would see something like this -> 

 

SharePoint: 

- Sites.Read.All 

- Site.ReadWrite.All

Teams:

-Teams.ReadBasic.All

- Users.Read.All

 

I remember it looking very similar to the "Modify Permissions" page that is available when you are using the Graph Explorer in the browser. Sadly, I cannot remember how my co-worker at the time was able to access information. Currently within Azure I can look-up the following graph access related info: 

 

- The Graph API access that our app registrations have.

Enterprise Applications -> Select App Registration -> Permissions

 

- The access that users have to the Graph Explorer App and Graph PowerShell app.

Enterprise Applications -> Select Microsoft App - Users and groups

 

I however would like to be able to see the individual permissions that users have been approved for, if possible? 

  • There is no UI to review user's permissions across all apps. You can do it on a per-app basis by going to Enterprise apps > select the app > Permissions > User consent.
  • There is no UI to review user's permissions across all apps. You can do it on a per-app basis by going to Enterprise apps > select the app > Permissions > User consent.

Resources