Contacts.ReadWrite.Shared
Export JSON
Export CSV
Copy URL
Print
Delegated
Read/Write
Shared Resources
Allows the app to create, read, update, and delete contacts a user has permissions to, including their own and shared contacts.
Permission data: April 6, 2026 at 4:06 AM UTC
Delegated Access
App-Only Access
Permission Details
Delegated Permission
User consent allowed
Read and write user and shared contacts
Allows the app to create, read, update, and delete contacts a user has permissions to, including their own and shared contacts.
User sees: Allows the app to read, update, create, and delete contacts you have permissions to access, including your own and shared contacts.
Permission ID:
afb6c84b-06be-49af-80bb-8f3f77004eab
Properties
Microsoft Graph v1.0
mapped-docs
Properties is shown from stable Microsoft Graph v1.0 metadata.
| Property | Type | Description |
|---|---|---|
assistantName |
StringNullable |
The name of the contact's assistant. |
birthday |
DateTimeOffsetNullable |
The contact's birthday. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
businessAddress |
physicalAddress |
The contact's business address. |
businessHomePage |
StringNullable |
The business home page of the contact. |
businessPhones |
String collection |
The contact's business phone numbers. |
categories |
String collection |
The categories associated with the contact. |
changeKey |
StringNullable |
Identifies the version of the contact. Every time the contact is changed, ChangeKey changes as well. This allows Exchange to apply changes to the correct version of the object. |
children |
String collection |
The names of the contact's children. |
companyName |
StringNullable |
The name of the contact's company. |
createdDateTime |
DateTimeOffsetNullable |
The time the contact was created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z |
department |
StringNullable |
The contact's department. |
displayName |
StringNullable |
The contact's display name. You can specify the display name in a create or update operation. Note that later updates to other properties may cause an automatically generated value to overwrite the displayName value you have specified. To preserve a pre-existing value, always include it as displayName in an update operation. |
emailAddresses |
emailAddress collection |
The contact's email addresses. |
fileAs |
StringNullable |
The name the contact is filed under. |
generation |
StringNullable |
The contact's suffix. |
Showing 15 of 42 properties.
JSON Representation
Microsoft Graph v1.0
mapped-docs
JSON representation is shown from stable Microsoft Graph v1.0 metadata.
JSON representation
{
"assistantName": "string",
"birthday": "String (timestamp)",
"businessAddress": {
"@odata.type": "microsoft.graph.physicalAddress"
},
"businessHomePage": "string",
"businessPhones": [
"string"
],
"categories": [
"string"
],
"changeKey": "string",
"children": [
"string"
],
"companyName": "string",
"createdDateTime": "String (timestamp)",
"department": "string",
"displayName": "string",
"emailAddresses": [
{
"@odata.type": "microsoft.graph.emailAddress"
}
],
"fileAs": "string",
"generation": "string",
"givenName": "string",
"homeAddress": {
"@odata.type": "microsoft.graph.physicalAddress"
},
"homePhones": [
"string"
],
"id": "string (identifier)",
"imAddresses": [
"string"
],
"initials": "string",
"jobTitle": "string",
"lastModifiedDateTime": "String (timestamp)",
"manager": "string",
"middleName": "string",
"mobilePhone": "string",
"nickName": "string",
"officeLocation": "string",
"otherAddress": {
"@odata.type": "microsoft.graph.physicalAddress"
},
"parentFolderId": "string",
"personalNotes": "string",
"photo": {
"@odata.type": "microsoft.graph.profilePhoto"
},
"primaryEmailAddress": {
"@odata.type": "microsoft.graph.emailAddress"
},
"profession": "string",
"secondaryEmailAddress": {
"@odata.type": "microsoft.graph.emailAddress"
},
"spouseName": "string",
"surname": "string",
"tertiaryEmailAddress": {
"@odata.type": "microsoft.graph.emailAddress"
},
"title": "string",
"yomiCompanyName": "string",
"yomiGivenName": "string",
"yomiSurname": "string"
}Relationships
Microsoft Graph v1.0
mapped-docs
Relationships is shown from stable Microsoft Graph v1.0 metadata.
| Relationship | Type | Description |
|---|---|---|
extensions |
extension collection |
The collection of open extensions defined for the contact. Read-only. Nullable. |
multiValueExtendedProperties |
multiValueLegacyExtendedProperty collection |
The collection of multi-value extended properties defined for the contact. Read-only. Nullable. |
photo |
profilePhoto |
Optional contact picture. You can get or set a photo for a contact. |
singleValueExtendedProperties |
singleValueLegacyExtendedProperty collection |
The collection of single-value extended properties defined for the contact. Read-only. Nullable. |
businessPhones |
string collection |
The contact's business phone numbers. |
categories |
string collection |
The categories associated with the item |
children |
string collection |
The names of the contact's children. |
emailAddresses |
emailAddress collection |
The contact's email addresses. |
homePhones |
string collection |
The contact's home phone numbers. |
imAddresses |
string collection |
The contact's instant messaging (IM) addresses. |
phones |
phone collection |
Phone numbers associated with the contact, for example, home phone, mobile phone, and business phone. |
postalAddresses |
physicalAddress collection |
Addresses associated with the contact, for example, home address and business address. |
websites |
website collection |
Web sites associated with the contact. |
Graph Methods
Delegated access
App-only access
Contacts resource-family fallback
Microsoft Graph v1.0 endpoints are shown from Microsoft Graph OpenAPI resource-family metadata because Microsoft Learn does not publish a direct mapping for this permission.
Contacts resource-family fallback
Microsoft Graph beta endpoints are shown from Microsoft Graph OpenAPI resource-family metadata because Microsoft Learn does not publish a direct mapping for this permission.
No Microsoft Learn PowerShell mapping available
Microsoft Graph PowerShell v1.0 commands are not available from refreshed Microsoft Learn PowerShell snippets for this permission.
No deterministic PowerShell command map is available for this permission.
Browse PowerShell docs
No Microsoft Learn PowerShell mapping available
Microsoft Graph PowerShell beta commands are not available from refreshed Microsoft Learn PowerShell snippets for this permission.
No deterministic PowerShell command map is available for this permission.
Browse PowerShell docsCode Examples
C# / .NET SDK
using Azure.Identity;
using Microsoft.Graph;
var scopes = new[] { "Contacts.ReadWrite.Shared" };
var credential = new InteractiveBrowserCredential(
new InteractiveBrowserCredentialOptions
{
ClientId = "YOUR_CLIENT_ID",
TenantId = "YOUR_TENANT_ID",
RedirectUri = new Uri("http://localhost")
});
var graphClient = new GraphServiceClient(credential, scopes);
var response = await graphClient
.WithUrl("https://graph.microsoft.com/v1.0/contacts/{id}/directReports")
.GetAsync();
JavaScript
import { Client } from "@microsoft/microsoft-graph-client";
import { InteractiveBrowserCredential } from "@azure/identity";
const credential = new InteractiveBrowserCredential({
clientId: "YOUR_CLIENT_ID",
tenantId: "YOUR_TENANT_ID",
redirectUri: "http://localhost"
});
const token = await credential.getToken(["Contacts.ReadWrite.Shared"]);
const client = Client.init({
authProvider: (done) => done(null, token.token)
});
const response = await client.api("/contacts/{id}/directReports").get();
PowerShell
Connect-MgGraph -Scopes "Contacts.ReadWrite.Shared"
Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/v1.0/contacts/{id}/directReports"
Python
from azure.identity import InteractiveBrowserCredential
import requests
credential = InteractiveBrowserCredential(
client_id="YOUR_CLIENT_ID",
tenant_id="YOUR_TENANT_ID"
)
token = credential.get_token("Contacts.ReadWrite.Shared")
response = requests.get(
"https://graph.microsoft.com/v1.0/contacts/{id}/directReports",
headers={"Authorization": f"Bearer {token.token}"}
)
print(response.json())App Registration
1
Navigate to Azure Portal
Go to App registrations in Microsoft Entra admin center
2
Add API Permission
Select your app → API permissions → Add a permission → Microsoft Graph
3
Select Permission Type
Choose Delegated permissions and search for Contacts.ReadWrite.Shared
4
Grant Admin Consent
Users can consent to this permission during sign-in.