Does Directory.Read.All require admin consent?

Yes, Application permissions always require admin consent. An administrator must grant consent in the Azure portal.

How do I add Directory.Read.All to my app registration?

Go to Azure Portal > App registrations > Your app > API permissions > Add permission > Microsoft Graph, then search for Directory.Read.All and select it.

Directory.Read.All Permission - Microsoft Graph API

Permission Details

Application Permission

Read directory data

Allows the app to read data in your organization's directory, such as users, groups and apps, without a signed-in user.

Permission ID: 7ab1d382-f21e-4acd-a863-ba3e13f7da61

Delegated Permission

Read directory data

Allows the app to read data in your organization's directory, such as users, groups and apps.

Permission ID: 06da0dbc-49e2-44d2-8312-53f166ab848a

Properties

Property	Type	Description
`id`	`string`	The unique identifier for an entity. Read-only.
`contactInsights`	`object`	Contains the properties that are configured by an administrator as a tenant-level privacy control whether to identify duplicate contacts among a user's contacts list and suggest the user to merge those contacts to have a cleaner contacts list. List contactInsights returns the settings to display or return contact insights in an organization.
`microsoftApplicationDataAccess`	`object`
`peopleInsights`	`object`	Contains the properties that are configured by an administrator for the visibility of a list of people relevant and working with a user in Microsoft 365. List peopleInsights returns the settings to display or return people insights in an organization.
`itemInsights`	`object`	Contains the properties that are configured by an administrator for the visibility of Microsoft Graph-derived insights, between a user and other items in Microsoft 365, such as documents or sites. List itemInsights returns the settings to display or return item insights in an organization.

Relationships

Relationship	Type	Description
`administrativeUnits`	`administrativeUnit collection`	Conceptual container for user and group directory objects.
`attributeSets`	`attributeSet collection`	Group of related custom security attribute definitions.
`customSecurityAttributeDefinitions`	`customSecurityAttributeDefinition collection`	Schema of a custom security attribute.
`deletedItems`	`directoryObject collection`	Recently deleted items. Read-only. Nullable.
`federationConfigurations`	`identityProviderBase collection`	Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed protocol.
`onPremisesSynchronization`	`onPremisesDirectorySynchronization collection`	A container for on-premises directory synchronization functionalities.

Graph Methods

Delegated access App-only access

Methods
GET `/appCatalogs/teamsApps`
GET `/applications`
GET `/applications(appId='{appId}')`
GET `/applications(appId='{appId}')/extensionProperties`
GET `/applications(appId='{appId}')/extensionProperties/{extensionPropertyId}`
GET `/applications(appId='{appId}')/owners`
GET `/applications/{application ObjectId}/extensionProperties`
GET `/applications/{application ObjectId}/extensionProperties/{extensionPropertyId}`
GET `/applications/{applicationObjectId}`
GET `/applications/{id}/owners`
GET `/applications/delta`
GET `/auditLogs/directoryaudits`
GET `/auditLogs/directoryAudits/{id}`
GET `/auditLogs/provisioning`
GET `/auditLogs/signIns`
GET `/auditLogs/signIns/{id}`
GET `/contacts`
GET `/contacts/{id}`
GET `/contacts/{id}/directReports`
GET `/contacts/{id}/manager`
GET `/contacts/{id}/memberOf`
GET `/contacts/{id}/transitiveMemberOf`
GET `/contacts/delta`
GET `/contracts`
GET `/contracts/{id}`
GET `/devices`
GET `/devices(deviceId='{deviceId}')`
GET `/devices(deviceId='{deviceId}')/memberOf`
GET `/devices(deviceId='{deviceId}')/registeredOwners`
GET `/devices(deviceId='{deviceId}')/registeredUsers`
GET `/devices(deviceId='{deviceId}')/transitiveMemberOf`
GET `/devices/{id \| userPrincipalName}/transitiveMemberOf`
GET `/devices/{id}`
GET `/devices/{Id}/extensions/{extensionId}`
GET `/devices/{id}/memberOf`
GET `/devices/{id}/registeredOwners`
GET `/devices/{id}/registeredUsers`
GET `/directory`
GET `/directory/administrativeUnits`
GET `/directory/administrativeUnits/{administrativeUnit-id}`
GET `/directory/administrativeUnits/{administrativeUnit-id}/extensions`
GET `/directory/administrativeUnits/{administrativeUnit-id}/extensions/{extension-id}`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.application`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.device`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.group`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.orgContact`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.servicePrincipal`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.user`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.application`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.device`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.group`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.orgContact`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.servicePrincipal`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.user`
GET `/directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers`
GET `/directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers/{scopedRoleMembership-id}`
GET `/directory/administrativeUnits/{id}`
GET `/directory/administrativeUnits/{id}/members`
GET `/directory/administrativeUnits/{id}/members/{id}`
GET `/directory/administrativeUnits/{id}/members/$ref`
GET `/directory/administrativeUnits/{id}/scopedRoleMembers`
GET `/directory/administrativeUnits/{id}/scopedRoleMembers/{id}`
GET `/directory/attributeSets`
GET `/directory/attributeSets/{attributeSet-id}`
GET `/directory/customSecurityAttributeDefinitions`
GET `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}`
GET `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues`
GET `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues/{allowedValue-id}`
GET `/directory/federationConfigurations`
GET `/directory/federationConfigurations/{identityProviderBase-id}`
GET `/directory/onPremisesSynchronization`
GET `/directory/onPremisesSynchronization/{onPremisesDirectorySynchronization-id}`
GET `/directory/subscriptions`
GET `/directory/subscriptions(commerceSubscriptionId='{commerceSubscriptionId}')`
GET `/directory/subscriptions/{companySubscription-id}`
GET `/directory/subscriptions/{id}`
GET `/directoryObjects/{id}`
GET `/directoryRoles`
GET `/directoryRoles(roleTemplateId='{roleTemplateId}')`
GET `/directoryRoles(roleTemplateId='{roleTemplateId}')/members`
GET `/directoryRoles(roleTemplateId='{roleTemplateId}')/scopedMembers`
GET `/directoryRoles/{role-id}`
GET `/directoryRoles/{role-id}/members`
GET `/directoryroles/{role-id}/scopedMembers`
GET `/directoryRoles/delta`
GET `/directoryRoleTemplates`
GET `/directoryRoleTemplates/{id}`
GET `/domains`
GET `/domains/{id}`
GET `/domains/{id}/rootDomain`
GET `/education/me/user`
GET `/education/schools/{educationSchoolId}/administrativeUnit`
GET `/education/users/{id}/user`
GET `/groupLifecyclePolicies`
GET `/groupLifecyclePolicies/{id}`
GET `/groups`
GET `/groups/{id}`
GET `/groups/{id}/appRoleAssignments`
GET `/groups/{Id}/events/{Id}/extensions/{extensionId}`
GET `/groups/{Id}/extensions/{extensionId}`
GET `/groups/{id}/groupLifecyclePolicies`
GET `/groups/{id}/memberOf`
GET `/groups/{id}/members`
GET `/groups/{id}/owners`
GET `/groups/{Id}/threads/{Id}/posts/{Id}/extensions/{extensionId}`
GET `/groups/{id}/transitiveMemberOf`
GET `/groups/{id}/transitiveMembers`
GET `/groups/delta`
GET `/groupSettings`
GET `/groupSettings/{groupSettingId}`
GET `/groupSettingTemplates`
GET `/groupSettingTemplates/{id}`
GET `/me`
GET `/me/appRoleAssignments`
GET `/me/createdObjects`
GET `/me/directReports`
GET `/me/joinedTeams`
GET `/me/licenseDetails`
GET `/me/manager`
GET `/me/memberOf`
GET `/me/oauth2PermissionGrants`
GET `/me/ownedDevices`
GET `/me/ownedObjects`
GET `/me/registeredDevices`
GET `/me/transitiveMemberOf`
GET `/oauth2PermissionGrants`
GET `/oauth2PermissionGrants/{id}`
GET `/oauth2PermissionGrants/delta`
GET `/organization`
GET `/organization/{Id}/extensions/{extensionId}`
GET `/organization/{organizationId}`
GET `/policies/adminConsentRequestPolicy`
GET `/policies/claimsMappingPolicies/{id}/appliesTo`
GET `/policies/homeRealmDiscoveryPolicies/{id}/appliesTo`
GET `/policies/permissionGrantPolicies/{id}/excludes`
GET `/policies/permissionGrantPolicies/{id}/includes`
GET `/policies/tokenIssuancePolicies/{id}/appliesTo`
GET `/policies/tokenLifetimePolicies/{id}/appliesTo`
GET `/roleManagement/directory/roleAssignments`
GET `/roleManagement/directory/roleAssignments/{id}`
GET `/roleManagement/directory/roleDefinitions`
GET `/roleManagement/directory/roleDefinitions/{id}`
GET `/servicePrincipals`
GET `/servicePrincipals(appId='{appId}')`
GET `/servicePrincipals(appId='{appId}')/appRoleAssignedTo`
GET `/servicePrincipals(appId='{appId}')/appRoleAssignments`
GET `/servicePrincipals(appId='{appId}')/createdObjects`
GET `/servicePrincipals(appId='{appId}')/delegatedPermissionClassifications`
GET `/servicePrincipals(appId='{appId}')/memberOf`
GET `/servicePrincipals(appId='{appId}')/oauth2PermissionGrants`
GET `/servicePrincipals(appId='{appId}')/ownedObjects`
GET `/servicePrincipals(appId='{appId}')/owners`
GET `/servicePrincipals(appId='{appId}')/transitiveMemberOf`
GET `/servicePrincipals(appId='{client-servicePrincipal-appId}')/appRoleAssignments/{appRoleAssignment-id}`
GET `/servicePrincipals/{client-serviceprincipal-id}/appRoleAssignments/{appRoleAssignment-id}`
GET `/servicePrincipals/{id}`
GET `/servicePrincipals/{id}/appRoleAssignedTo`
GET `/servicePrincipals/{id}/appRoleAssignments`
GET `/servicePrincipals/{id}/createdObjects`
GET `/servicePrincipals/{id}/delegatedPermissionClassifications`
GET `/servicePrincipals/{id}/memberOf`
GET `/servicePrincipals/{id}/oauth2PermissionGrants`
GET `/servicePrincipals/{id}/ownedObjects`
GET `/servicePrincipals/{id}/owners`
GET `/servicePrincipals/{id}/transitiveMemberOf`
GET `/servicePrincipals/{servicePrincipalsId}/remoteDesktopSecurityConfiguration`
GET `/servicePrincipals/{servicePrincipalsId}/remoteDesktopSecurityConfiguration/targetDeviceGroups`
GET `/servicePrincipals/{servicePrincipalsId}/remoteDesktopSecurityConfiguration/targetDeviceGroups/{targetDeviceGroupId}`
GET `/servicePrincipals/delta`
GET `/subscribedSkus`
GET `/subscribedSkus/{id}`
GET `/teams/{id}/channels/{id}/tabs`
GET `/teams/{id}/installedApps/{id}`
GET `/teams/{team-id}`
GET `/teams/{team-id}/channels`
GET `/teams/{team-id}/channels/{channel-id}`
GET `/teams/{team-id}/channels/{channel-id}/tabs/{tab-id}`
GET `/teams/{team-id}/installedApps`
GET `/users`
GET `/users/{id \| user-principal-name}/joinedTeams`
GET `/users/{id \| userPrincipalName}`
GET `/users/{id \| userPrincipalName}/appRoleAssignments`
GET `/users/{id \| userPrincipalName}/createdObjects`
GET `/users/{id \| userPrincipalName}/directReports`
GET `/users/{id \| userPrincipalName}/manager`
GET `/users/{id \| userPrincipalName}/oauth2PermissionGrants`
GET `/users/{id \| userPrincipalName}/ownedDevices`
GET `/users/{id \| userPrincipalName}/ownedObjects`
GET `/users/{id \| userPrincipalName}/registeredDevices`
GET `/users/{id}/licenseDetails`
GET `/users/{Id\|userPrincipalName}/contacts/{Id}/extensions/{extensionId}`
GET `/users/{Id\|userPrincipalName}/events/{Id}/extensions/{extensionId}`
GET `/users/{Id\|userPrincipalName}/extensions/{extensionId}`
GET `/users/{Id\|userPrincipalName}/messages/{Id}/extensions/{extensionId}`
GET `/users/{Id\|userPrincipalName}/todo/lists/{todoTaskListId}/extensions/{extensionId}`
GET `/users/{Id\|userPrincipalName}/todo/lists/{todoTaskListId}/tasks/{taskId}/extensions/{extensionId}`
GET `/users/{user-id}/licenseDetails/getTeamsLicensingDetails`
GET `/users/delta`
POST `/applications(appId='{appId}')/owners/$ref`
POST `/applications/{id}/owners/$ref`
POST `/directory/administrativeUnits`
POST `/directory/administrativeUnits/{administrativeUnit-id}/extensions`
POST `/directory/administrativeUnits/{administrativeUnit-id}/members`
POST `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.user`
POST `/directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers`
POST `/directory/attributeSets`
POST `/directory/customSecurityAttributeDefinitions`
POST `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues`
POST `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues/{allowedValue-id}`
POST `/directory/federationConfigurations`
POST `/directory/onPremisesSynchronization`
POST `/directory/subscriptions`
POST `/directoryObjects/{id}/checkMemberGroups`
POST `/directoryObjects/{id}/checkMemberObjects`
POST `/directoryObjects/{id}/getMemberGroups`
POST `/directoryObjects/{id}/getMemberObjects`
POST `/directoryObjects/getAvailableExtensionProperties`
POST `/directoryObjects/getByIds`
POST `/directoryObjects/validateProperties`
POST `/orgContacts/{id}/retryServiceProvisioning`
POST `/servicePrincipals(appId='{appId}')/appRoleAssignedTo`
POST `/servicePrincipals(appId='{appId}')/appRoleAssignments`
POST `/servicePrincipals(appId='{appId}')/owners/$ref`
POST `/servicePrincipals/{id}/appRoleAssignedTo`
POST `/servicePrincipals/{id}/appRoleAssignments`
POST `/servicePrincipals/{id}/owners/$ref`
PATCH `/directory`
PATCH `/directory/administrativeUnits/{administrativeUnit-id}`
PATCH `/directory/administrativeUnits/{administrativeUnit-id}/extensions/{extension-id}`
PATCH `/directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers/{scopedRoleMembership-id}`
PATCH `/directory/attributeSets/{attributeSet-id}`
PATCH `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}`
PATCH `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues/{allowedValue-id}`
PATCH `/directory/federationConfigurations/{identityProviderBase-id}`
PATCH `/directory/onPremisesSynchronization/{onPremisesDirectorySynchronization-id}`
PATCH `/directory/subscriptions/{companySubscription-id}`
DELETE `/directory/administrativeUnits/{administrativeUnit-id}`
DELETE `/directory/administrativeUnits/{administrativeUnit-id}/extensions/{extension-id}`
DELETE `/directory/administrativeUnits/{administrativeUnit-id}/members`
DELETE `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.user`
DELETE `/directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers/{scopedRoleMembership-id}`
DELETE `/directory/attributeSets/{attributeSet-id}`
DELETE `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}`
DELETE `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues/{allowedValue-id}`
DELETE `/directory/federationConfigurations/{identityProviderBase-id}`
DELETE `/directory/onPremisesSynchronization/{onPremisesDirectorySynchronization-id}`
DELETE `/directory/subscriptions/{companySubscription-id}`

Methods
GET `/administrativeUnits`
GET `/administrativeUnits/{administrativeUnitId}/extensions/{extensionId}`
GET `/administrativeUnits/{id}`
GET `/administrativeUnits/{id}/members`
GET `/administrativeUnits/{id}/members/{id}`
GET `/administrativeUnits/{id}/members/$ref`
GET `/administrativeUnits/{id}/scopedRoleMembers`
GET `/administrativeUnits/{id}/scopedRoleMembers/{id}`
GET `/administrativeUnits/delta`
GET `/appCatalogs/teamsApps`
GET `/applications`
GET `/applications(appId='{appId}')`
GET `/applications(appId='{appId}')/extensionProperties`
GET `/applications(appId='{appId}')/extensionProperties/{extensionPropertyId}`
GET `/applications(appId='{appId}')/federatedIdentityCredentials`
GET `/applications(appId='{appId}')/federatedIdentityCredentials/{federatedIdentityCredentialId}`
GET `/applications(appId='{appId}')/federatedIdentityCredentials/{federatedIdentityCredentialName}`
GET `/applications(appId='{appId}')/owners`
GET `/applications/{application ObjectId}/extensionProperties`
GET `/applications/{application ObjectId}/extensionProperties/{extensionPropertyId}`
GET `/applications/{applicationObjectId}`
GET `/applications/{id}/federatedIdentityCredentials`
GET `/applications/{id}/federatedIdentityCredentials/{federatedIdentityCredentialId}`
GET `/applications/{id}/federatedIdentityCredentials/{federatedIdentityCredentialName}`
GET `/applications/{id}/microsoft.graph.agentIdentityBlueprint`
GET `/applications/{id}/microsoft.graph.agentIdentityBlueprint/inheritablePermissions`
GET `/applications/{id}/microsoft.graph.agentIdentityBlueprint/inheritablePermissions/{resourceAppId}`
GET `/applications/{id}/microsoft.graph.agentIdentityBlueprint/owners`
GET `/applications/{id}/owners`
GET `/applications/delta`
GET `/applications/microsoft.graph.agentIdentityBlueprint`
GET `/auditLogs/directoryAudits`
GET `/auditLogs/directoryAudits/{id}`
GET `/auditLogs/provisioning`
GET `/auditLogs/signIns`
GET `/auditLogs/signIns/{id}`
GET `/certificateAuthorities/mutualTlsOauthConfigurations`
GET `/contacts`
GET `/contacts/{id}`
GET `/contacts/{id}/directReports`
GET `/contacts/{id}/manager`
GET `/contacts/{id}/memberOf`
GET `/contacts/{id}/transitiveMemberOf`
GET `/contacts/{id}/transitiveReports/$count`
GET `/contacts/delta`
GET `/contracts`
GET `/contracts/{id}`
GET `/devices`
GET `/devices(deviceId='{deviceId}')`
GET `/devices(deviceId='{deviceId}')/memberOf`
GET `/devices(deviceId='{deviceId}')/registeredOwners`
GET `/devices(deviceId='{deviceId}')/registeredUsers`
GET `/devices(deviceId='{deviceId}')/transitiveMemberOf`
GET `/devices(deviceId='{deviceId}')/usageRights`
GET `/devices/{deviceId}/extensions/{extensionId}`
GET `/devices/{id}`
GET `/devices/{id}/memberOf`
GET `/devices/{id}/registeredOwners`
GET `/devices/{id}/registeredUsers`
GET `/devices/{id}/transitiveMemberOf`
GET `/devices/{objectId}/usageRights`
GET `/directory`
GET `/directory/administrativeUnits`
GET `/directory/administrativeUnits/{administrativeUnit-id}`
GET `/directory/administrativeUnits/{administrativeUnit-id}/deletedMembers`
GET `/directory/administrativeUnits/{administrativeUnit-id}/deletedMembers/{directoryObject-id}`
GET `/directory/administrativeUnits/{administrativeUnit-id}/extensions`
GET `/directory/administrativeUnits/{administrativeUnit-id}/extensions/{extension-id}`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.application`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.device`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.group`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.orgContact`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.servicePrincipal`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.user`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.application`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.device`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.group`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.orgContact`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.servicePrincipal`
GET `/directory/administrativeUnits/{administrativeUnit-id}/members/graph.user`
GET `/directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers`
GET `/directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers/{scopedRoleMembership-id}`
GET `/directory/administrativeUnits/{id}`
GET `/directory/attributeSets`
GET `/directory/attributeSets/{attributeSet-id}`
GET `/directory/authenticationMethodDevices`
GET `/directory/authenticationMethodDevices/hardwareOathDevices`
GET `/directory/authenticationMethodDevices/hardwareOathDevices/{hardwareOathTokenAuthenticationMethodDevice-id}`
GET `/directory/authenticationMethodDevices/hardwareOathDevices/{hardwareOathTokenAuthenticationMethodDevice-id}/assignTo`
GET `/directory/authenticationMethodDevices/hardwareOathDevices/{hardwareOathTokenAuthenticationMethodDevice-id}/assignTo/mailboxSettings`
GET `/directory/authenticationMethodDevices/hardwareOathDevices/{hardwareOathTokenAuthenticationMethodDevice-id}/assignTo/serviceProvisioningErrors`
GET `/directory/certificateAuthorities`
GET `/directory/certificateAuthorities/certificateBasedApplicationConfigurations`
GET `/directory/certificateAuthorities/certificateBasedApplicationConfigurations/{certificateBasedApplicationConfiguration-id}`
GET `/directory/certificateAuthorities/certificateBasedApplicationConfigurations/{certificateBasedApplicationConfiguration-id}/trustedCertificateAuthorities`
GET `/directory/certificateAuthorities/certificateBasedApplicationConfigurations/{certificateBasedApplicationConfiguration-id}/trustedCertificateAuthorities/{certificateAuthorityAsEntity-id}`
GET `/directory/certificateAuthorities/mutualTlsOauthConfigurations`
GET `/directory/certificateAuthorities/mutualTlsOauthConfigurations/{mutualTlsOauthConfiguration-id}`
GET `/directory/customSecurityAttributeDefinitions`
GET `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}`
GET `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues`
GET `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues/{allowedValue-id}`
GET `/directory/externalUserProfiles`
GET `/directory/externalUserProfiles/{externalUserProfile-id}`
GET `/directory/featureRolloutPolicies`
GET `/directory/featureRolloutPolicies/{featureRolloutPolicy-id}`
GET `/directory/featureRolloutPolicies/{featureRolloutPolicy-id}/appliesTo`
GET `/directory/federationConfigurations`
GET `/directory/federationConfigurations/{identityProviderBase-id}`
GET `/directory/impactedResources`
GET `/directory/impactedResources/{impactedResource-id}`
GET `/directory/impactedResources/{impactedResource-id}/reactivate`
GET `/directory/inboundSharedUserProfiles`
GET `/directory/onPremisesSynchronization`
GET `/directory/onPremisesSynchronization/{onPremisesDirectorySynchronization-id}`
GET `/directory/outboundSharedUserProfiles`
GET `/directory/pendingExternalUserProfiles`
GET `/directory/pendingExternalUserProfiles/{pendingExternalUserProfile-id}`
GET `/directory/recommendationConfiguration`
GET `/directory/recommendations`
GET `/directory/recommendations/{recommendation-id}`
GET `/directory/recommendations/{recommendation-id}/impactedResources`
GET `/directory/recommendations/{recommendation-id}/impactedResources/{impactedResource-id}`
GET `/directory/recommendations/{recommendation-id}/impactedResources/{impactedResource-id}/reactivate`
GET `/directory/recommendations/{recommendation-id}/reactivate`
GET `/directory/sharedEmailDomains`
GET `/directory/sharedEmailDomains/{sharedEmailDomain-id}`
GET `/directory/subscriptions`
GET `/directory/subscriptions(commerceSubscriptionId='{commerceSubscriptionId}')`
GET `/directory/subscriptions/{companySubscription-id}`
GET `/directory/subscriptions/{id}`
GET `/directory/templates`
GET `/directory/templates/deviceTemplates`
GET `/directory/templates/deviceTemplates/{deviceTemplate-id}`
GET `/directory/templates/deviceTemplates/{deviceTemplate-id}/owners`
GET `/directory/templates/deviceTemplates/{deviceTemplate-id}/owners/{directoryObject-id}`
GET `/directoryObjects/{id}`
GET `/directoryRoles`
GET `/directoryRoles(roleTemplateId='{roleTemplateId}')`
GET `/directoryRoles(roleTemplateId='{roleTemplateId}')/members`
GET `/directoryRoles(roleTemplateId='{roleTemplateId}')/scopedMembers`
GET `/directoryRoles/{role-id}`
GET `/directoryRoles/{role-id}/members`
GET `/directoryroles/{role-id}/scopedMembers`
GET `/directoryRoles/delta`
GET `/directoryRoleTemplates`
GET `/directoryRoleTemplates/{id}`
GET `/directorySettingTemplates`
GET `/directorySettingTemplates/{id}`
GET `/domains`
GET `/domains/{id}`
GET `/domains/contoso.com/rootDomain`
GET `/drive/items/{itemId}/extensions/{extensionId}`
GET `/education/classes/{id}/group`
GET `/education/me/user`
GET `/education/schools/{id}/administrativeUnit`
GET `/education/users/{id}/user`
GET `/groupLifecyclePolicies`
GET `/groupLifecyclePolicies/{id}`
GET `/groups`
GET `/groups/{groupId}/cloudLicensing/usageRights`
GET `/groups/{groupId}/events/{eventId}/extensions/{extensionId}`
GET `/groups/{groupId}/extensions/{extensionId}`
GET `/groups/{groupId}/threads/{threadId}/posts/{postId}/extensions/{extensionId}`
GET `/groups/{id}`
GET `/groups/{id}/appRoleAssignments`
GET `/groups/{id}/groupLifecyclePolicies`
GET `/groups/{id}/memberOf`
GET `/groups/{id}/members`
GET `/groups/{id}/owners`
GET `/groups/{id}/transitiveMemberOf`
GET `/groups/{id}/transitiveMembers`
GET `/groups/delta`
GET `/me`
GET `/me/appRoleAssignedResources`
GET `/me/appRoleAssignments`
GET `/me/cloudLicensing/usageRights`
GET `/me/cloudLicensing/usageRights/{usageRightId}`
GET `/me/createdObjects`
GET `/me/directReports`
GET `/me/joinedTeams`
GET `/me/licenseDetails`
GET `/me/manager`
GET `/me/memberOf`
GET `/me/oauth2PermissionGrants`
GET `/me/ownedObjects`
GET `/me/registeredDevices`
GET `/me/scopedRoleMemberOf`
GET `/me/transitiveMemberOf`
GET `/oauth2PermissionGrants`
GET `/oauth2PermissionGrants/{id}`
GET `/oauth2PermissionGrants/delta`
GET `/organization`
GET `/organization/{organizationId}`
GET `/organization/{organizationId}/extensions/{extensionId}`
GET `/policies/adminConsentRequestPolicy`
GET `/policies/claimsMappingPolicies/{id}/appliesTo`
GET `/policies/homeRealmDiscoveryPolicies/{id}/appliesTo`
GET `/policies/permissionGrantPolicies/{id}/excludes`
GET `/policies/permissionGrantPolicies/{id}/includes`
GET `/policies/tokenIssuancePolicies/{id}/appliesTo`
GET `/policies/tokenLifetimePolicies/{id}/appliesTo`
GET `/reports/appCredentialSignInActivities`
GET `/reports/appCredentialSignInActivities/{appCredentialSignInActivityId}`
GET `/reports/servicePrincipalSignInActivities`
GET `/reports/servicePrincipalSignInActivities/{servicePrincipalSignInActivityId}`
GET `/roleManagement/cloudPC/roleDefinitions`
GET `/roleManagement/cloudPC/roleDefinitions/{id}`
GET `/roleManagement/directory/roleAssignments`
GET `/roleManagement/directory/roleAssignments/{id}`
GET `/roleManagement/directory/roleDefinitions/{unifiedRoleDefinitionId}/assignedPrincipals(transitive=@transitive,directoryScopeType='@directoryScopeType',directoryScopeId='@directoryScopeId')`
GET `/roleManagement/directory/transitiveRoleAssignments?$filter=principalId eq '{principalId}'`
GET `/servicePrincipals`
GET `/servicePrincipals(appId='{appId}')`
GET `/servicePrincipals(appId='{appId}')/microsoft.graph.agentIdentityBlueprintPrincipal`
GET `/servicePrincipals(appId='{client-servicePrincipal-appId}')/appRoleAssignments/{appRoleAssignment-id}`
GET `/servicePrincipals/{client-serviceprincipal-id}/appRoleAssignments/{appRoleAssignment-id}`
GET `/servicePrincipals/{id}`
GET `/servicePrincipals/{id}/appRoleAssignedTo`
GET `/servicePrincipals/{id}/appRoleAssignments`
GET `/servicePrincipals/{id}/createdObjects`
GET `/servicePrincipals/{id}/delegatedPermissionClassifications`
GET `/servicePrincipals/{id}/memberOf`
GET `/servicePrincipals/{id}/microsoft.graph.agentIdentity`
GET `/servicePrincipals/{id}/microsoft.graph.agentIdentity/memberOf`
GET `/servicePrincipals/{id}/microsoft.graph.agentIdentity/ownedObjects`
GET `/servicePrincipals/{id}/microsoft.graph.agentIdentity/owners`
GET `/servicePrincipals/{id}/microsoft.graph.agentIdentity/transitiveMemberOf`
GET `/servicePrincipals/{id}/microsoft.graph.agentIdentityBlueprintPrincipal`
GET `/servicePrincipals/{id}/microsoft.graph.agentIdentityBlueprintPrincipal/memberOf`
GET `/servicePrincipals/{id}/microsoft.graph.agentIdentityBlueprintPrincipal/owners`
GET `/servicePrincipals/{id}/oauth2PermissionGrants`
GET `/servicePrincipals/{id}/ownedObjects`
GET `/servicePrincipals/{id}/owners`
GET `/servicePrincipals/{id}/transitiveMemberOf`
GET `/servicePrincipals/{servicePrincipalsId}/remoteDesktopSecurityConfiguration`
GET `/servicePrincipals/{servicePrincipalsId}/remoteDesktopSecurityConfiguration/targetDeviceGroups`
GET `/servicePrincipals/{servicePrincipalsId}/remoteDesktopSecurityConfiguration/targetDeviceGroups/{targetDeviceGroupId}`
GET `/servicePrincipals/delta`
GET `/servicePrincipals/microsoft.graph.agentIdentity`
GET `/servicePrincipals/microsoft.graph.agentIdentityBlueprintPrincipal`
GET `/settings`
GET `/settings/{directorySettingId}`
GET `/sites/{siteId}/extensions/{extensionId}`
GET `/subscribedSkus`
GET `/subscribedSkus/{id}`
GET `/teams/{id}/installedApps/{id}`
GET `/teams/{team-id}`
GET `/teams/{team-id}/channels`
GET `/teams/{team-id}/channels/{channel-id}`
GET `/teams/{team-id}/channels/{channel-id}/tabs`
GET `/teams/{team-id}/channels/{channel-id}/tabs/{tab-id}`
GET `/teams/{team-id}/installedApps`
GET `/users`
GET `/users/{id \| user-principal-name}/joinedTeams`
GET `/users/{id \| userPrincipalName}/appRoleAssignments`
GET `/users/{id \| userPrincipalName}/createdObjects`
GET `/users/{id \| userPrincipalName}/directReports`
GET `/users/{id \| userPrincipalName}/manager`
GET `/users/{id \| userPrincipalName}/oauth2PermissionGrants`
GET `/users/{id \| userPrincipalName}/ownedDevices`
GET `/users/{id \| userPrincipalName}/ownedObjects`
GET `/users/{id \| userPrincipalName}/registeredDevices`
GET `/users/{id}/licenseDetails`
GET `/users/{id}/scopedRoleMemberOf`
GET `/users/{id}/transitiveReports/$count`
GET `/users/{Id\|userPrincipalName}/events/{eventId}/extensions/{extensionId}`
GET `/users/{user-id}/licenseDetails/getTeamsLicensingDetails`
GET `/users/{userId}/appRoleAssignedResources`
GET `/users/{userId}/cloudLicensing/usageRights/{usageRightId}`
GET `/users/{userId}/usageRights`
GET `/users/{userId\|userPrincipalName}/contacts/{contactId}/extensions/{extensionId}`
GET `/users/{userId\|userPrincipalName}/extensions/{extensionId}`
GET `/users/{userId\|userPrincipalName}/messages/{messageId}/extensions/{extensionId}`
GET `/users/{userId\|userPrincipalName}/tasks/lists/{listId}/extensions/{extensionId}`
GET `/users/{userId\|userPrincipalName}/tasks/lists/{listId}/tasks/{baseTaskId}/extensions/{extensionId}`
GET `/users/{userId\|userPrincipalName}/todo/lists/{listId}/extensions/{extensionId}`
GET `/users/{userId\|userPrincipalName}/todo/lists/{listId}/tasks/{todoTaskId}/extensions/{extensionId}`
GET `/users/{usersId}/appRoleAssignments`
GET `/users/delta`
POST `/applications(appId='{appId}')/owners/$ref`
POST `/applications/{id}/owners/$ref`
POST `/contacts/{id}/retryServiceProvisioning`
POST `/directory/administrativeUnits`
POST `/directory/administrativeUnits/{administrativeUnit-id}/extensions`
POST `/directory/administrativeUnits/{administrativeUnit-id}/members`
POST `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.user`
POST `/directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers`
POST `/directory/attributeSets`
POST `/directory/authenticationMethodDevices/hardwareOathDevices`
POST `/directory/certificateAuthorities/certificateBasedApplicationConfigurations`
POST `/directory/certificateAuthorities/certificateBasedApplicationConfigurations/{certificateBasedApplicationConfiguration-id}/trustedCertificateAuthorities`
POST `/directory/certificateAuthorities/mutualTlsOauthConfigurations`
POST `/directory/customSecurityAttributeDefinitions`
POST `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues`
POST `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues/{allowedValue-id}`
POST `/directory/externalUserProfiles`
POST `/directory/featureRolloutPolicies`
POST `/directory/featureRolloutPolicies/{featureRolloutPolicy-id}/appliesTo`
POST `/directory/federationConfigurations`
POST `/directory/impactedResources`
POST `/directory/impactedResources/{impactedResource-id}/complete`
POST `/directory/impactedResources/{impactedResource-id}/dismiss`
POST `/directory/impactedResources/{impactedResource-id}/postpone`
POST `/directory/impactedResources/{impactedResource-id}/reactivate`
POST `/directory/inboundSharedUserProfiles`
POST `/directory/onPremisesSynchronization`
POST `/directory/outboundSharedUserProfiles`
POST `/directory/pendingExternalUserProfiles`
POST `/directory/recommendations`
POST `/directory/recommendations/{recommendation-id}/complete`
POST `/directory/recommendations/{recommendation-id}/dismiss`
POST `/directory/recommendations/{recommendation-id}/impactedResources`
POST `/directory/recommendations/{recommendation-id}/impactedResources/{impactedResource-id}/complete`
POST `/directory/recommendations/{recommendation-id}/impactedResources/{impactedResource-id}/dismiss`
POST `/directory/recommendations/{recommendation-id}/impactedResources/{impactedResource-id}/postpone`
POST `/directory/recommendations/{recommendation-id}/impactedResources/{impactedResource-id}/reactivate`
POST `/directory/recommendations/{recommendation-id}/postpone`
POST `/directory/recommendations/{recommendation-id}/reactivate`
POST `/directory/sharedEmailDomains`
POST `/directory/subscriptions`
POST `/directory/templates/deviceTemplates`
POST `/directory/templates/deviceTemplates/{deviceTemplate-id}/createDeviceFromTemplate`
POST `/directoryObjects/{id}/checkMemberGroups`
POST `/directoryObjects/{id}/checkMemberObjects`
POST `/directoryObjects/{id}/getMemberGroups`
POST `/directoryObjects/{id}/getMemberObjects`
POST `/directoryObjects/getByIds`
POST `/directoryObjects/validateProperties`
POST `/servicePrincipals(appId='{appId}')/appRoleAssignedTo`
POST `/servicePrincipals(appId='{appId}')/appRoleAssignments`
POST `/servicePrincipals(appId='{appId}')/createPasswordSingleSignOnCredentials`
POST `/servicePrincipals(appId='{appId}')/deletePasswordSingleSignOnCredentials`
POST `/servicePrincipals(appId='{appId}')/getPasswordSingleSignOnCredentials`
POST `/servicePrincipals(appId='{appId}')/owners/$ref`
POST `/servicePrincipals(appId='{appId}')/updatePasswordSingleSignOnCredentials`
POST `/servicePrincipals/{id}/appRoleAssignedTo`
POST `/servicePrincipals/{id}/appRoleAssignments`
POST `/servicePrincipals/{id}/createPasswordSingleSignOnCredentials`
POST `/servicePrincipals/{id}/deletePasswordSingleSignOnCredentials`
POST `/servicePrincipals/{id}/getPasswordSingleSignOnCredentials`
POST `/servicePrincipals/{id}/owners/$ref`
POST `/servicePrincipals/{id}/updatePasswordSingleSignOnCredentials`
PATCH `/directory`
PATCH `/directory/administrativeUnits/{administrativeUnit-id}`
PATCH `/directory/administrativeUnits/{administrativeUnit-id}/extensions/{extension-id}`
PATCH `/directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers/{scopedRoleMembership-id}`
PATCH `/directory/attributeSets/{attributeSet-id}`
PATCH `/directory/authenticationMethodDevices`
PATCH `/directory/authenticationMethodDevices/hardwareOathDevices/{hardwareOathTokenAuthenticationMethodDevice-id}`
PATCH `/directory/authenticationMethodDevices/hardwareOathDevices/{hardwareOathTokenAuthenticationMethodDevice-id}/assignTo/mailboxSettings`
PATCH `/directory/certificateAuthorities`
PATCH `/directory/certificateAuthorities/certificateBasedApplicationConfigurations/{certificateBasedApplicationConfiguration-id}`
PATCH `/directory/certificateAuthorities/certificateBasedApplicationConfigurations/{certificateBasedApplicationConfiguration-id}/trustedCertificateAuthorities/{certificateAuthorityAsEntity-id}`
PATCH `/directory/certificateAuthorities/mutualTlsOauthConfigurations/{mutualTlsOauthConfiguration-id}`
PATCH `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}`
PATCH `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues/{allowedValue-id}`
PATCH `/directory/externalUserProfiles/{externalUserProfile-id}`
PATCH `/directory/featureRolloutPolicies/{featureRolloutPolicy-id}`
PATCH `/directory/federationConfigurations/{identityProviderBase-id}`
PATCH `/directory/impactedResources/{impactedResource-id}`
PATCH `/directory/inboundSharedUserProfiles`
PATCH `/directory/onPremisesSynchronization/{onPremisesDirectorySynchronization-id}`
PATCH `/directory/outboundSharedUserProfiles`
PATCH `/directory/pendingExternalUserProfiles/{pendingExternalUserProfile-id}`
PATCH `/directory/recommendationConfiguration`
PATCH `/directory/recommendations/{recommendation-id}`
PATCH `/directory/recommendations/{recommendation-id}/impactedResources/{impactedResource-id}`
PATCH `/directory/sharedEmailDomains/{sharedEmailDomain-id}`
PATCH `/directory/subscriptions/{companySubscription-id}`
PATCH `/directory/templates`
PATCH `/directory/templates/deviceTemplates/{deviceTemplate-id}`
DELETE `/directory/administrativeUnits/{administrativeUnit-id}`
DELETE `/directory/administrativeUnits/{administrativeUnit-id}/extensions/{extension-id}`
DELETE `/directory/administrativeUnits/{administrativeUnit-id}/members`
DELETE `/directory/administrativeUnits/{administrativeUnit-id}/members/{directoryObject-id}/graph.user`
DELETE `/directory/administrativeUnits/{administrativeUnit-id}/scopedRoleMembers/{scopedRoleMembership-id}`
DELETE `/directory/attributeSets/{attributeSet-id}`
DELETE `/directory/authenticationMethodDevices`
DELETE `/directory/authenticationMethodDevices/hardwareOathDevices/{hardwareOathTokenAuthenticationMethodDevice-id}`
DELETE `/directory/certificateAuthorities`
DELETE `/directory/certificateAuthorities/certificateBasedApplicationConfigurations/{certificateBasedApplicationConfiguration-id}`
DELETE `/directory/certificateAuthorities/certificateBasedApplicationConfigurations/{certificateBasedApplicationConfiguration-id}/trustedCertificateAuthorities/{certificateAuthorityAsEntity-id}`
DELETE `/directory/certificateAuthorities/mutualTlsOauthConfigurations/{mutualTlsOauthConfiguration-id}`
DELETE `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}`
DELETE `/directory/customSecurityAttributeDefinitions/{customSecurityAttributeDefinition-id}/allowedValues/{allowedValue-id}`
DELETE `/directory/externalUserProfiles/{externalUserProfile-id}`
DELETE `/directory/featureRolloutPolicies/{featureRolloutPolicy-id}`
DELETE `/directory/featureRolloutPolicies/{featureRolloutPolicy-id}/appliesTo`
DELETE `/directory/federationConfigurations/{identityProviderBase-id}`
DELETE `/directory/impactedResources/{impactedResource-id}`
DELETE `/directory/inboundSharedUserProfiles`
DELETE `/directory/onPremisesSynchronization/{onPremisesDirectorySynchronization-id}`
DELETE `/directory/outboundSharedUserProfiles`
DELETE `/directory/pendingExternalUserProfiles/{pendingExternalUserProfile-id}`
DELETE `/directory/recommendationConfiguration`
DELETE `/directory/recommendations/{recommendation-id}`
DELETE `/directory/recommendations/{recommendation-id}/impactedResources/{impactedResource-id}`
DELETE `/directory/sharedEmailDomains/{sharedEmailDomain-id}`
DELETE `/directory/subscriptions/{companySubscription-id}`
DELETE `/directory/templates`
DELETE `/directory/templates/deviceTemplates/{deviceTemplate-id}`

Commands
`Confirm-MgUserMemberGroup`
`Confirm-MgUserMemberObject`
`Get-MgAppCatalogTeamApp`
`Get-MgApplication`
`Get-MgApplicationByAppId`
`Get-MgApplicationDelta`
`Get-MgApplicationExtensionProperty`
`Get-MgApplicationOwner`
`Get-MgAuditLogDirectoryAudit`
`Get-MgAuditLogProvisioning`
`Get-MgAuditLogSignIn`
`Get-MgBetaDevice`
`Get-MgBetaUserLicenseDetailTeamLicensingDetail`
`Get-MgContact`
`Get-MgContactDelta`
`Get-MgContactDirectReport`
`Get-MgContactManager`
`Get-MgContactMemberOf`
`Get-MgContactTransitiveMemberOf`
`Get-MgContract`
`Get-MgDevice`
`Get-MgDeviceMemberOfAsGroup`
`Get-MgDeviceRegisteredOwner`
`Get-MgDeviceRegisteredUser`
`Get-MgDeviceTransitiveMemberOfAsGroup`
`Get-MgDirectoryAdministrativeUnit`
`Get-MgDirectoryAdministrativeUnitMember`
`Get-MgDirectoryAdministrativeUnitMemberByRef`
`Get-MgDirectoryAdministrativeUnitScopedRoleMember`
`Get-MgDirectoryObject`
`Get-MgDirectoryObjectAvailableExtensionProperty`
`Get-MgDirectoryObjectById`
`Get-MgDirectoryObjectMemberObject`
`Get-MgDirectoryRole`
`Get-MgDirectoryRoleDelta`
`Get-MgDirectoryRoleMember`
`Get-MgDirectoryRoleScopedMember`
`Get-MgDirectoryRoleTemplate`
`Get-MgDirectorySubscription`
`Get-MgDomain`
`Get-MgDomainRootDomain`
`Get-MgEducationMeUser`
`Get-MgEducationSchoolAdministrativeUnit`
`Get-MgGroup`
`Get-MgGroupAppRoleAssignment`
`Get-MgGroupDelta`
`Get-MgGroupLifecyclePolicy`
`Get-MgGroupLifecyclePolicyByGroup`
`Get-MgGroupMember`
`Get-MgGroupMemberOfAsGroup`
`Get-MgGroupOwner`
`Get-MgGroupSetting`
`Get-MgGroupSettingTemplateGroupSettingTemplate`
`Get-MgGroupTransitiveMemberAsUser`
`Get-MgGroupTransitiveMemberOf`
`Get-MgOauth2PermissionGrant`
`Get-MgOauth2PermissionGrantDelta`
`Get-MgOrganization`
`Get-MgPolicyAdminConsentRequestPolicy`
`Get-MgPolicyClaimMappingPolicyApplyTo`
`Get-MgPolicyHomeRealmDiscoveryPolicyApplyTo`
`Get-MgPolicyPermissionGrantPolicyExclude`
`Get-MgPolicyPermissionGrantPolicyInclude`
`Get-MgPolicyTokenIssuancePolicyApplyTo`
`Get-MgPolicyTokenLifetimePolicyApplyTo`
`Get-MgRoleManagementDirectoryRoleAssignment`
`Get-MgRoleManagementDirectoryRoleDefinition`
`Get-MgRoleManagementEntitlementManagementRoleAssignment`
`Get-MgRoleManagementEntitlementManagementRoleDefinition`
`Get-MgServicePrincipal`
`Get-MgServicePrincipalAppRoleAssignedTo`
`Get-MgServicePrincipalAppRoleAssignment`
`Get-MgServicePrincipalCreatedObject`
`Get-MgServicePrincipalDelegatedPermissionClassification`
`Get-MgServicePrincipalDelta`
`Get-MgServicePrincipalMemberOf`
`Get-MgServicePrincipalOauth2PermissionGrant`
`Get-MgServicePrincipalOwnedObject`
`Get-MgServicePrincipalOwner`
`Get-MgServicePrincipalRemoteDesktopSecurityConfiguration`
`Get-MgServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroup`
`Get-MgServicePrincipalTransitiveMemberOf`
`Get-MgSubscribedSku`
`Get-MgTeam`
`Get-MgTeamChannel`
`Get-MgTeamChannelTab`
`Get-MgTeamInstalledApp`
`Get-MgUser`
`Get-MgUserAppRoleAssignment`
`Get-MgUserCreatedObject`
`Get-MgUserDelta`
`Get-MgUserDirectReport`
`Get-MgUserJoinedTeam`
`Get-MgUserLicenseDetail`
`Get-MgUserMemberGroup`
`Get-MgUserMemberOfAsGroup`
`Get-MgUserMessage`
`Get-MgUserOauth2PermissionGrant`
`Get-MgUserOwnedDevice`
`Get-MgUserOwnedObject`
`Get-MgUserRegisteredDevice`
`Get-MgUserTransitiveMemberOf`
`New-MgApplicationOwnerByRef`
`New-MgServicePrincipalAppRoleAssignedTo`
`New-MgServicePrincipalAppRoleAssignment`
`New-MgServicePrincipalOwnerByRef`
`Test-MgDirectoryObjectProperty`

Commands
`Confirm-MgBetaUserMemberGroup`
`Confirm-MgBetaUserMemberObject`
`Get-MgBetaAdministrativeUnit`
`Get-MgBetaAdministrativeUnitDelta`
`Get-MgBetaAdministrativeUnitMember`
`Get-MgBetaAdministrativeUnitMemberByRef`
`Get-MgBetaAdministrativeUnitScopedRoleMember`
`Get-MgBetaAppCatalogTeamApp`
`Get-MgBetaApplication`
`Get-MgBetaApplicationByAppId`
`Get-MgBetaApplicationDelta`
`Get-MgBetaApplicationExtensionProperty`
`Get-MgBetaApplicationFederatedIdentityCredential`
`Get-MgBetaApplicationOwner`
`Get-MgBetaAuditLogDirectoryAudit`
`Get-MgBetaAuditLogProvisioning`
`Get-MgBetaAuditLogSignIn`
`Get-MgBetaContact`
`Get-MgBetaContactDelta`
`Get-MgBetaContactDirectReport`
`Get-MgBetaContactManager`
`Get-MgBetaContactMemberOf`
`Get-MgBetaContactTransitiveMemberOf`
`Get-MgBetaContactTransitiveReportCount`
`Get-MgBetaContract`
`Get-MgBetaDevice`
`Get-MgBetaDeviceMemberOfAsGroup`
`Get-MgBetaDeviceRegisteredOwner`
`Get-MgBetaDeviceRegisteredUser`
`Get-MgBetaDeviceTransitiveMemberOfAsGroup`
`Get-MgBetaDeviceUsageRights`
`Get-MgBetaDirectoryCertificateAuthorityMutualTlOauthConfiguration`
`Get-MgBetaDirectoryObject`
`Get-MgBetaDirectoryObjectById`
`Get-MgBetaDirectoryRole`
`Get-MgBetaDirectoryRoleByRoleTemplateId`
`Get-MgBetaDirectoryRoleDelta`
`Get-MgBetaDirectoryRoleMember`
`Get-MgBetaDirectoryRoleScopedMember`
`Get-MgBetaDirectoryRoleTemplate`
`Get-MgBetaDirectorySetting`
`Get-MgBetaDirectorySettingTemplate`
`Get-MgBetaDirectorySubscription`
`Get-MgBetaDomain`
`Get-MgBetaDomainRootDomain`
`Get-MgBetaDriveItem`
`Get-MgBetaEducationClassGroup`
`Get-MgBetaEducationMeUser`
`Get-MgBetaEducationSchoolAdministrativeUnit`
`Get-MgBetaGroup`
`Get-MgBetaGroupAppRoleAssignment`
`Get-MgBetaGroupDelta`
`Get-MgBetaGroupLifecyclePolicy`
`Get-MgBetaGroupLifecyclePolicyByGroup`
`Get-MgBetaGroupMemberAsServicePrincipal`
`Get-MgBetaGroupMemberOfAsGroup`
`Get-MgBetaGroupOwner`
`Get-MgBetaGroupTransitiveMemberAsUser`
`Get-MgBetaGroupTransitiveMemberOf`
`Get-MgBetaOauth2PermissionGrant`
`Get-MgBetaOauth2PermissionGrantDelta`
`Get-MgBetaOrganization`
`Get-MgBetaPolicyAdminConsentRequestPolicy`
`Get-MgBetaPolicyClaimMappingPolicyApplyTo`
`Get-MgBetaPolicyHomeRealmDiscoveryPolicyApplyTo`
`Get-MgBetaPolicyPermissionGrantPolicyExclude`
`Get-MgBetaPolicyPermissionGrantPolicyInclude`
`Get-MgBetaPolicyTokenIssuancePolicyApplyTo`
`Get-MgBetaPolicyTokenLifetimePolicyApplyTo`
`Get-MgBetaReportAppCredentialSignInActivity`
`Get-MgBetaReportServicePrincipalSignInActivity`
`Get-MgBetaRoleManagementDirectoryRoleAssignment`
`Get-MgBetaRoleManagementDirectoryRoleDefinition`
`Get-MgBetaRoleManagementDirectoryTransitiveRoleAssignment`
`Get-MgBetaRoleManagementExchangeRoleAssignment`
`Get-MgBetaRoleManagementExchangeRoleDefinition`
`Get-MgBetaServicePrincipal`
`Get-MgBetaServicePrincipalAppRoleAssignedTo`
`Get-MgBetaServicePrincipalAppRoleAssignment`
`Get-MgBetaServicePrincipalCreatedObject`
`Get-MgBetaServicePrincipalDelegatedPermissionClassification`
`Get-MgBetaServicePrincipalDelta`
`Get-MgBetaServicePrincipalMemberOf`
`Get-MgBetaServicePrincipalOauth2PermissionGrant`
`Get-MgBetaServicePrincipalOwnedObject`
`Get-MgBetaServicePrincipalOwner`
`Get-MgBetaServicePrincipalPasswordSingleSignOnCredential`
`Get-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration`
`Get-MgBetaServicePrincipalRemoteDesktopSecurityConfigurationTargetDeviceGroup`
`Get-MgBetaServicePrincipalTransitiveMemberOf`
`Get-MgBetaSubscribedSku`
`Get-MgBetaTeam`
`Get-MgBetaTeamChannel`
`Get-MgBetaTeamChannelTab`
`Get-MgBetaTeamInstalledApp`
`Get-MgBetaUser`
`Get-MgBetaUserAppRoleAssignedResource`
`Get-MgBetaUserAppRoleAssignment`
`Get-MgBetaUserCreatedObject`
`Get-MgBetaUserDelta`
`Get-MgBetaUserDirectReport`
`Get-MgBetaUserJoinedTeam`
`Get-MgBetaUserLicenseDetail`
`Get-MgBetaUserLicenseDetailTeamLicensingDetail`
`Get-MgBetaUserMemberGroup`
`Get-MgBetaUserMemberObject`
`Get-MgBetaUserMemberOfAsGroup`
`Get-MgBetaUserOauth2PermissionGrant`
`Get-MgBetaUserOwnedDevice`
`Get-MgBetaUserOwnedObject`
`Get-MgBetaUserRegisteredDevice`
`Get-MgBetaUserScopedRoleMemberOf`
`Get-MgBetaUserTransitiveMemberOf`
`Get-MgBetaUserTransitiveReportCount`
`Invoke-MgBetaAssignedRoleManagementCloudPcRoleDefinitionPrincipal`
`Invoke-MgBetaAssignedRoleManagementDeviceManagementRoleDefinitionPrincipal`
`Invoke-MgBetaAssignedRoleManagementDirectoryRoleDefinitionInheritPermissionFromPrincipal`
`Invoke-MgBetaAssignedRoleManagementDirectoryRoleDefinitionPrincipal`
`Invoke-MgBetaAssignedRoleManagementEnterpriseAppRoleDefinitionInheritPermissionFromPrincipal`
`Invoke-MgBetaAssignedRoleManagementEnterpriseAppRoleDefinitionPrincipal`
`Invoke-MgBetaAssignedRoleManagementEntitlementManagementRoleDefinitionInheritPermissionFromPrincipal`
`Invoke-MgBetaAssignedRoleManagementEntitlementManagementRoleDefinitionPrincipal`
`Invoke-MgBetaAssignedRoleManagementExchangeRoleDefinitionPrincipal`
`Invoke-MgBetaRetryContactServiceProvisioning`
`New-MgBetaApplicationOwnerByRef`
`New-MgBetaServicePrincipalAppRoleAssignedTo`
`New-MgBetaServicePrincipalAppRoleAssignment`
`New-MgBetaServicePrincipalOwnerByRef`
`New-MgBetaServicePrincipalPasswordSingleSignOnCredential`
`Remove-MgBetaServicePrincipalPasswordSingleSignOnCredential`
`Test-MgBetaDirectoryObjectProperty`
`Update-MgBetaServicePrincipalPasswordSingleSignOnCredential`

Code Examples

C# / .NET SDK

// Install: dotnet add package Microsoft.Graph
// Install: dotnet add package Azure.Identity
using Microsoft.Graph;
using Azure.Identity;

// Delegated permissions - interactive user sign-in
var scopes = new[] { "Directory.Read.All" };
var options = new InteractiveBrowserCredentialOptions
{
    ClientId = "YOUR_CLIENT_ID",
    TenantId = "YOUR_TENANT_ID",
    RedirectUri = new Uri("http://localhost")
};
var credential = new InteractiveBrowserCredential(options);
var graphClient = new GraphServiceClient(credential, scopes);

// Example: GET /me
var result = await graphClient.Me.GetAsync();
Console.WriteLine($"User: {result?.DisplayName}");

// Application permissions - daemon/service app
var tenantId = "YOUR_TENANT_ID";
var clientId = "YOUR_CLIENT_ID";
var clientSecret = "YOUR_CLIENT_SECRET";

var credential = new ClientSecretCredential(tenantId, clientId, clientSecret);
var graphClient = new GraphServiceClient(credential);

// Example: GET /users/{user-id}
var users = await graphClient.Users.GetAsync();
foreach (var user in users?.Value ?? [])
{
    Console.WriteLine($"User: {user.DisplayName}");
}

JavaScript / TypeScript

// npm install @azure/msal-browser @microsoft/microsoft-graph-client
import { PublicClientApplication } from "@azure/msal-browser";
import { Client } from "@microsoft/microsoft-graph-client";
import { AuthCodeMSALBrowserAuthenticationProvider } from 
    "@microsoft/microsoft-graph-client/authProviders/authCodeMsalBrowser";

const msalConfig = {
    auth: {
        clientId: "YOUR_CLIENT_ID",
        authority: "https://login.microsoftonline.com/YOUR_TENANT_ID"
    }
};

const pca = new PublicClientApplication(msalConfig);
await pca.initialize();

// Delegated: Login with required scope
const loginResponse = await pca.loginPopup({
    scopes: ["Directory.Read.All"]
});

const authProvider = new AuthCodeMSALBrowserAuthenticationProvider(pca, {
    account: loginResponse.account,
    scopes: ["Directory.Read.All"],
    interactionType: "popup"
});

const graphClient = Client.initWithMiddleware({ authProvider });

// Example: GET /me
const result = await graphClient.api("/me").get();
console.log(result);

// Application: Use client credentials (Node.js backend only)
// npm install @azure/identity @microsoft/microsoft-graph-client
import { ClientSecretCredential } from "@azure/identity";
import { TokenCredentialAuthenticationProvider } from 
    "@microsoft/microsoft-graph-client/authProviders/azureTokenCredentials";

const credential = new ClientSecretCredential(
    "YOUR_TENANT_ID",
    "YOUR_CLIENT_ID", 
    "YOUR_CLIENT_SECRET"
);

const authProvider = new TokenCredentialAuthenticationProvider(credential, {
    scopes: ["https://graph.microsoft.com/.default"]
});

const graphClient = Client.initWithMiddleware({ authProvider });
const result = await graphClient.api("/users").get();
console.log(result);

PowerShell

# Install Microsoft Graph PowerShell module
Install-Module Microsoft.Graph -Scope CurrentUser

# Delegated access - interactive sign-in
Connect-MgGraph -Scopes "Directory.Read.All"

# Verify connection
Get-MgContext | Select-Object Account, TenantId, Scopes

# Example: GET /me
$result = Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/v1.0/me"
$result | ConvertTo-Json -Depth 5

# Application access with certificate
$params = @{
    ClientId = "YOUR_CLIENT_ID"
    TenantId = "YOUR_TENANT_ID"
    CertificateThumbprint = "YOUR_CERT_THUMBPRINT"
}
Connect-MgGraph @params

# Or with client secret (not recommended for production)
# Connect-MgGraph -ClientSecretCredential $credential

# Example: GET /users
$result = Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/v1.0/users"
$result | ConvertTo-Json -Depth 5

# Always disconnect when done
Disconnect-MgGraph

Python

# pip install msgraph-sdk azure-identity
from azure.identity import InteractiveBrowserCredential, ClientSecretCredential
from msgraph import GraphServiceClient
import asyncio

# Delegated permissions - interactive browser sign-in
credential = InteractiveBrowserCredential(
    client_id="YOUR_CLIENT_ID",
    tenant_id="YOUR_TENANT_ID"
)
scopes = ["Directory.Read.All"]
client = GraphServiceClient(credential, scopes)

async def get_data():
    # Example: GET /me
    result = await client.me.get()
    print(f"User: {result.display_name}")
    return result

asyncio.run(get_data())

# Application permissions - client credentials
credential = ClientSecretCredential(
    tenant_id="YOUR_TENANT_ID",
    client_id="YOUR_CLIENT_ID",
    client_secret="YOUR_CLIENT_SECRET"
)
scopes = ["https://graph.microsoft.com/.default"]
client = GraphServiceClient(credential, scopes)

async def get_users():
    # Example: GET /users
    result = await client.users.get()
    for user in result.value:
        print(f"User: {user.display_name}")
    return result

asyncio.run(get_users())

App Registration

Navigate to Azure Portal

Go to App registrations in Microsoft Entra admin center

Add API Permission

Select your app → API permissions → Add a permission → Microsoft Graph

Select Permission Type

Choose Application permissions or Delegated permissions and search for Directory.Read.All

Grant Admin Consent

Application permissions always require admin consent. Click "Grant admin consent" in the Azure portal.