Does EduAssignments.ReadBasic.All require admin consent?

Yes, Application permissions always require admin consent. An administrator must grant consent in the Azure portal.

How do I add EduAssignments.ReadBasic.All to my app registration?

Go to Azure Portal > App registrations > Your app > API permissions > Add permission > Microsoft Graph, then search for EduAssignments.ReadBasic.All and select it.

EduAssignments.ReadBasic.All Permission - Microsoft Graph API

EduAssignments.ReadBasic.All

Permission Details

Application Permission

Read all class assignments without grades

Allows the app to read all class assignments without grades for all users without a signed-in user.

Permission ID: 6e0a958b-b7fc-4348-b7c4-a6ab9fd3dd0e

Graph Methods

Delegated access App-only access

Methods
GET `/education/classes/{class-id}/assignments/{assignment-id}/resources/{resource-id}`
GET `/education/classes/{class-id}/assignments/{assignment-id}/resources/{resource-id}/dependentResources`
GET `/education/classes/{class-id}/assignments/{assignment-id}/submissions/{submission-id}`
GET `/education/classes/{class-id}/assignments/{assignment-id}/submissions/{submission-id}/resources`
GET `/education/classes/{class-id}/assignments/{assignment-id}/submissions/{submission-id}/resources/{resource-id}`
GET `/education/classes/{class-id}/assignments/{assignment-id}/submissions/{submission-id}/resources/{resource-id}/dependentResources`
GET `/education/classes/{educationClassId}/assignmentCategories/delta`
GET `/education/classes/{educationClassId}/assignments/{educationAssignmentId}/categories/delta`
GET `/education/classes/{educationClassId}/assignments/delta`
GET `/education/classes/{id}/assignmentCategories`
GET `/education/classes/{id}/assignmentCategories/{id}`
GET `/education/classes/{id}/assignmentDefaults`
GET `/education/classes/{id}/assignments`
GET `/education/classes/{id}/assignments/{id}`
GET `/education/classes/{id}/assignments/{id}/categories`
GET `/education/classes/{id}/assignments/{id}/resources`
GET `/education/classes/{id}/assignments/{id}/rubric`
GET `/education/classes/{id}/assignments/{id}/submissions`
GET `/education/classes/{id}/assignments/{id}/submissions/{id}/submittedResources`
GET `/education/classes/{id}/assignments/{id}/submissions/{id}/submittedResources/{id}`
GET `/education/classes/{id}/assignmentSettings`
GET `/education/me/assignments`
GET `/education/users/{user-id}/assignments`

Methods
GET `/education/classes/{class-id}/assignments/{assignment-id}/resources/{resource-id}`
GET `/education/classes/{class-id}/assignments/{assignment-id}/resources/{resource-id}/dependentResources`
GET `/education/classes/{class-id}/assignments/{assignment-id}/submissions`
GET `/education/classes/{class-id}/assignments/{assignment-id}/submissions/{submission-id}`
GET `/education/classes/{class-id}/assignments/{assignment-id}/submissions/{submission-id}/resources/{resource-id}`
GET `/education/classes/{class-id}/assignments/{assignment-id}/submissions/{submission-id}/resources/{resource-id}/dependentResources`
GET `/education/classes/{educationClassId}/assignmentCategories/delta`
GET `/education/classes/{educationClassId}/assignments/{educationAssignmentId}/categories/delta`
GET `/education/classes/{educationClassId}/assignments/delta`
GET `/education/classes/{id}/assignmentCategories`
GET `/education/classes/{id}/assignmentCategories/{id}`
GET `/education/classes/{id}/assignmentDefaults`
GET `/education/classes/{id}/assignments`
GET `/education/classes/{id}/assignments/{id}`
GET `/education/classes/{id}/assignments/{id}/categories`
GET `/education/classes/{id}/assignments/{id}/resources`
GET `/education/classes/{id}/assignments/{id}/rubric`
GET `/education/classes/{id}/assignments/{id}/submissions/{id}/resources`
GET `/education/classes/{id}/assignments/{id}/submissions/{id}/submittedResources`
GET `/education/classes/{id}/assignments/{id}/submissions/{id}/submittedResources/{id}`
GET `/education/classes/{id}/assignmentSettings`
GET `/education/me/assignments`
GET `/education/users/{user-id}/assignments`

Commands
`Get-MgEducationClassAssignment`
`Get-MgEducationClassAssignmentCategory`
`Get-MgEducationClassAssignmentCategoryByRef`
`Get-MgEducationClassAssignmentCategoryDelta`
`Get-MgEducationClassAssignmentDefault`
`Get-MgEducationClassAssignmentDelta`
`Get-MgEducationClassAssignmentResource`
`Get-MgEducationClassAssignmentResourceDependentResource`
`Get-MgEducationClassAssignmentRubric`
`Get-MgEducationClassAssignmentSetting`
`Get-MgEducationClassAssignmentSubmission`
`Get-MgEducationClassAssignmentSubmissionResource`
`Get-MgEducationClassAssignmentSubmissionResourceDependentResource`
`Get-MgEducationClassAssignmentSubmissionSubmittedResource`
`Get-MgEducationMeAssignment`

Commands
`Get-MgBetaEducationClassAssignment`
`Get-MgBetaEducationClassAssignmentCategory`
`Get-MgBetaEducationClassAssignmentCategoryByRef`
`Get-MgBetaEducationClassAssignmentCategoryDelta`
`Get-MgBetaEducationClassAssignmentDefault`
`Get-MgBetaEducationClassAssignmentDelta`
`Get-MgBetaEducationClassAssignmentResource`
`Get-MgBetaEducationClassAssignmentResourceDependentResource`
`Get-MgBetaEducationClassAssignmentRubric`
`Get-MgBetaEducationClassAssignmentSetting`
`Get-MgBetaEducationClassAssignmentSubmission`
`Get-MgBetaEducationClassAssignmentSubmissionResource`
`Get-MgBetaEducationClassAssignmentSubmissionResourceDependentResource`
`Get-MgBetaEducationClassAssignmentSubmissionSubmittedResource`
`Get-MgBetaEducationMeAssignment`

Code Examples

C# / .NET SDK

// Install: dotnet add package Microsoft.Graph
// Install: dotnet add package Azure.Identity
using Microsoft.Graph;
using Azure.Identity;



// Application permissions - daemon/service app
var tenantId = "YOUR_TENANT_ID";
var clientId = "YOUR_CLIENT_ID";
var clientSecret = "YOUR_CLIENT_SECRET";

var credential = new ClientSecretCredential(tenantId, clientId, clientSecret);
var graphClient = new GraphServiceClient(credential);

// Example: GET /users/{user-id}
var users = await graphClient.Users.GetAsync();
foreach (var user in users?.Value ?? [])
{
    Console.WriteLine($"User: {user.DisplayName}");
}

JavaScript / TypeScript

// npm install @azure/msal-browser @microsoft/microsoft-graph-client
import { PublicClientApplication } from "@azure/msal-browser";
import { Client } from "@microsoft/microsoft-graph-client";
import { AuthCodeMSALBrowserAuthenticationProvider } from 
    "@microsoft/microsoft-graph-client/authProviders/authCodeMsalBrowser";

const msalConfig = {
    auth: {
        clientId: "YOUR_CLIENT_ID",
        authority: "https://login.microsoftonline.com/YOUR_TENANT_ID"
    }
};

const pca = new PublicClientApplication(msalConfig);
await pca.initialize();



// Application: Use client credentials (Node.js backend only)
// npm install @azure/identity @microsoft/microsoft-graph-client
import { ClientSecretCredential } from "@azure/identity";
import { TokenCredentialAuthenticationProvider } from 
    "@microsoft/microsoft-graph-client/authProviders/azureTokenCredentials";

const credential = new ClientSecretCredential(
    "YOUR_TENANT_ID",
    "YOUR_CLIENT_ID", 
    "YOUR_CLIENT_SECRET"
);

const authProvider = new TokenCredentialAuthenticationProvider(credential, {
    scopes: ["https://graph.microsoft.com/.default"]
});

const graphClient = Client.initWithMiddleware({ authProvider });
const result = await graphClient.api("/users").get();
console.log(result);

PowerShell

# Install Microsoft Graph PowerShell module
Install-Module Microsoft.Graph -Scope CurrentUser



# Application access with certificate
$params = @{
    ClientId = "YOUR_CLIENT_ID"
    TenantId = "YOUR_TENANT_ID"
    CertificateThumbprint = "YOUR_CERT_THUMBPRINT"
}
Connect-MgGraph @params

# Or with client secret (not recommended for production)
# Connect-MgGraph -ClientSecretCredential $credential

# Example: GET /users
$result = Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/v1.0/users"
$result | ConvertTo-Json -Depth 5

# Always disconnect when done
Disconnect-MgGraph

Python

# pip install msgraph-sdk azure-identity
from azure.identity import InteractiveBrowserCredential, ClientSecretCredential
from msgraph import GraphServiceClient
import asyncio



# Application permissions - client credentials
credential = ClientSecretCredential(
    tenant_id="YOUR_TENANT_ID",
    client_id="YOUR_CLIENT_ID",
    client_secret="YOUR_CLIENT_SECRET"
)
scopes = ["https://graph.microsoft.com/.default"]
client = GraphServiceClient(credential, scopes)

async def get_users():
    # Example: GET /users
    result = await client.users.get()
    for user in result.value:
        print(f"User: {user.display_name}")
    return result

asyncio.run(get_users())

App Registration

Navigate to Azure Portal

Go to App registrations in Microsoft Entra admin center

Add API Permission

Select your app → API permissions → Add a permission → Microsoft Graph

Select Permission Type

Choose Application permissions and search for EduAssignments.ReadBasic.All

Grant Admin Consent

Application permissions always require admin consent. Click "Grant admin consent" in the Azure portal.