Policy.ReadWrite.ConsentRequest

Permission Details

Application Permission

Read and write your organization's consent request policy

Allows the app to read and write your organization's consent requests policy without a signed-in user.

Permission ID: 999f8c63-0a38-4f1b-91fd-ed1947bdd1a9

Delegated Permission

Read and write consent request policy

Allows the app to read and write your organization's consent requests policy on behalf of the signed-in user.

Permission ID: 4d135e65-66b8-41a8-9f8b-081452c91774

Properties

Microsoft Graph v1.0 mapped-docs

Properties is shown from stable Microsoft Graph v1.0 metadata.

Property	Type	Description
`id`	`String`	Unique identifier of the policy. Inherited from entity.
`activityBasedTimeoutPolicies`	`activityBasedTimeoutPolicy collection`	The policy that controls the idle time out for web sessions for applications.
`adminConsentRequestPolicy`	`object`	The policy by which consent requests are created and managed for the entire tenant.
`appManagementPolicies`	`appManagementPolicy collection`	The policies that enforce app management restrictions for specific applications and service principals, overriding the defaultAppManagementPolicy.
`authenticationFlowsPolicy`	`object`	The policy configuration of the self-service sign-up experience of external users.
`authenticationMethodsPolicy`	`object`	The authentication methods and the users that are allowed to use them to sign in and perform multifactor authentication (MFA) in Microsoft Entra ID.
`authenticationStrengthPolicies`	`authenticationStrengthPolicy collection`	The authentication method combinations that are to be used in scenarios defined by Microsoft Entra Conditional Access.
`authorizationPolicy`	`object`	The policy that controls Microsoft Entra authorization settings.
`claimsMappingPolicies`	`claimsMappingPolicy collection`	The claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Connect protocols, for tokens issued to a specific application.
`conditionalAccessPolicies`	`conditionalAccessPolicy collection`	The custom rules that define an access scenario.
`crossTenantAccessPolicy`	`object`	The custom rules that define an access scenario when interacting with external Microsoft Entra tenants.
`defaultAppManagementPolicy`	`object`	The tenant-wide policy that enforces app management restrictions for all applications and service principals.
`deviceRegistrationPolicy`	`object`
`featureRolloutPolicies`	`featureRolloutPolicy collection`	The feature rollout policy associated with a directory object.
`homeRealmDiscoveryPolicies`	`homeRealmDiscoveryPolicy collection`	The policy to control Microsoft Entra authentication behavior for federated users.

Showing 15 of 21 properties.

JSON Representation

Microsoft Graph v1.0 mapped-docs

JSON representation is shown from stable Microsoft Graph v1.0 metadata.

JSON representation

{
  "@odata.type": "#microsoft.graph.policyRoot",
  "id": "String (identifier)"
}

Relationships

Microsoft Graph v1.0 mapped-docs

Relationships is shown from stable Microsoft Graph v1.0 metadata.

Relationship	Type	Description
`activityBasedTimeoutPolicies`	`activityBasedTimeoutPolicy collection`	The policy that controls the idle time out for web sessions for applications.
`adminConsentRequestPolicy`	`adminConsentRequestPolicy`	The policy by which consent requests are created and managed for the entire tenant.
`appManagementPolicies`	`appManagementPolicy collection`	The policies that enforce app management restrictions for specific applications and service principals, overriding the defaultAppManagementPolicy.
`authenticationFlowsPolicy`	`authenticationFlowsPolicy`	The policy configuration of the self-service sign-up experience of external users.
`authenticationMethodsPolicy`	`authenticationMethodsPolicy`	The authentication methods and the users that are allowed to use them to sign in and perform multifactor authentication (MFA) in Microsoft Entra ID.
`authenticationStrengthPolicies`	`authenticationStrengthPolicy collection`	The authentication method combinations that are to be used in scenarios defined by Microsoft Entra Conditional Access.
`authorizationPolicy`	`authorizationPolicy collection`	The policy that controls Microsoft Entra authorization settings.
`claimsMappingPolicies`	`claimsMappingPolicy collection`	The claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Connect protocols, for tokens issued to a specific application.
`conditionalAccessPolicies`	`conditionalAccessPolicy`	The custom rules that define an access scenario.
`crossTenantAccessPolicy`	`crossTenantAccessPolicy`	The custom rules that define an access scenario when interacting with external Microsoft Entra tenants.
`defaultAppManagementPolicy`	`tenantAppManagementPolicy`	The tenant-wide policy that enforces app management restrictions for all applications and service principals.
`featureRolloutPolicies`	`featureRolloutPolicy collection`	The feature rollout policy associated with a directory object.
`homeRealmDiscoveryPolicies`	`homeRealmDiscoveryPolicy collection`	The policy to control Microsoft Entra authentication behavior for federated users.
`identitySecurityDefaultsEnforcementPolicy`	`identitySecurityDefaultsEnforcementPolicy`	The policy that represents the security defaults that protect against common attacks.
`permissionGrantPolicies`	`permissionGrantPolicy collection`	The policy that specifies the conditions under which consent can be granted.
`roleManagementPolicies`	`unifiedRoleManagementPolicy collection`	Specifies the various policies associated with scopes and roles.
`roleManagementPolicyAssignments`	`unifiedRoleManagementPolicyAssignment collection`	The assignment of a role management policy to a role definition object.
`tokenIssuancePolicies`	`tokenIssuancePolicy collection`	The policy that specifies the characteristics of SAML tokens issued by Microsoft Entra ID.
`tokenLifetimePolicies`	`tokenLifetimePolicy collection`	The policy that controls the lifetime of a JWT access token, an ID token, or a SAML 1.1/2.0 token issued by Microsoft Entra ID.
`b2bManagementPolicies`	`b2bManagementPolicy collection`	The policy to manage Microsoft Entra B2B features in Microsoft Entra External ID for workforce tenants.
`mobileAppManagementPolicies`	`mobileAppManagementPolicy collection`	The policy that defines autoenrollment configuration for a mobility management (MDM or MAM) application.
`mobileDeviceManagementPolicies`	`mobileDeviceManagementPolicy collection`	Related mobileDeviceManagementPolicies data exposed by this resource.
`onPremAuthenticationPolicies`	`onPremAuthenticationPolicy collection`	The policy that controls how authentication requests from on-premises environments are managed.
`permissionGrantPreApprovalPolicies`	`permissionGrantPreApprovalPolicy collection`	Policies that specify the conditions under which consent can be granted to a specific application.
`servicePrincipalCreationPolicies`	`servicePrincipalCreationPolicy collection`	Related servicePrincipalCreationPolicies data exposed by this resource.

Graph Methods

Delegated access App-only access

Exact Microsoft Learn match

Microsoft Graph v1.0 endpoints are mapped directly from refreshed Microsoft Learn permissions tables.

Methods
GET `/policies/adminConsentRequestPolicy`
PUT `/policies/adminConsentRequestPolicy`

Exact Microsoft Learn match

Microsoft Graph beta endpoints are mapped directly from refreshed Microsoft Learn permissions tables.

Methods
GET `/policies/adminConsentRequestPolicy`
PUT `/policies/adminConsentRequestPolicy`

Exact Microsoft Learn PowerShell match

Microsoft Graph PowerShell v1.0 commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.

Commands
`Get-MgPolicyAdminConsentRequestPolicy` /policies/adminConsentRequestPolicy Get adminConsentRequestPolicy

Exact Microsoft Learn PowerShell match

Microsoft Graph PowerShell beta commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.

Commands
`Get-MgBetaPolicyAdminConsentRequestPolicy` /policies/adminConsentRequestPolicy Get adminConsentRequestPolicy

Code Examples

C# / .NET SDK

Get adminConsentRequestPolicy

View official example on Microsoft Learn

// Code snippets are only available for the latest version. Current version is 5.x

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.AdminConsentRequestPolicy.GetAsync();

JavaScript

Update adminConsentRequestPolicy

View official example on Microsoft Learn

const options = {
	authProvider,
};

const client = Client.init(options);

const adminConsentRequestPolicy = {
  isEnabled: true,
  notifyReviewers: true,
  remindersEnabled: true,
  requestDurationInDays: 5,
  reviewers: [
    {
      query: '/users/b6879be8-fb87-4482-a72e-18445d2b5c54',
      queryType: 'MicrosoftGraph'
    },
    {
      query: '/users/b3427cc5-bf69-4dcd-95f7-ed1eb432f5e9',
      queryType: 'MicrosoftGraph'
    }
  ]
};

await client.api('/policies/adminConsentRequestPolicy')
	.put(adminConsentRequestPolicy);

PowerShell

Get adminConsentRequestPolicy

View official example on Microsoft Learn

Import-Module Microsoft.Graph.Identity.SignIns

Get-MgPolicyAdminConsentRequestPolicy

Python

Get adminConsentRequestPolicy

View official example on Microsoft Learn

# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python

result = await graph_client.policies.admin_consent_request_policy.get()

App Registration

1

Navigate to Azure Portal

Go to App registrations in Microsoft Entra admin center

2

Add API Permission

Select your app → API permissions → Add a permission → Microsoft Graph

3

Select Permission Type

Choose Application permissions or delegated permissions and search for Policy.ReadWrite.ConsentRequest

4

Grant Admin Consent

Application permissions always require admin consent.