PrivilegedAccess-CustomExt.Read.All

Permission Details

Application Permission

Read Privileged Access (PIM) custom extensions

Allows the app to read Privileged Access (PIM) custom extensions for your organization, without a signed-in user.

Permission ID: e7ebe2d9-6e26-487a-8286-191d623a6904

Delegated Permission

Read Privileged Access (PIM) custom extensions

Allows the app to read Privileged Access (PIM) custom extensions for your organization, without a signed-in user.

Permission ID: bc04fe80-7e6a-4154-8b8f-d1e3465613bf

Properties

Properties metadata is not available for this permission mapping. View on Microsoft Learn

JSON Representation

JSON representation is not available for this permission mapping. View on Microsoft Learn

Relationships

Relationships metadata is not available for this permission mapping.

View resource documentation

Graph Methods

Delegated access App-only access

No Learn or OpenAPI mapping available

Microsoft Graph v1.0 endpoints are not available from refreshed Microsoft Learn or Microsoft Graph OpenAPI metadata for this permission.

No API methods available for this version.

No Learn or OpenAPI mapping available

Microsoft Graph beta endpoints are not available from refreshed Microsoft Learn or Microsoft Graph OpenAPI metadata for this permission.

No API methods available for this version.

No Microsoft Learn PowerShell mapping available

Microsoft Graph PowerShell v1.0 commands are not available from refreshed Microsoft Learn PowerShell snippets for this permission.

No deterministic PowerShell command map is available for this permission.

Browse PowerShell docs

No Microsoft Learn PowerShell mapping available

Microsoft Graph PowerShell beta commands are not available from refreshed Microsoft Learn PowerShell snippets for this permission.

No deterministic PowerShell command map is available for this permission.

Browse PowerShell docs

Code Examples

C# / .NET SDK

using Azure.Identity;
using Microsoft.Graph;

var scopes = new[] { "PrivilegedAccess-CustomExt.Read.All" };
var credential = new InteractiveBrowserCredential(
    new InteractiveBrowserCredentialOptions
    {
        ClientId = "YOUR_CLIENT_ID",
        TenantId = "YOUR_TENANT_ID",
        RedirectUri = new Uri("http://localhost")
    });

var graphClient = new GraphServiceClient(credential, scopes);
var response = await graphClient
    .WithUrl("https://graph.microsoft.com/v1.0/privilegedaccess-customext")
    .GetAsync();

JavaScript

import { Client } from "@microsoft/microsoft-graph-client";
import { InteractiveBrowserCredential } from "@azure/identity";

const credential = new InteractiveBrowserCredential({
  clientId: "YOUR_CLIENT_ID",
  tenantId: "YOUR_TENANT_ID",
  redirectUri: "http://localhost"
});

const token = await credential.getToken(["PrivilegedAccess-CustomExt.Read.All"]);
const client = Client.init({
  authProvider: (done) => done(null, token.token)
});

const response = await client.api("/privilegedaccess-customext").get();

PowerShell

Connect-MgGraph -Scopes "PrivilegedAccess-CustomExt.Read.All"
Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/v1.0/privilegedaccess-customext"

Python

from azure.identity import InteractiveBrowserCredential
import requests

credential = InteractiveBrowserCredential(
    client_id="YOUR_CLIENT_ID",
    tenant_id="YOUR_TENANT_ID"
)

token = credential.get_token("PrivilegedAccess-CustomExt.Read.All")
response = requests.get(
    "https://graph.microsoft.com/v1.0/privilegedaccess-customext",
    headers={"Authorization": f"Bearer {token.token}"}
)

print(response.json())

App Registration

1

Navigate to Azure Portal

Go to App registrations in Microsoft Entra admin center

2

Add API Permission

Select your app → API permissions → Add a permission → Microsoft Graph

3

Select Permission Type

Choose Application permissions or delegated permissions and search for PrivilegedAccess-CustomExt.Read.All

4

Grant Admin Consent

Application permissions always require admin consent.