|
Read directory data
|
-
Read directory data (Directory.Read.All)
-
Read all groups (Group.Read.All)
-
Read group memberships (GroupMember.Read.All)
-
Sign in and read user profile (User.Read)
|
|
|
Read user and device information, cloud app data, and activity data
|
-
Read directory data (Directory.Read.All)
-
Read all users' relevant people lists (People.Read.All)
-
Sign in and read user profile (User.Read)
-
Read all users' full profiles (User.Read.All)
-
Read items in all site collections (Sites.Read.All)
-
Read all groups (Group.Read.All)
-
Read all audit log data (AuditLog.Read.All)
-
Read identity risk event information (IdentityRiskEvent.Read.All)
-
Read all usage reports (Reports.Read.All)
-
Read your organization's security events (SecurityEvents.Read.All)
-
Read activity data for your organization (ActivityFeed.Read)
-
Read all user mailbox settings (MailboxSettings.Read)
-
Read organization information (Organization.Read.All)
-
Read all hidden memberships (Member.Read.Hidden)
-
Read threat assessment requests (ThreatAssessment.Read.All)
-
Read your organization's policies (Policy.Read.All)
-
Read users' authentication methods (UserAuthenticationMethod.Read.All)
|
|
|
Read directory data and perform account management actions
|
-
Read and write all users' full profiles (User.ReadWrite.All)
-
Manage all user identities (User.ManageIdentities.All)
-
Read and write directory data (Directory.ReadWrite.All)
|
|
|
Read protected content and sensitivity label information
|
-
Read all protected content for this tenant (Content.SuperUser)
-
Read all published labels and label policies for an organization
(InformationProtectionPolicy.Read.All)
-
Read organization information (Organization.Read.All)
-
Sign in and read user profile (User.Read)
-
Read all unified policies of the tenant (UnifiedPolicy.Tenant.Read?
|
|
