Table of Contents

ConsentRequest.ReadWrite.All

Allows the app to read app consent requests and approvals, and deny or approve those requests on behalf of the signed-in user.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the ConsentRequest.ReadWrite.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category Application Delegated
Identifier 9f1b81a7-0223-4428-bfa4-0bcb5535f27d 497d9dfa-3bd1-481a-baab-90895e54568c
DisplayText Read and write all consent requests Read and write consent requests
Description Allows the app to read app consent requests and approvals, and deny or approve those requests without a signed-in user. Allows the app to read app consent requests and approvals, and deny or approve those requests on behalf of the signed-in user.
AdminConsentRequired Yes Yes

Graph Methods

API supports delegated access (access on behalf of a user)
API supports app-only access (access without a user)

Methods

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: appConsentRequest

Property Type Description
appDisplayName String The display name of the app for which consent is requested. Required. Supports $filter (eq only) and $orderby.
appId String The identifier of the application. Required. Supports $filter (eq only) and $orderby.
id String The identifier of the app consent request. Required.
pendingScopes appConsentRequestScope collection A list of pending scopes waiting for approval. Required.