Table of Contents

Contacts.ReadWrite

Allows the app to create, read, update, and delete user contacts.

Administrators can configure application access policy to limit app access to specific mailboxes and not to all the mailboxes in the organization, even if the app has been granted the Contacts.ReadWrite application permission.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the Contacts.ReadWrite permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category Application Delegated
Identifier 6918b873-d17a-4dc1-b314-35f528134491 d56682ec-c09e-4743-aaf4-1a3aac4caa21
DisplayText Read and write contacts in all mailboxes Have full access to user contacts
Description Allows the app to create, read, update, and delete all contacts in all mailboxes without a signed-in user. Allows the app to create, read, update, and delete user contacts.
AdminConsentRequired Yes No

Graph Methods

API supports delegated access (access on behalf of a user)
API supports app-only access (access without a user)

Methods

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: basetask

Property Type Description
textBody String The task body in text format that typically contains information about the task.
bodyLastModifiedDateTime DateTimeOffset The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'.
completedDateTime DateTimeOffset The date when the task was finished.
createdDateTime DateTimeOffset The date and time when the task was created. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'.
displayName String The name of the task.
dueDateTime dateTimeTimeZone The date in the specified time zone that the task is to be finished.
id String Unique identifier for the task. By default, this value will not change if a task is moved from one list to another.
importance importance The importance of the task. Possible values are: low, normal, high. The possible values are: low, normal, high.
lastModifiedDateTime DateTimeOffset The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'.
viewpoint taskViewpoint Properties that are personal to a user such as reminderDateTime and categories.
recurrence patternedRecurrence The recurrence pattern for the task.
startDateTime dateTimeTimeZone The date in the specified time zone when the task is to begin.
status taskStatus_v2 Indicates the state or progress of the task. Possible values are: notStarted, inProgress, completed,unknownFutureValue.