Merill's Note
For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the EventListener.ReadWrite.All permission.
If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant
Granting this permission allows the calling application to access (and/or update) the following information in your tenant.
Graph reference: authenticationConditionApplication
| Property |
Type |
Description |
| appId |
String |
The identifier for an application corresponding to a condition which will trigger an authenticationEventListener. |
Graph reference: authenticationConditions
| Property |
Type |
Description |
| applications |
authenticationConditionsApplications |
Applications which trigger a custom authentication extension. |
Graph reference: authenticationEventListener
| Property |
Type |
Description |
| conditions |
authenticationConditions |
The conditions on which this authenticationEventListener should trigger. |
| id |
String |
Identifier for this authenticationEventListener. Inherited from entity. |
| authenticationEventsFlowId |
String |
Indicates the authenticationEventListener is associated with an authenticationEventsFlow. Read-only. |
Graph reference: authenticationEventsFlow
| Property |
Type |
Description |
| id |
String |
The unique identifier for the entity. Read-only. Inherited from entity. Autogenerated. |
| displayName |
String |
Required. The display name for the events policy. |
| description |
String |
The description of the events policy. |
| conditions |
authenticationConditions |
The conditions representing the context of the authentication request that's used to decide whether the events policy is invoked.
Supports $filter (eq). See support for filtering on user flows for syntax information. |
Graph reference: identityProviderBase
| Property |
Type |
Description |
| displayName |
String |
The display name of the identity provider. |
| id |
String |
The identifier of the identity provider. |
Graph reference: identityUserFlowAttribute
| Property |
Type |
Description |
| dataType |
identityUserFlowAttributeDataType |
The data type of the user flow attribute. Can't be modified after the custom user flow attribute is created. The supported values for dataType are: string , boolean , int64 , stringCollection , dateTime, unknownFutureValue.
Supports $filter (eq, ne). |
| displayName |
String |
The display name of the user flow attribute.
Supports $filter (eq, ne). |
| description |
String |
The description of the user flow attribute that's shown to the user at the time of sign up. |
| id |
String |
The identifier of the user flow attribute. Read-only.
Supports $filter (eq, ne). |
| userFlowAttributeType |
identityUserFlowAttributeType |
The type of the user flow attribute. Read-only. Depending on the type of attribute, the values for this property are builtIn, custom, required, unknownFutureValue.
Supports $filter (eq, ne). |
Graph reference: onAttributeCollectionListener
| Property |
Type |
Description |
| id |
String |
Required. Inherited from entity. |
| conditions |
authenticationConditions |
Required. Inherited from authenticationEventListener. |
| authenticationEventsFlowId |
String |
Inherited from authenticationEventListener. |
| handler |
onAttributeCollectionHandler |
Required. Configuration for what to invoke if the event resolves to this listener. |
Graph reference: onAttributeCollectionStartListener
| Property |
Type |
Description |
| authenticationEventsFlowId |
String |
The identifier of the authenticationEventsFlow object. Inherited from authenticationEventListener. |
| conditions |
authenticationConditions |
The conditions on which this authenticationEventListener should trigger. Inherited from authenticationEventListener. |
| handler |
onAttributeCollectionStartHandler |
Configuration for what to invoke if the event resolves to this listener. |
| id |
String |
Identifier for this authenticationEventListener. Inherited from entity. |
| priority |
Int32 |
The priority of this handler. Between 0 (lower priority) and 1000 (higher priority). Inherited from authenticationEventListener. |
Graph reference: onAttributeCollectionSubmitListener
| Property |
Type |
Description |
| authenticationEventsFlowId |
String |
The identifier of the authenticationEventsFlow object. Inherited from authenticationEventListener. |
| conditions |
authenticationConditions |
The conditions on which this authenticationEventListener should trigger. Inherited from authenticationEventListener. |
| handler |
onAttributeCollectionSubmitHandler |
Configuration for what to invoke if the event resolves to this listener. |
| id |
String |
Identifier for this authenticationEventListener. Inherited from entity. |
| priority |
Int32 |
The priority of this listener. Between 0 (lower priority) and 1000 (higher priority). Inherited from authenticationEventListener. |
Graph reference: onAuthenticationMethodLoadStartListener
| Property |
Type |
Description |
| id |
String |
Required. Inherited from entity. |
| conditions |
authenticationConditions |
Required. Inherited from authenticationEventListener. |
| authenticationEventsFlowId |
String |
Inherited from authenticationEventListener. |
| handler |
onAuthenticationMethodLoadStartHandler |
Required. Configuration for what to invoke if the event resolves to this listener. This property lets us define potential handler configurations per-event. |
Graph reference: onInteractiveAuthFlowStartListener
| Property |
Type |
Description |
| id |
String |
Required. Inherited from entity. |
| conditions |
authenticationConditions |
Required. Inherited from authenticationEventListener. |
| authenticationEventsFlowId |
String |
Inherited from authenticationEventListener. |
| handler |
onInteractiveAuthFlowStartHandler |
Required. Configuration for what to invoke if the event resolves to this listener. This lets us define potential handler configurations per-event. |
Graph reference: onPhoneMethodLoadStartListener
| Property |
Type |
Description |
| authenticationEventsFlowId |
String |
Inherited from authenticationEventListener. |
| conditions |
authenticationConditions |
Required. Inherited from authenticationEventListener. |
| handler |
onPhoneMethodLoadStartHandler |
Required. Configuration for what to invoke if the event resolves to this listener. |
| id |
String |
Required. Inherited from authenticationEventListener. |
| priority |
Int32 |
Required. Inherited from authenticationEventListener. |
Graph reference: onTokenIssuanceStartListener
| Property |
Type |
Description |
| conditions |
authenticationConditions |
The conditions on which onTokenIssuanceStartListener should trigger. Inherited from authenticationEventListener. |
| handler |
onTokenIssuanceStartHandler |
The handler to invoke when conditions are met for this onTokenIssuanceStartListener. |
| id |
String |
Identifier for the onTokenIssuanceStartListener. Inherited from entity. |
Graph reference: onUserCreateStartListener
| Property |
Type |
Description |
| id |
String |
Required. Inherited from entity. |
| conditions |
authenticationConditions |
Required. Inherited from authenticationEventListener. |
| authenticationEventsFlowId |
String |
Inherited from authenticationEventListener. |
| handler |
onUserCreateStartHandler |
Required. Configuration for what to invoke if the event resolves to this listener. This lets us define potential handler configurations per-event. |