IdentityUserFlow.Read.All

Allows the app to read your organization's user flows, on behalf of the signed-in user.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the IdentityUserFlow.Read.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category	Application	Delegated
Identifier	1b0c317f-dd31-4305-9932-259a8b6e8099	2903d63d-4611-4d43-99ce-a33f3f52e343
DisplayText	Read all identity user flows	Read all identity user flows
Description	Allows the app to read your organization's user flows, without a signed-in user.	Allows the app to read your organization's user flows, on behalf of the signed-in user.
AdminConsentRequired	Yes	Yes

Graph Methods

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	GET /identity/b2xUserFlows
	GET /identity/b2xUserFlows/{b2xIdentityUserFlowId}/userAttributeAssignments/getOrder
	GET /identity/b2xUserFlows/{id}
	GET /identity/b2xUserFlows/{id}/languages
	GET /identity/b2xUserFlows/{id}/languages/{id}/defaultPages
	GET /identity/b2xUserFlows/{id}/languages/{id}/defaultPages/{id}/$value
	GET /identity/b2xUserFlows/{id}/languages/{id}/overridesPages
	GET /identity/b2xUserFlows/{id}/languages/{id}/overridesPages/{id}/$value
	GET /identity/b2xUserFlows/{id}/userAttributeAssignments
	GET /identity/b2xUserFlows/{id}/userAttributeAssignments/{id}
	GET /identity/userFlowAttributes
	GET /identity/userFlowAttributes/{id}
	GET identity/b2xUserFlows/{id}/languages/{id}

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	GET /identity/b2cUserFlows
	GET /identity/b2cUserFlows/{b2cIdentityUserFlowId}/userAttributeAssignments/getOrder
	GET /identity/b2cUserFlows/{id}
	GET /identity/b2cUserFlows/{id}/languages
	GET /identity/b2cUserFlows/{id}/languages/{id}/defaultPages
	GET /identity/b2cUserFlows/{id}/languages/{id}/defaultPages/{id}/$value
	GET /identity/b2cUserFlows/{id}/languages/{id}/overridesPages
	GET /identity/b2cUserFlows/{id}/languages/{id}/overridesPages/{id}/$value
	GET /identity/b2cUserFlows/{id}/userAttributeAssignments
	GET /identity/b2cUserFlows/{id}/userAttributeAssignments/{id}
	GET /identity/b2xUserFlows
	GET /identity/b2xUserFlows/{b2xIdentityUserFlowId}/userAttributeAssignments/getOrder
	GET /identity/b2xUserFlows/{id}
	GET /identity/b2xUserFlows/{id}/languages
	GET /identity/b2xUserFlows/{id}/languages/{id}/defaultPages
	GET /identity/b2xUserFlows/{id}/languages/{id}/defaultPages/{id}/$value
	GET /identity/b2xUserFlows/{id}/languages/{id}/overridesPages
	GET /identity/b2xUserFlows/{id}/languages/{id}/overridesPages/{id}/$value
	GET /identity/b2xUserFlows/{id}/userAttributeAssignments
	GET /identity/b2xUserFlows/{id}/userAttributeAssignments/{id}
	GET /identity/userFlowAttributes
	GET /identity/userFlowAttributes/{id}
	GET /identity/userFlows
	GET /identity/userFlows/{id}
	GET identity/b2cUserFlows/{id}/languages/{id}
	GET identity/b2xUserFlows/{id}/languages/{id}

→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)

	Commands
	Get-MgIdentityB2XUserFlow
	Get-MgIdentityB2XUserFlowLanguage
	Get-MgIdentityB2XUserFlowLanguageDefaultPage
	Get-MgIdentityB2XUserFlowLanguageDefaultPageContent
	Get-MgIdentityB2XUserFlowLanguageOverridePage
	Get-MgIdentityB2XUserFlowLanguageOverridePageContent
	Get-MgIdentityB2XUserFlowUserAttributeAssignment
	Get-MgIdentityB2XUserFlowUserAttributeAssignmentOrder
	Get-MgIdentityUserFlowAttribute

→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)

	Commands
	Get-MgBetaIdentityB2CUserFlow
	Get-MgBetaIdentityB2CUserFlowLanguage
	Get-MgBetaIdentityB2CUserFlowLanguageDefaultPage
	Get-MgBetaIdentityB2CUserFlowLanguageDefaultPageContent
	Get-MgBetaIdentityB2CUserFlowLanguageOverridePage
	Get-MgBetaIdentityB2CUserFlowLanguageOverridePageContent
	Get-MgBetaIdentityB2CUserFlowUserAttributeAssignment
	Get-MgBetaIdentityB2CUserFlowUserAttributeAssignmentOrder
	Get-MgBetaIdentityB2XUserFlow
	Get-MgBetaIdentityB2XUserFlowLanguage
	Get-MgBetaIdentityB2XUserFlowUserAttributeAssignment
	Get-MgBetaIdentityB2XUserFlowUserAttributeAssignmentOrder
	Get-MgBetaIdentityUserFlow
	Get-MgBetaIdentityUserFlowAttribute

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: assignmentOrder

Property	Type	Description
order	String collection	A list of identityUserFlowAttribute object identifiers that determine the order in which attributes should be collected within a user flow.

Graph reference: b2cIdentityUserFlow

Property	Type	Description
id	String	The name of the user flow. This is a required value and is immutable after it's created. The name will be prefixed with the value of `B2C_1_` after creation.
userFlowType	userFlowType	The type of user flow. The supported values for userFlowType are: `signUp`, `signIn`, `signUpOrSignIn`, `passwordReset`, `profileUpdate`, `resourceOwner`.
userFlowTypeVersion	Single	The version of the user flow.
isLanguageCustomizationEnabled	Boolean	The property that determines whether language customization is enabled within the B2C user flow. Language customization is not enabled by default for B2C user flows.
defaultLanguageTag	String	Indicates the default language of the b2cIdentityUserFlow that is used when no `ui_locale` tag is specified in the request. This field is RFC 5646 compliant.
apiConnectorConfiguration	userFlowApiConnectorConfiguration	Configuration for enabling an API connector for use as part of the user flow. You can only obtain the value of this object using Get userFlowApiConnectorConfiguration.

Graph reference: b2xIdentityUserFlow

Property	Type	Description
apiConnectorConfiguration	userFlowApiConnectorConfiguration	Configuration for enabling an API connector for use as part of the self-service sign-up user flow. You can only obtain the value of this object using Get userFlowApiConnectorConfiguration.
id	String	The name of the user flow is a required value and is immutable after it's created. The name will be prefixed with the value of `B2X_1_` after creation.
userFlowType	userFlowType	The type of user flow. For self-service sign-up user flows, the value can only be `signUpOrSignIn` and can't be modified after creation.
userFlowTypeVersion	Single	The version of the user flow. For self-service sign-up user flows, the version is always `1`.

Graph reference: identityUserFlow

Property	Type	Description
id	String	The identifier of the user flow. The prefix of B2C_1_ is added to the value that you provide.
userFlowType	userFlowType	Possible values are: `signUp`, `signIn`, `signUpOrSignIn`, `passwordReset`, `profileUpdate`, `resourceOwner`, `unknownFutureValue`.
userFlowTypeVersion	Single	This is the version of the user flow type. Each user flow type can have different possible versions such as 1, 1.1 or 2.

Graph reference: identityUserFlowAttribute

Property	Type	Description
dataType	identityUserFlowAttributeDataType	The data type of the user flow attribute. Can't be modified after the custom user flow attribute is created. The supported values for dataType are: `string` , `boolean` , `int64` , `stringCollection` , `dateTime`, `unknownFutureValue`. Supports `$filter` (`eq`, `ne`).
displayName	String	The display name of the user flow attribute. Supports `$filter` (`eq`, `ne`).
description	String	The description of the user flow attribute that's shown to the user at the time of sign up.
id	String	The identifier of the user flow attribute. Read-only. Supports `$filter` (`eq`, `ne`).
userFlowAttributeType	identityUserFlowAttributeType	The type of the user flow attribute. Read-only. Depending on the type of attribute, the values for this property are `builtIn`, `custom`, `required`, `unknownFutureValue`. Supports `$filter` (`eq`, `ne`).

Graph reference: identityUserFlowAttributeAssignment

Property	Type	Description
displayName	String	The display name of the identityUserFlowAttribute within a user flow.
id	String	The identifier of the identityUserFlowAttributeAssignment. This identifier is immutable after it's created and is a read-only property.
isOptional	Boolean	Determines whether the identityUserFlowAttribute is optional. `true` means the user doesn't have to provide a value. `false` means the user can't complete sign-up without providing a value.
requiresVerification	Boolean	Determines whether the identityUserFlowAttribute requires verification, and is only used for verifying the user's phone number or email address.
userAttributeValues	userAttributeValuesItem collection	The input options for the user flow attribute. Only applicable when the userInputType is `radioSingleSelect`, `dropdownSingleSelect`, or `checkboxMultiSelect`.
userInputType	identityUserFlowAttributeInputType	The input type of the user flow attribute. Possible values are: `textBox`, `dateTimeDropdown`, `radioSingleSelect`, `dropdownSingleSelect`, `emailBox`, `checkboxMultiSelect`.

Graph reference: userFlowLanguageConfiguration

Property	Type	Description
displayName	String	The language name to display. This property is read-only.
id	String	The identifier of the language. This field is Language ID tag RFC 5646 compliant and must be a documented Language ID.
isEnabled	Boolean	Indicates whether the language is enabled within the user flow.

Table of Contents

IdentityUserFlow.Read.All

Graph Methods

Resources