Table of Contents

MultiTenantOrganization.Read.All

Allows the app to read multi-tenant organization details and tenants on behalf of the signed-in user.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the MultiTenantOrganization.Read.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category Application Delegated
Identifier 4f994bc0-31bb-44bb-b480-7a7c1be8c02e 526aa72a-5878-49fe-bf4e-357973af9b06
DisplayText Read all multi-tenant organization details and tenants Read multi-tenant organization details and tenants
Description Allows the app to read all multi-tenant organization details and tenants, without a signed-in user. Allows the app to read multi-tenant organization details and tenants on behalf of the signed-in user.
AdminConsentRequired Yes Yes

Graph Methods

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: multiTenantOrganization

Property Type Description
createdDateTime DateTimeOffset Date when multitenant organization was created. Read-only.
description String Description of the multitenant organization.
displayName String Display name of the multitenant organization.
id String Tenant-specific object ID for the multitenant organization object. It is automatically generated when a multitenant organization object is created and stored in the local tenant. This ID is tenant-specific and doesn't match the object IDs of the same multitenant organization in other tenants. Read-only. Inherited from entity.
state multiTenantOrganizationState State of the multitenant organization. The possible values are: active, inactive, unknownFutureValue. active indicates the multitenant organization is created. inactive indicates the multitenant organization isn't created. Read-only.