PeopleSettings.Read.All

Allows the application to read tenant-wide people settings on behalf of the signed-in user.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the PeopleSettings.Read.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category	Application	Delegated
Identifier	ef02f2e7-e22d-4c77-8614-8f765683b86e	ec762c5f-388b-4b16-8693-ac1efbc611bc
DisplayText	Read all tenant-wide people settings	Read tenant-wide people settings
Description	Allows the application to read tenant-wide people settings without a signed-in user.	Allows the application to read tenant-wide people settings on behalf of the signed-in user.
AdminConsentRequired	Yes	Yes

Graph Methods

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	GET /admin/people
	GET /admin/people/itemInsights
	GET /admin/people/profileCardProperties
	GET /admin/people/profileCardProperties/{id}
	GET /admin/people/pronouns

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	GET /admin/people
	GET /admin/people/itemInsights
	GET /admin/people/namePronunciation
	GET /admin/people/photoUpdateSettings
	GET /admin/people/profileCardProperties
	GET /admin/people/profileCardProperties/{id}
	GET /admin/people/profilePropertySettings
	GET /admin/people/profilePropertySettings/{profilePropertySettingId}
	GET /admin/people/profileSources
	GET /admin/people/profileSources(sourceId='{sourceId}')
	GET /admin/people/pronouns
	GET /copilot/settings/people/enhancedpersonalization

→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)

	Commands
	Get-MgAdminPeople
	Get-MgAdminPeopleItemInsight
	Get-MgAdminPeopleProfileCardProperty
	Get-MgAdminPeoplePronoun

→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)

	Commands
	Get-MgBetaAdminPeople
	Get-MgBetaAdminPeopleItemInsight
	Get-MgBetaAdminPeopleNamePronunciation
	Get-MgBetaAdminPeopleProfileCardProperty
	Get-MgBetaAdminPeoplePronoun

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: enhancedPersonalizationSetting

Property	Type	Description
disabledForGroup	String	The ID of a Microsoft Entra group to which the value is used to disable the control for populated users. The default value is `null`. This parameter is optional.
isEnabledInOrganization	Boolean	If true, enables the enhanced personalization control and therefore related features as defined in control enhanced personalization privacy

Graph reference: insightsSettings

Property	Type	Description
disabledForGroup	String	The ID of a Microsoft Entra group, of which the specified type of insights are disabled for its members. The default value is `null`. Optional.
isEnabledInOrganization	Boolean	`true` if insights of the specified type are enabled for the organization; `false` if insights of the specified type are disabled for all users without exceptions. The default value is `true`. Optional.

Graph reference: namePronunciationSettings

Property	Type	Description
id	String	The unique identifier of the namePronunciationSettings object. Inherited from entity.
isEnabledInOrganization	Boolean	`true` to enable name pronunciation in the organization; otherwise, `false`. The default value is `false`.

Property	Type	Description
id	String	The unique identifier for a **p

Graph reference: photoUpdateSettings

Property	Type	Description
id	String	The unique identifier for a peopleAdminSettings object. Inherited from entity.
source	String	Specifies the types of photo updates permitted. The possible values are: `cloud`, `onPremises`, `unknownFutureValue`.
allowedRoles	String collection	Contains a list of roles to perform edit operations in the cloud. Optional.

Graph reference: profileCardProperty

Property	Type	Description
annotations	profileCardAnnotation collection	Allows an administrator to set a custom display label for the directory property and localize it for the users in their tenant.
directoryPropertyName	String	Identifies a **p

Graph reference: profilePropertySetting

Property	Type	Description
allowedAudiences	organizationAllowedAudiences	A privacy setting that reflects the allowed audience for the configured property. The possible values are: `me`, `organization`, `federatedOrganizations`, `everyone`, `unknownFutureValue`.
id	String	System generated GUID. Inherited from entity.
isUserOverrideForAudienceEnabled	Boolean	Defines whether a user is allowed to override the tenant admin privacy setting.
name	String	Name of the property-level setting.
prioritizedSourceUrls	String collection	A collection of prioritized profile source URLs ordered by data precedence within an organization.

Graph reference: profileSource

Property	Type	Description
displayName	String	Name of the profile source intended to inform users about the profile source name.
id	String	System-generated GUID. Inherited from entity.
kind	String	Type of the profile source.
localizations	profileSourceLocalization collection	Alternative localized labels specified by an administrator.
sourceId	String	Profile source identifier used as an alternate key.
webUrl	String	Web URL of the profile source that directs users to the page view of profile data.

Graph reference: pronounsSettings

Property	Type	Description
isEnabledInOrganization	Boolean	`true` to enable pronouns in the organization; otherwise, `false`. The default value is `false`, and pronouns are disabled.

Table of Contents

PeopleSettings.Read.All

Graph Methods

Resources