Table of Contents

PeopleSettings.ReadWrite.All

Allows the application to read and write tenant-wide people settings on behalf of the signed-in user.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the PeopleSettings.ReadWrite.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category Application Delegated
Identifier b6890674-9dd5-4e42-bb15-5af07f541ae1 e67e6727-c080-415e-b521-e3f35d5248e9
DisplayText Read and write all tenant-wide people settings Read and write tenant-wide people settings
Description Allows the application to read and write tenant-wide people settings without a signed-in user. Allows the application to read and write tenant-wide people settings on behalf of the signed-in user.
AdminConsentRequired Yes Yes

Graph Methods

API supports delegated access (access on behalf of a user)
API supports app-only access (access without a user)

Methods

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: enhancedPersonalizationSetting

Property Type Description
disabledForGroup String The ID of a Microsoft Entra group to which the value is used to disable the control for populated users. The default value is null. This parameter is optional.
isEnabledInOrganization Boolean If true, enables the enhanced personalization control and therefore related features as defined in control enhanced personalization privacy