PeopleSettings.ReadWrite.All

Allows the application to read and write tenant-wide people settings on behalf of the signed-in user.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the PeopleSettings.ReadWrite.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category	Application	Delegated
Identifier	b6890674-9dd5-4e42-bb15-5af07f541ae1	e67e6727-c080-415e-b521-e3f35d5248e9
DisplayText	Read and write all tenant-wide people settings	Read and write tenant-wide people settings
Description	Allows the application to read and write tenant-wide people settings without a signed-in user.	Allows the application to read and write tenant-wide people settings on behalf of the signed-in user.
AdminConsentRequired	Yes	Yes

Graph Methods

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	DELETE /admin/people/profileCardProperties/{id}
	GET /admin/people
	GET /admin/people/itemInsights
	GET /admin/people/profileCardProperties
	GET /admin/people/pronouns
	PATCH /admin/people/itemInsights
	PATCH /admin/people/profileCardProperties/{id}
	PATCH /admin/people/pronouns
	POST /admin/people/profileCardProperties

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	DELETE /admin/people/photoUpdateSettings/$ref
	DELETE /admin/people/profileCardProperties/{id}
	GET /admin/people
	GET /admin/people/itemInsights
	GET /admin/people/namePronunciation
	GET /admin/people/photoUpdateSettings
	GET /admin/people/profileCardProperties
	GET /admin/people/pronouns
	GET /copilot/settings/people/enhancedpersonalization
	PATCH /admin/people/namePronunciation
	PATCH /admin/people/photoUpdateSettings
	PATCH /admin/people/profileCardProperties/{id}
	PATCH /admin/people/pronouns
	PATCH /copilot/settings/people/enhancedpersonalization
	PATCH /organization/{organizationId}/settings/contactInsights
	POST /admin/people/photoUpdateSettings
	POST /admin/people/profileCardProperties

→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)

	Commands
	Get-MgAdminPeople
	Get-MgAdminPeopleItemInsight
	Get-MgAdminPeopleProfileCardProperty
	Get-MgAdminPeoplePronoun
	New-MgAdminPeopleProfileCardProperty
	Remove-MgAdminPeopleProfileCardProperty
	Update-MgAdminPeopleItemInsight
	Update-MgAdminPeopleProfileCardProperty
	Update-MgAdminPeoplePronoun

→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)

	Commands
	Get-MgBetaAdminPeople
	Get-MgBetaAdminPeopleItemInsight
	Get-MgBetaAdminPeopleNamePronunciation
	Get-MgBetaAdminPeopleProfileCardProperty
	Get-MgBetaAdminPeoplePronoun
	New-MgBetaAdminPeopleProfileCardProperty
	Remove-MgBetaAdminPeopleProfileCardProperty
	Update-MgBetaAdminPeopleNamePronunciation
	Update-MgBetaAdminPeopleProfileCardProperty
	Update-MgBetaAdminPeoplePronoun
	Update-MgBetaOrganizationSettingPersonInsight

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: enhancedPersonalizationSetting

Property	Type	Description
disabledForGroup	String	The ID of a Microsoft Entra group to which the value is used to disable the control for populated users. The default value is `null`. This parameter is optional.
isEnabledInOrganization	Boolean	If true, enables the enhanced personalization control and therefore related features as defined in control enhanced personalization privacy

Graph reference: insightsSettings

Property	Type	Description
disabledForGroup	String	The ID of a Microsoft Entra group, of which the specified type of insights are disabled for its members. The default value is `null`. Optional.
isEnabledInOrganization	Boolean	`true` if insights of the specified type are enabled for the organization; `false` if insights of the specified type are disabled for all users without exceptions. The default value is `true`. Optional.

Graph reference: namePronunciationSettings

Property	Type	Description
id	String	The unique identifier of the namePronunciationSettings object. Inherited from entity.
isEnabledInOrganization	Boolean	`true` to enable name pronunciation in the organization; otherwise, `false`. The default value is `false`.

Property	Type	Description
id	String	The unique identifier for a **p

Graph reference: photoUpdateSettings

Property	Type	Description
id	String	The unique identifier for a peopleAdminSettings object. Inherited from entity.
source	String	Specifies the types of photo updates permitted. The possible values are: `cloud`, `onPremises`, `unknownFutureValue`.
allowedRoles	String collection	Contains a list of roles to perform edit operations in the cloud. Optional.

Graph reference: profileCardAnnotation

Property	Type	Description
displayName	String	If present, the value of this field is used by the profile card as the default property label in the experience (for example, "Cost Center").
localizations	displayNameLocalization collection	Each resource in this collection represents the localized value of the attribute name for a given language, used as the default label for that locale. For example, a user with a `nb-NO` client gets "Kostnadssenter" as the attribute label, rather than "Cost Center."

Graph reference: profileCardProperty

Property	Type	Description
annotations	profileCardAnnotation collection	Allows an administrator to set a custom display label for the directory property and localize it for the users in their tenant.
directoryPropertyName	String	Identifies a **p

Graph reference: pronounsSettings

Property	Type	Description
isEnabledInOrganization	Boolean	`true` to enable pronouns in the organization; otherwise, `false`. The default value is `false`, and pronouns are disabled.

Table of Contents

PeopleSettings.ReadWrite.All

Graph Methods

Resources