Table of Contents

Policy.ReadWrite.AuthenticationFlows

Allows the app to read and write the authentication flow policies, on behalf of the signed-in user.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the Policy.ReadWrite.AuthenticationFlows permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category Application Delegated
Identifier 25f85f3c-f66c-4205-8cd5-de92dd7f0cec edb72de9-4252-4d03-a925-451deef99db7
DisplayText Read and write authentication flow policies Read and write authentication flow policies
Description Allows the app to read and write all authentication flow policies for the tenant, without a signed-in user. Allows the app to read and write the authentication flow policies, on behalf of the signed-in user.
AdminConsentRequired Yes Yes

Graph Methods

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: authenticationFlowsPolicy

Property Type Description
description String Inherited property. A description of the policy. Optional. Read-only.
displayName String Inherited property. The human-readable name of the policy. Optional. Read-only.
id String Inherited property. The identifier of the authentication flows policy. Optional. Read-only.
selfServiceSignUp selfServiceSignUpAuthenticationFlowConfiguration Contains selfServiceSignUpAuthenticationFlowConfiguration settings that convey whether self-service sign-up is enabled or disabled. Optional. Read-only.