Policy.ReadWrite.BBManagementPolicy
Merill's Note
For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the
Policy.ReadWrite.BBManagementPolicypermission.If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the
Export-MsIdAppConsentGrantReportcommand. See How To: Run a quick OAuth app audit of your tenant
| Category | Application | Delegated |
|---|---|---|
| Identifier | - | - |
| DisplayText | - | - |
| Description | - | - |
| AdminConsentRequired | Yes | No |
Graph Methods
→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)
| Methods |
|---|
Resources
Granting this permission allows the calling application to access (and/or update) the following information in your tenant.
Graph reference: b2bManagementPolicy
| Property | Type | Description |
|---|---|---|
| deletedDateTime | DateTimeOffset | Date and Time when the policy object was deleted. Inherited from directoryObject. |
| definition | String collection | A string collection containing a JSON string that defines the rules and settings for a policy. Inherited from stsPolicy. Required. |
| description | String | Description for this policy. Inherited from policyBase. Required. |
| displayName | String | Display name for this policy. Inherited from policyBase. Required. |
| id | String | The unique identifier for the policy. Inherited from entity. |
| isOrganizationDefault | Boolean | If set to true, activates this policy. There can be many policies for the same policy type, but only one can be activated as the organization default. Inherited from stsPolicy. Optional. |