Table of Contents

SecurityIdentitiesAccount.Read.All

Allows the app to read all the identity security available identity accounts

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the SecurityIdentitiesAccount.Read.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category Application Delegated
Identifier c5bc96f5-b4a1-4cfc-8189-d5f0d772278f 3e9ed69a-a48e-473c-8b97-413016703a37
DisplayText Read all identity security available identity accounts Read identity security available identity accounts
Description Allows the app to read all the identity security available identity accounts without a signed-in user. Allows the app to read all the identity security available identity accounts
AdminConsentRequired Yes Yes

Graph Methods

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: identityAccounts

Property Type Description
accounts microsoft.graph.security.account collection Collection of accounts of the identity in different identity providers.
cloudSecurityIdentifier String The cloud security identifier of the identityAccount.
displayName String The Active Directory display name of the identityAccount.
domain String The Active Directory domain name of the identityAccount.
id String Unique identifier to represent the identity account. Inherited from microsoft.graph.entity. Inherits from entity
isEnabled Boolean Boolean indicating if the identityAccounts is enabled.
onPremisesSecurityIdentifier String The on-premises security identifier of the identityAccount.