TeamMember.ReadWriteNonOwnerRole.All

Add and remove members from all teams, on behalf of the signed-in user. Does not allow adding or removing a member with the owner role. Additionally, does not allow the app to elevate an existing member to the owner role.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the TeamMember.ReadWriteNonOwnerRole.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category	Application	Delegated
Identifier	4437522e-9a86-4a41-a7da-e380edd4a97d	2104a4db-3a2f-4ea0-9dba-143d457dc666
DisplayText	Add and remove members with non-owner role for all teams	Add and remove members with non-owner role for all teams
Description	Add and remove members from all teams, without a signed-in user. Does not allow adding or removing a member with the owner role. Additionally, does not allow the app to elevate an existing member to the owner role.	Add and remove members from all teams, on behalf of the signed-in user. Does not allow adding or removing a member with the owner role. Additionally, does not allow the app to elevate an existing member to the owner role.
AdminConsentRequired	Yes	Yes

Graph Methods

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	DELETE /teams/{team-id}/members/{membership-id}
	PATCH /teams/{team-id}/members/{membership-id}
	POST /teams/{team-id}/members
	POST /teams/{team-id}/members/add

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	DELETE /teams/{team-id}/members/{membership-id}
	PATCH /teams/{id}/channels/{id}/members/{id}
	PATCH /teams/{id}/members/{id}
	PATCH /teams/{team-id}/members/{membership-id}
	POST /teams/{team-id}/members
	POST /teams/{team-id}/members/add

→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)

	Commands
	Add-MgTeamMember
	New-MgTeamMember
	Remove-MgTeamMember
	Update-MgTeamMember

→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)

	Commands
	Add-MgBetaTeamMember
	New-MgBetaTeamMember
	Remove-MgBetaTeamMember
	Update-MgBetaTeamMember

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: actionResultPart

Property	Type	Description
error	publicError	The error that occurred, if any, during the bulk operation.

Graph reference: channel

Property	Type	Description
createdDateTime	dateTimeOffset	Read only. Timestamp at which the channel was created.
description	String	Optional textual description for the channel.
displayName	String	Channel name as it will appear to the user in Microsoft Teams. The maximum length is 50 characters.
email	String	The email address for sending messages to the channel. Read-only.
id	String	The channel's unique identifier. Read-only.
isArchived	Boolean	Indicates whether the channel is archived. Read-only.
isFavoriteByDefault	Boolean	Indicates whether the channel should be marked as recommended for all members of the team to show in their channel list. Note: All recommended channels automatically show in the channels list for education and frontline worker users. The property can only be set programmatically via the Create team method. The default value is `false`.
membershipType	channelMembershipType	The type of the channel. Can be set during creation and can't be changed. The possible values are: `standard`, `private`, `unknownFutureValue`, `shared`. The default value is `standard`. Use the `Prefer: include-unknown-enum-members` request header to get the following value in this evolvable enum: `shared`.
tenantId	string	The ID of the Microsoft Entra tenant.
webUrl	String	A hyperlink that will go to the channel in Microsoft Teams. This is the URL that you get when you right-click a channel in Microsoft Teams and select Get link to channel. This URL should be treated as an opaque blob, and not parsed. Read-only.
summary	channelSummary	Contains summary information about the channel, including number of owners, members, guests, and an indicator for members from other tenants. The **s

Graph reference: conversationMember

Property	Type	Description
displayName	string	The display name of the user.
id	String	Read-only. Unique ID of the user.
roles	string collection	The roles for that user. This property contains more qualifiers only when relevant - for example, if the member has `owner` privileges, the roles property contains `owner` as one of the values. Similarly, if the member is an in-tenant guest, the roles property contains `guest` as one of the values. A basic member shouldn't have any values specified in the roles property. An Out-of-tenant external member is assigned the `owner` role.
visibleHistoryStartDateTime	DateTimeOffset	The timestamp denoting how far back a conversation's history is shared with the conversation member. This property is settable only for members of a chat.

Graph reference: team

Property	Type	Description
id	string	The unique identifier of the team. The group has the same ID as the team. This property is read-only, and is inherited from the base entity type.
classification	string	An optional label. Typically describes the data or business sensitivity of the team. Must match one of a preconfigured set in the tenant's directory.
classSettings	teamClassSettings	Configure settings of a class. Available only when the team represents a class.
createdDateTime	dateTimeOffset	Timestamp at which the team was created.
description	string	An optional description for the team. Maximum length: 1,024 characters.
displayName	string	The name of the team.
firstChannelName	String	The name of the first channel in the team. This is an optional property, only used during team creation and isn't returned in methods to get and list teams.
funSettings	teamFunSettings	Settings to configure use of Giphy, memes, and stickers in the team.
guestSettings	teamGuestSettings	Settings to configure whether guests can create, update, or delete channels in the team.
internalId	string	A unique ID for the team that was used in a few places such as the audit log/Office 365 Management Activity API.
isArchived	Boolean	Whether this team is in read-only mode.
memberSettings	teamMemberSettings	Settings to configure whether members can perform certain actions, for example, create channels and add bots, in the team.
messagingSettings	teamMessagingSettings	Settings to configure messaging and mentions in the team.
specialization	teamSpecialization	Optional. Indicates whether the team is intended for a particular use case. Each team specialization has access to unique behaviors and experiences targeted to its use case.
summary	teamSummary	Contains summary information about the team, including number of owners, members, and guests.
tenantId	string	The ID of the Microsoft Entra tenant.
visibility	teamVisibilityType	The visibility of the group and team. Defaults to Public.
webUrl	string (readonly)	A hyperlink that goes to the team in the Microsoft Teams client. You get this URL when you right-click a team in the Microsoft Teams client and select **G

Table of Contents

TeamMember.ReadWriteNonOwnerRole.All

Graph Methods

Resources