TeamsAppInstallation.Read.Group

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the TeamsAppInstallation.Read.Group permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category	Application	Delegated
Identifier	-	-
DisplayText	-	-
Description	-	-
AdminConsentRequired	-	-

Graph Methods

• API [v1.0]
• API [beta]
• PowerShell [v1.0]
• PowerShell [beta]

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	GET /teams/{id}/installedApps/{id}
	GET /teams/{team-id}/installedApps
	GET /teams/{team-id}/permissionGrants

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

• resourceSpecificPermissionGrant
• team
• teamsAppInstallation
• teamworkBot

Graph reference: resourceSpecificPermissionGrant

Property	Type	Description
clientId	string	ID of the Microsoft Entra app that has been granted access. Read-only.
clientAppId	string	ID of the service principal of the Microsoft Entra app that has been granted access. Read-only.
deletedDateTime	dateTimeOffset	Not used.
id	string	The unique identifier of the resource-specific permission grant. Read-only.
resourceAppId	string	ID of the Microsoft Entra app that is hosting the resource. Read-only.
permissionType	string	The type of permission. Possible values are: Application, Delegated. Read-only.
permission	string	The name of the resource-specific permission. Read-only.