TenantGovernance-PolicyTemplate.Read.All
Allows the application to list and read all Tenant Governance policy templates on behalf of the signed-in user.
Merill's Note
For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the
TenantGovernance-PolicyTemplate.Read.Allpermission.If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the
Export-MsIdAppConsentGrantReportcommand. See How To: Run a quick OAuth app audit of your tenant
| Category | Application | Delegated |
|---|---|---|
| Identifier | eb9465d8-e7c0-4301-8e51-927f34ee3134 | ad222a15-813d-46b8-8f8d-1976a69a74f3 |
| DisplayText | Read Tenant Governance policy templates | Read Tenant Governance policy templates |
| Description | Allows the application to list and read all Tenant Governance policy templates without a signed-in user. | Allows the application to list and read all Tenant Governance policy templates on behalf of the signed-in user. |
| AdminConsentRequired | Yes | Yes |
Graph Methods
→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)
| Methods |
|---|
Resources
Granting this permission allows the calling application to access (and/or update) the following information in your tenant.
Graph reference: governancePolicyTemplate
| Property | Type | Description |
|---|---|---|
| createdDateTime | DateTimeOffset | The date and time when the template was created. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. Supports $filter (lt, le, gt, ge, eq, ne) and $orderBy. |
| delegatedAdministrationRoleAssignments | microsoft.graph.tenantGovernanceServices.delegatedAdministrationRoleAssignment collection | A collection of delegated administration role assignments to be applied in the governed tenant when the governance relationship is established. |
| description | String | A description of the policy template. Supports $filter (eq, ne) and $orderBy. |
| displayName | String | The display name of the policy template. Supports $filter (eq, ne) and $orderBy. |
| governedTenantCanTerminate | Boolean | Not implemented. |
| id | String | The unique identifier for the policy template. Is default for the default template. Inherited from entity.Supports $filter (eq, ne) and $orderBy. |
| lastModifiedDateTime | DateTimeOffset | The date and time when the template was last modified. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. Supports $filter (lt, le, gt, ge, eq, ne) and $orderBy. |
| multiTenantApplicationsToProvision | microsoft.graph.tenantGovernanceServices.multiTenantApplicationsToProvision collection | A collection of multi-tenant applications to be provisioned in the governed tenant when the governance relationship is established. |
| version | String | The version of the policy template. Version count increased by 1 when updated. Supports $filter (lt, le, gt, ge, eq, ne) and $orderBy. |