TenantGovernance-Setting.ReadWrite.All
Allows the application to read Tenant Governance settings and update them on behalf of the signed-in user.
Merill's Note
For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the
TenantGovernance-Setting.ReadWrite.Allpermission.If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the
Export-MsIdAppConsentGrantReportcommand. See How To: Run a quick OAuth app audit of your tenant
| Category | Application | Delegated |
|---|---|---|
| Identifier | - | 135f3533-12fc-4608-97ac-5c5cea64baf0 |
| DisplayText | - | Read and write Tenant Governance settings |
| Description | - | Allows the application to read Tenant Governance settings and update them on behalf of the signed-in user. |
| AdminConsentRequired | Yes | Yes |
Graph Methods
→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)
| Methods |
|---|
Resources
Granting this permission allows the calling application to access (and/or update) the following information in your tenant.
Graph reference: tenantGovernanceSetting
| Property | Type | Description |
|---|---|---|
| canReceiveInvitations | Boolean | Indicates whether the tenant can receive governance invitations. When set to false, the tenant cannot receive new governance invitations. When set to true, other tenants can send your tenant invitations by providing your tenant id or domain name. Default value is false. |
| isRelatedTenantsEnabled | Boolean | Indicates whether the related tenants feature is enabled for tenant discovery. When set to false, related tenant APIs don't work. This property can be enabled by calling the enableRelatedTenants action. Default value is false. |