ThreatAssessment.ReadWrite.All

Allows an app to read your organization's threat assessment requests on behalf of the signed-in user. Also allows the app to create new requests to assess threats received by your organization on behalf of the signed-in user.

Graph Methods

Type: A = Application Permission, D = Delegate Permission

Ver	Type	Method
V1	D	GET /informationProtection/threatAssessmentRequests
V1	D	GET /informationProtection/threatAssessmentRequests/{id}
V1	D	POST /informationProtection/threatAssessmentRequests

Delegate Permission


Id	cac97e40-6730-457d-ad8d-4852fddab7ad
Consent Type	Admin
Display String	Read and write threat assessment requests
Description	Allows an app to read your organization's threat assessment requests on behalf of the signed-in user. Also allows the app to create new requests to assess threats received by your organization on behalf of the signed-in user.

Resources

emailFileAssessmentRequest

Property	Type	Description
contentData	String	Base64 encoded .eml email file content. The file content cannot fetch back because it isn't stored.
destinationRoutingReason	mailDestinationRoutingReason	The reason for mail routed to its destination. Possible values are: `none`, `mailFlowRule`, `safeSender`, `blockedSender`, `advancedSpamFiltering`, `domainAllowList`, `domainBlockList`, `notInAddressBook`, `firstTimeSender`, `autoPurgeToInbox`, `autoPurgeToJunk`, `autoPurgeToDeleted`, `outbound`, `notJunk`, `junk`.
category	threatCategory	The threat category. Possible values are: `spam`, `phishing`, `malware`.
contentType	threatAssessmentContentType	The content type of threat assessment. Possible values are: `mail`, `url`, `file`.
createdBy	identitySet	The threat assessment request creator.
createdDateTime	DateTimeOffset	The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.
expectedAssessment	threatExpectedAssessment	The expected assessment from submitter. Possible values are: `block`, `unblock`.
id	String	The threat assessment request ID is a globally unique identifier (GUID).
recipientEmail	String	The mail recipient whose policies are used to assess the mail.
requestSource	threatAssessmentRequestSource	The source of threat assessment request. Possible values are: `administrator`.
status	threatAssessmentStatus	The assessment process status. Possible values are: `pending`, `completed`.

threatAssessmentRequest

Property	Type	Description
category	threatCategory	The threat category. Possible values are: `spam`, `phishing`, `malware`.
contentType	threatAssessmentContentType	The content type of threat assessment. Possible values are: `mail`, `url`, `file`.
createdBy	identitySet	The threat assessment request creator.
createdDateTime	DateTimeOffset	The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.
expectedAssessment	threatExpectedAssessment	The expected assessment from submitter. Possible values are: `block`, `unblock`.
id	String	The threat assessment request ID is a globally unique identifier (GUID).
requestSource	threatAssessmentRequestSource	The source of the threat assessment request. Possible values are: `administrator`.
status	threatAssessmentStatus	The assessment process status. Possible values are: `pending`, `completed`.