ThreatAssessment.ReadWrite.All

Allows an app to read your organization's threat assessment requests on behalf of the signed-in user. Also allows the app to create new requests to assess threats received by your organization on behalf of the signed-in user.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the ThreatAssessment.ReadWrite.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category	Application	Delegated
Identifier	-	cac97e40-6730-457d-ad8d-4852fddab7ad
DisplayText	-	Read and write threat assessment requests
Description	-	Allows an app to read your organization's threat assessment requests on behalf of the signed-in user. Also allows the app to create new requests to assess threats received by your organization on behalf of the signed-in user.
AdminConsentRequired	Yes	Yes

Graph Methods

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	GET /informationProtection/threatAssessmentRequests
	GET /informationProtection/threatAssessmentRequests/{id}
	POST /informationProtection/threatAssessmentRequests

→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)

	Methods
	GET /informationProtection/threatAssessmentRequests
	GET /informationProtection/threatAssessmentRequests/{id}
	POST /informationProtection/threatAssessmentRequests

→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)

	Commands
	Get-MgInformationProtectionThreatAssessmentRequest
	New-MgInformationProtectionThreatAssessmentRequest

→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)

	Commands
	Get-MgBetaInformationProtectionThreatAssessmentRequest
	New-MgBetaInformationProtectionThreatAssessmentRequest

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

threatAssessmentRequest

Graph reference: threatAssessmentRequest

Property	Type	Description
category	threatCategory	The threat category. Possible values are: `spam`, `phishing`, `malware`.
contentType	threatAssessmentContentType	The content type of threat assessment. Possible values are: `mail`, `url`, `file`.
createdBy	identitySet	The threat assessment request creator.
createdDateTime	DateTimeOffset	The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.
expectedAssessment	threatExpectedAssessment	The expected assessment from submitter. Possible values are: `block`, `unblock`.
id	String	The threat assessment request ID is a globally unique identifier (GUID).
requestSource	threatAssessmentRequestSource	The source of the threat assessment request. Possible values are: `administrator`.
status	threatAssessmentStatus	The assessment process status. Possible values are: `pending`, `completed`.

Table of Contents

ThreatAssessment.ReadWrite.All

Graph Methods

Resources