Table of Contents

UserAuthMethod-Email.Read.All

Allows the app to read email methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the UserAuthMethod-Email.Read.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category Application Delegated
Identifier a1e58be0-1095-422b-b067-73434bd7d40f 76caaf3a-ebdb-40a3-9299-4196e636f290
DisplayText Read all users' email methods Read all users' email methods
Description Allows the app to read email methods of all users in your organization, without a signed-in user. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods. Allows the app to read email methods of all users in your organization that the signed-in user has access to. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.
AdminConsentRequired Yes Yes

Graph Methods

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: emailAuthenticationMethod

Property Type Description
emailAddress String The email address registered to this user.
id String The identifier of the email address registered to this user. The ID is always 3ddfcfc8-9383-446f-83cc-3ab9be4be18f.