Table of Contents

UserAuthMethod-Password.ReadWrite

Allows the app to read and write the signed-in user's password authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the UserAuthMethod-Password.ReadWrite permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category Application Delegated
Identifier - 60cce20d-d41e-4594-b391-84bbf8cc31f3
DisplayText - Read and write the signed-in user's password authentication methods
Description - Allows the app to read and write the signed-in user's password authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.
AdminConsentRequired Yes No

Graph Methods

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: passwordAuthenticationMethod

Property Type Description
createdDateTime DateTimeOffset The date and time when this password was last updated. This property is currently not populated. Read-only. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
id String The identifier of this password registered to this user. This is generally 28c10230-6103-485e-b985-444c60001490. Read-only.
password String For security, the password is always returned as null from a LIST or GET operation.