UserAuthMethod-TAP.Read
Allows the app to read the signed-in user's Temporary Access Pass authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.
Merill's Note
For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the
UserAuthMethod-TAP.Readpermission.If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the
Export-MsIdAppConsentGrantReportcommand. See How To: Run a quick OAuth app audit of your tenant
| Category | Application | Delegated |
|---|---|---|
| Identifier | - | 84ded88f-26ba-49d6-b776-efec398de692 |
| DisplayText | - | Read the signed-in user's Temporary Access Pass authentication methods |
| Description | - | Allows the app to read the signed-in user's Temporary Access Pass authentication methods. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods. |
| AdminConsentRequired | Yes | Yes |
Graph Methods
→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)
| Methods | |
|---|---|
Resources
Granting this permission allows the calling application to access (and/or update) the following information in your tenant.
Graph reference: temporaryAccessPassAuthenticationMethod
| Property | Type | Description |
|---|---|---|
| createdDateTime | DateTimeOffset | The date and time when the Temporary Access Pass was created. |
| id | String | The identifier of the Temporary Access Pass registered to this user. Inherited from entity. |
| isUsable | Boolean | The state of the authentication method that indicates whether it's currently usable by the user. |
| isUsableOnce | Boolean | Determines whether the pass is limited to a one-time use. If true, the pass can be used once; if false, the pass can be used multiple times within the Temporary Access Pass lifetime. |
| lifetimeInMinutes | Int32 | The lifetime of the Temporary Access Pass in minutes starting at startDateTime. Must be between 10 and 43200 inclusive (equivalent to 30 days). |
| methodUsabilityReason | String | Details about the usability state (isUsable). Reasons can include: EnabledByPolicy, DisabledByPolicy, Expired, NotYetValid, OneTimeUsed. |
| startDateTime | DateTimeOffset | The date and time when the Temporary Access Pass becomes available to use and when isUsable is true is enforced. |
| temporaryAccessPass | String | The Temporary Access Pass used to authenticate. Returned only on creation of a new **t |