Add user.readBasic.all permission as an app permission in Graph
Azure AD graph has delegated permissions for user.readBasic.all which restricts the information that a 3rd party accessing this api can capture from our tenancy directory. We have a 3rd party app that accesses the Azure directory to retrieve basic data to set up accounts in its user directory and we need to restrict this to the basic data due to the security risk. We cannot rely on the 3rd party just doing the right thing all the time.
I need a way to set the app to allow app permissions (not delegated as the read occurs every 4 hours without human involvement) for user.readBasic.all. I would like this permission to be available as an app permission in MS Graph
Apologies, this is still under review. I changed the wrong status before. My apologies.
Sutherland, Joe commented
I need this, too, and would be interested if anyone has workaround/mitigation suggestions in the meantime! Thanks!
Is there any update with this issue?
I wish to have mail.readBasic as an application permission