Scope down the access permissions to particular groups and user attributes of an Azure App (using Graph API)

Phuc Nguyen

12/11/22, 8:31 AM

We are going to sync our users to a third party via their Azure app (using Graph API). The Azure app requests permissions for Group.Read.All, User.Read.All. Although they promise to query only selected groups and user attributes but we want to make sure the app has access to the particular groups and users attributes only. For example, allow the app to read all users from the group DC1 and DC2 with 4 attributes: First name, Last name, Email and Department.

Is there any ways to config that restriction on our Azure setting or the admin used to consent their app?

0 + 0

connector

graph

application

user-permissions

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Scope down the access permissions to particular groups and user attributes of an Azure App (using Graph API)

TH: กำหนดขอบเขตสิทธิ์การเข้าถึงสำหรับกลุ่มเฉพาะและแอตทริบิวต์ผู้ใช้ของ Azure App (โดยใช้ Graph API)

RO: Reduceți permisiunile de acces la anumite grupuri și atribute de utilizator ale unei aplicații Azure (folosind API-ul Graph)

RU: Ограничьте права доступа к определенным группам и пользовательским атрибутам приложения Azure (с помощью Graph API).

VI: Thu hẹp phạm vi quyền truy cập đối với các nhóm cụ thể và thuộc tính người dùng của Ứng dụng Azure (sử dụng API Đồ thị)

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.