Microsoft Graph API Permissions
Comprehensive list of Microsoft Graph API permissions required by Praxis Navigator for security monitoring, compliance tracking, and behavioral analytics.
Required Permissions
All permissions are of type "Application" and are marked as required for proper functionality.
Agreement.Read.All
Used For
Monitor user agreement acceptances and policy acknowledgments to ensure compliance with organizational security policies.
API Endpoints (1)
/agreementAcceptances Agreement acceptances and policy acknowledgments
AuditLog.Read.All
Used For
Track sign-in activities, authentication events, and directory changes to identify potential security risks and unusual access patterns.
API Endpoints (2)
/auditLogs/signIns Sign-in activities and authentication logs
/auditLogs/directoryAudits Directory changes and audit events
AuthenticationContext.Read.All
Used For
Monitor authentication context and conditional access policies to ensure proper security controls are in place.
API Endpoints (1)
/identity/conditionalAccess/authenticationContextClassReferences Authentication context and conditional access
EventListener.Read.All
Used For
Track authentication event listeners and triggers to monitor security-related authentication events.
API Endpoints (1)
/identity/authenticationEventListeners Authentication event listeners and triggers
IdentityUserFlow.Read.All
Used For
Monitor identity user flows and authentication journeys to understand user authentication patterns.
API Endpoints (1)
/identity/userFlows Identity user flows and authentication journeys
DeviceManagementApps.Read.All
Used For
Access device management audit events to track mobile device and application security compliance.
API Endpoints (1)
/deviceManagement/auditEvents Device management audit events
Directory.Read.All
Used For
Read directory objects, user profiles, groups, and organizational structure to build comprehensive security culture reports.
API Endpoints (3)
/directoryObjects Directory objects and organizational structure
/users User profiles and directory information
/groups Group information and memberships
DirectoryRecommendations.Read.All
Used For
Access Azure AD security recommendations to provide actionable security improvement suggestions.
API Endpoints (1)
/directory/recommendations Azure AD security recommendations
IdentityRiskEvent.Read.All
Used For
Monitor identity risk detections, risky sign-ins, and suspicious activities to identify potential security threats.
API Endpoints (2)
/identityProtection/riskDetections Identity risk detections and events
/identityProtection/riskySignIns Risky sign-in activities
IdentityRiskyUser.Read.All
Used For
Track users with risky behavior patterns to provide targeted security awareness training.
API Endpoints (1)
/identityProtection/riskyUsers Users with risky behavior patterns
RiskPreventionProviders.Read.All
Used For
Monitor risk prevention providers and configurations to ensure comprehensive security coverage.
API Endpoints (1)
/identityProtection/riskPreventionProviders Risk prevention providers and configurations
InformationProtectionConfig.Read.All
Used For
Access information protection policies to monitor data classification and protection compliance.
API Endpoints (1)
/informationProtection/policy Information protection policies and configurations
InformationProtectionPolicy.Read.All
Used For
Monitor information protection labels and policies to track data security compliance.
API Endpoints (1)
/informationProtection/policy/labels Information protection labels and policies
ThreatAssessment.Read.All
Used For
Access threat assessment requests and results to monitor security threat analysis activities.
API Endpoints (1)
/informationProtection/threatAssessmentRequests Threat assessment requests and results
LearningAssignedCourse.Read.All
Used For
Track security training course assignments and completions to measure security awareness program effectiveness.
API Endpoints (1)
/employeeExperience/learningCourseActivities Learning course assignments and completions
NetworkAccess-Reports.Read.All
Used For
Monitor network access reports and VPN usage to track remote access security patterns.
API Endpoints (1)
/networkAccess/reports Network access reports and VPN usage
Organization.Read.All
Used For
Access organization information and tenant details to provide context for security culture assessments.
API Endpoints (1)
/organization Organization information and tenant details
OrgContact.Read.All
Used For
Monitor organizational contacts and external interactions for security risk assessment.
API Endpoints (1)
/contacts Organizational contacts and external interactions
OrgSettings-Microsoft365Install.Read.All
Used For
Access Microsoft 365 service health and installation settings for comprehensive security monitoring.
API Endpoints (1)
/admin/serviceAnnouncement/healthOverviews Microsoft 365 service health and installation settings
ReportSettings.Read.All
Used For
Monitor admin report settings to ensure proper security reporting configurations.
API Endpoints (1)
/admin/reportSettings Admin report settings and configurations
Policy.Read.All
Used For
Access organizational policies to ensure security culture alignment with corporate governance.
API Endpoints (1)
/policies Organizational policies and configurations
ResourceSpecificPermissionGrant.Read.All
Used For
Monitor OAuth2 permission grants and delegations to track application access and potential security risks.
API Endpoints (1)
/oauth2PermissionGrants OAuth2 permission grants and delegations
Insights-UserMetric.Read.All
Used For
Access user activity metrics including print jobs and Teams collaboration to understand user behavior patterns.
API Endpoints (2)
/reports/getUserArchivedPrintJobs User archived print jobs and activity metrics
/reports/getTeamsUserActivityUserDetail Teams user activity details and collaboration metrics
Reports.Read.All
Used For
Monitor authentication method registration details to track multi-factor authentication adoption.
API Endpoints (1)
/reports/authenticationMethods/userRegistrationDetails Authentication method registration details
SecurityActions.Read.All
Used For
Track security actions and responses to monitor incident response effectiveness.
API Endpoints (1)
/security/securityActions Security actions and responses
SecurityAlert.Read.All
Used For
Monitor security alerts from Microsoft security services to provide comprehensive threat visibility.
API Endpoints (1)
/security/alerts Security alerts from Microsoft security services
SecurityAnalyzedMessage.Read.All
Used For
Access analyzed email metadata and detection details to monitor phishing and email security threats.
API Endpoints (1)
/security/analyzedEmails Analyzed email metadata and detection details
SecurityEvents.Read.All
Used For
Monitor security events and threat detection data for comprehensive security monitoring.
API Endpoints (1)
/security/events Security events and threat detection data
SecurityIdentitiesAccount.Read.All
Used For
Access security identity account information for user risk assessment.
API Endpoints (1)
/security/identities Security identity account information
SecurityIdentitiesHealth.Read.All
Used For
Monitor identity security health issues and recommendations for proactive security improvements.
API Endpoints (1)
/security/identities/healthIssues Identity security health issues and recommendations
SecurityIdentitiesUserActions.Read.All
Used For
Track identity security user actions and risk events for behavioral analysis.
API Endpoints (1)
/security/identities/userRiskEvents Identity security user actions and risk events
SecurityIncident.Read.All
Used For
Monitor security incidents and investigation details to track organizational security posture.
API Endpoints (1)
/security/incidents Security incidents and investigation details
ThreatHunting.Read.All
Used For
Access threat hunting queries and advanced analytics for proactive threat detection.
API Endpoints (1)
/security/runHuntingQuery Threat hunting queries and advanced analytics
ThreatIndicators.Read.All
Used For
Monitor threat indicators and intelligence data to stay informed about current security threats.
API Endpoints (1)
/security/tiIndicators Threat indicators and intelligence data
ThreatIntelligence.Read.All
Used For
Access threat intelligence information and indicators of compromise for enhanced security monitoring.
API Endpoints (1)
/security/threatIntelligence Threat intelligence information and IOCs
ThreatSubmission.Read.All
Used For
Monitor user-reported threat submissions to track user security awareness and engagement.
API Endpoints (1)
/security/threatSubmission/emailThreats User-reported threat submissions
VerifiedId-Profile.Read.All
Used For
Access verified ID profiles and credential information for identity verification monitoring.
API Endpoints (1)
/verifiableCredentials/authorities Verified ID profiles and credential information
Permissions Manifest Information
Manifest Details
- Version:
- 1.0.0
- Last Updated:
- December 2, 2025
- Description:
- Praxis Navigator Required Permissions Manifest
Integration Category
- Name:
- Microsoft Graph API
- Type:
- external_api
- Description:
- Permissions required for Microsoft Graph API access