Add user.readBasic.all permission as an app permission in Graph
Azure AD graph has delegated permissions for user.readBasic.all which restricts the information that a 3rd party accessing this api can capture from our tenancy directory. We have a 3rd party app that accesses the Azure directory to retrieve basic data to set up accounts in its user directory and we need to restrict this to the basic data due to the security risk. We cannot rely on the 3rd party just doing the right thing all the time.
I need a way to set the app to allow app permissions (not delegated as the read occurs every 4 hours without human involvement) for user.readBasic.all. I would like this permission to be available as an app permission in MS Graph
We are investigating the technical requirements here to see whether we can move this to the backlog. -EY