Microsoft Graph Permission Scope IDs

Registering Microsoft Graph applications using the Azure Portal and assigning API Permissions is trivial. When you are automating that process though rather than choosing API permissions using the Azure Portal Application Registration UI, you need to know the Microsoft Graph Permission Scope IDs.

Microsoft Graph Permission Scope IDs

Obtaining Scope Details

Using a PowerShell Azure Cloud Shell CLI I retrieved a list of the Service Principals, selected the Microsoft Graph Service Principal and enumerated the oAuth Scopes.

Note: The appID for Microsoft Graph is ‘00000003-0000-0000-c000-000000000000‘. In this post I list a bunch of the well-known App IDs.

Below is the PowerShell script I put together to enumerate and sort the Application and Delegated Microsoft Graph Permission Scope IDs using an Azure PowerShell Cloud Shell.

List of Application Scope IDs

Here is the output from the above script for the Microsoft Graph oAuth application based permissions. Delegated permissions are listed after the application permissions further below.

 id                      : ebfcd32b-babb-40f4-a14b-42706e83bd28
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read access reviews, reviewers, decisions and settings that the signed-in user has access to in the organization.
 adminConsentDisplayName : Read all access reviews that user can access
 value                   : AccessReview.Read.All

 id                      : e4aa47b9-9a69-4109-82ed-36ec70d85ff1
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read, update, delete and perform actions on access reviews, reviewers, decisions and settings that the signed-in user has access to in the organization.
 adminConsentDisplayName : Manage all access reviews that user can access
 value                   : AccessReview.ReadWrite.All

 id                      : 5af8c3f5-baca-439a-97b0-ea58a435e269
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read, update, delete and perform actions on access reviews, reviewers, decisions and settings for group and app memberships that the signed-in user has access to 
                           in the organization.
 adminConsentDisplayName : Manage access reviews for group and app memberships
 value                   : AccessReview.ReadWrite.Membership

 id                      : 3361d15d-be43-4de6-b441-3c746d05163d
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read administrative units and administrative unit membership on behalf of the signed-in user.
 adminConsentDisplayName : Read administrative units
 value                   : AdministrativeUnit.Read.All

 id                      : 7b8a2d34-6b3f-4542-a343-54651608ad81
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to create, read, update, and delete administrative units and manage administrative unit membership on behalf of the signed-in user.
 adminConsentDisplayName : Read and write administrative units
 value                   : AdministrativeUnit.ReadWrite.All

 id                      : af2819c9-df71-4dd3-ade7-4d7c9dc653b7
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read terms of use agreements on behalf of the signed-in user.
 adminConsentDisplayName : Read all terms of use agreements
 value                   : Agreement.Read.All

 id                      : ef4b5d93-3104-4664-9053-a5c49ab44218
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write terms of use agreements on behalf of the signed-in user.
 adminConsentDisplayName : Read and write all terms of use agreements
 value                   : Agreement.ReadWrite.All

 id                      : 0b7643bb-5336-476f-80b5-18fbfbc91806
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read terms of use acceptance statuses on behalf of the signed-in user.
 adminConsentDisplayName : Read user terms of use acceptance statuses
 value                   : AgreementAcceptance.Read

 id                      : a66a5341-e66e-4897-9d52-c2df58c2bfb9
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read terms of use acceptance statuses on behalf of the signed-in user.
 adminConsentDisplayName : Read terms of use acceptance statuses that user can access
 value                   : AgreementAcceptance.Read.All

 id                      : 1b6ff35f-31df-4332-8571-d31ea5a4893f
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the API connectors used in user authentication flows, on behalf of the signed-in user.
 adminConsentDisplayName : Read API connectors for authentication flows
 value                   : APIConnectors.Read.All

 id                      : c67b52c5-7c69-48b6-9d48-7b3af3ded914
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read, create and manage the API connectors used in user authentication flows, on behalf of the signed-in user.
 adminConsentDisplayName : Read and write API connectors for authentication flows
 value                   : APIConnectors.ReadWrite.All

 id                      : 1ca167d5-1655-44a1-8adf-1414072e1ef9
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to create, read, update, and delete apps in the app catalogs.
 adminConsentDisplayName : Read and write to all app catalogs
 value                   : AppCatalog.ReadWrite.All

 id                      : c79f8feb-a9db-4090-85f9-90d820caa0eb
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read applications and service principals on behalf of the signed-in user.
 adminConsentDisplayName : Read applications
 value                   : Application.Read.All

 id                      : bdfbf15f-ee85-4955-8675-146e8e5296b5
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to create, read, update and delete applications and service principals on behalf of the signed-in user. Does not allow management of consent grants.
 adminConsentDisplayName : Read and write all applications
 value                   : Application.ReadWrite.All

 id                      : 84bccea3-f856-4a8a-967b-dbe0a3d53a64
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to manage permission grants for application permissions to any API (including Microsoft Graph) and application assignments for any app, on behalf of the signed-in user.
 adminConsentDisplayName : Manage app permission grants and app role assignments
 value                   : AppRoleAssignment.ReadWrite.All

 id                      : 1196552e-b226-4363-b01e-b8901fe10a11
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read approvals on behalf of the signed-in user.
 adminConsentDisplayName : Read approvals
 value                   : Approval.Read.All

 id                      : 1d3d0bc7-4b3a-427a-ae9f-6de4e1edc95f
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write approvals on behalf of the signed-in user.
 adminConsentDisplayName : Read and write approvals
 value                   : Approval.ReadWrite.All

 id                      : e4c9e354-4dc5-45b8-9e7c-e1393b0b1a20
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and query your audit log activities, on behalf of the signed-in user.
 adminConsentDisplayName : Read audit log data
 value                   : AuditLog.Read.All

 id                      : b27a61ec-b99c-4d6a-b126-c4375d08ae30
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read BitLocker keys on behalf of the signed-in user, for their owned devices. Allows read of the recovery key.
 adminConsentDisplayName : Read BitLocker keys
 value                   : BitlockerKey.Read.All

 id                      : 5a107bfc-4f00-4e1a-b67e-66451267bc68
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read basic BitLocker key properties on behalf of the signed-in user, for their owned devices. Does not allow read of the recovery key itself.
 adminConsentDisplayName : Read BitLocker keys basic information
 value                   : BitlockerKey.ReadBasic.All

 id                      : 101147cf-4178-4455-9d58-02b5c164e759
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Create channels in any team, on behalf of the signed-in user.
 adminConsentDisplayName : Create channels
 value                   : Channel.Create

 id                      : cc83893a-e232-4723-b5af-bd0b01bcfe65
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Delete channels in any team, on behalf of the signed-in user.
 adminConsentDisplayName : Delete channels
 value                   : Channel.Delete.All

 id                      : 2eadaff8-0bce-4198-a6b9-2cfc35a30075
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Read the members of channels, on behalf of the signed-in user.
 adminConsentDisplayName : Read the members of channels
 value                   : ChannelMember.Read.All

 id                      : 0c3e411a-ce45-4cd1-8f30-f99a3efa7b11
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Add and remove members from channels, on behalf of the signed-in user. Also allows changing a member's role, for example from owner to non-owner.
 adminConsentDisplayName : Add and remove members from channels
 value                   : ChannelMember.ReadWrite.All

 id                      : 767156cb-16ae-4d10-8f8b-41b657c8c8c8
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows an app to read a channel's messages in Microsoft Teams, on behalf of the signed-in user.
 adminConsentDisplayName : Read user channel messages
 value                   : ChannelMessage.Read.All

 id                      : 233e0cf1-dd62-48bc-b65b-b38fe87fcf8e
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Read all channel names, channel descriptions, and channel settings, on behalf of the signed-in user.
 adminConsentDisplayName : Read the names, descriptions, and settings of channels
 value                   : ChannelSettings.Read.All

 id                      : d649fb7c-72b4-4eec-b2b4-b15acf79e378
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Read and write the names, descriptions, and settings of all channels, on behalf of the signed-in user.
 adminConsentDisplayName : Read and write the names, descriptions, and settings of channels
 value                   : ChannelSettings.ReadWrite.All

 id                      : c5a9e2b1-faf6-41d4-8875-d381aa549b24
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Read the members of chats, on behalf of the signed-in user.
 adminConsentDisplayName : Read the members of chats
 value                   : ChatMember.Read

 id                      : dea13482-7ea6-488f-8b98-eb5bbecf033d
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Add and remove members from chats, on behalf of the signed-in user.
 adminConsentDisplayName : Add and remove members from chats
 value                   : ChatMember.ReadWrite

 id                      : 9d77138f-f0e2-47ba-ab33-cd246c8b79d1
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write the properties of Cloud PCs on behalf of the signed-in user.
 adminConsentDisplayName : Read and write Cloud PCs
 value                   : CloudPC.ReadWrite.All

 id                      : f3bfad56-966e-4590-a536-82ecf548ac1e
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read consent requests and approvals on behalf of the signed-in user.
 adminConsentDisplayName : Read consent requests
 value                   : ConsentRequest.Read.All

 id                      : 497d9dfa-3bd1-481a-baab-90895e54568c
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read app consent requests and approvals, and deny or approve those requests on behalf of the signed-in user.
 adminConsentDisplayName : Read and write consent requests
 value                   : ConsentRequest.ReadWrite.All

 id                      : ca46335e-8453-47cd-a001-8459884efeae
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write custom security attribute assignments for all principals in the tenant on behalf of a signed in user.
 adminConsentDisplayName : Read and write custom security attribute assignments
 value                   : CustomSecAttributeAssignment.ReadWrite.All

 id                      : 8b0160d4-5743-482b-bb27-efc0a485ca4a
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write custom security attribute definitions for the tenant on behalf of a signed in user.
 adminConsentDisplayName : Read and write custom security attribute definitions
 value                   : CustomSecAttributeDefinition.ReadWrite.All

 id                      : 41ce6ca6-6826-4807-84f1-1c82854f7ee5
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to manage permission grants for delegated permissions exposed by any API (including Microsoft Graph), on behalf of the signed in user.
 adminConsentDisplayName : Manage all delegated permission grants
 value                   : DelegatedPermissionGrant.ReadWrite.All

 id                      : 951183d1-1a61-466f-a6d1-1fde911bfd95
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read your organization's devices' configuration information on behalf of the signed-in user.
 adminConsentDisplayName : Read all devices
 value                   : Device.Read.All

 id                      : 4edf5f54-4666-44af-9de9-0144fb4b6e8c
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the properties, group assignments and status of apps, app configurations and app protection policies managed by Microsoft Intune.
 adminConsentDisplayName : Read Microsoft Intune apps
 value                   : DeviceManagementApps.Read.All

 id                      : 7b3f05d5-f68c-4b8d-8c59-a2ecd12f24af
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write the properties, group assignments and status of apps, app configurations and app protection policies managed by Microsoft Intune.
 adminConsentDisplayName : Read and write Microsoft Intune apps
 value                   : DeviceManagementApps.ReadWrite.All

 id                      : f1493658-876a-4c87-8fa7-edb559b3476a
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read properties of Microsoft Intune-managed device configuration and device compliance policies and their assignment to groups.
 adminConsentDisplayName : Read Microsoft Intune Device Configuration and Policies
 value                   : DeviceManagementConfiguration.Read.All

 id                      : 0883f392-0a7a-443d-8c76-16a6d39c7b63
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write properties of Microsoft Intune-managed device configuration and device compliance policies and their assignment to groups.
 adminConsentDisplayName : Read and write Microsoft Intune Device Configuration and Policies
 value                   : DeviceManagementConfiguration.ReadWrite.All

 id                      : 3404d2bf-2b13-457e-a330-c24615765193
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to perform remote high impact actions such as wiping the device or resetting the passcode on devices managed by Microsoft Intune.
 adminConsentDisplayName : Perform user-impacting remote actions on Microsoft Intune devices
 value                   : DeviceManagementManagedDevices.PrivilegedOperations.All

 id                      : 314874da-47d6-4978-88dc-cf0d37f0bb82
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the properties of devices managed by Microsoft Intune.
 adminConsentDisplayName : Read Microsoft Intune devices
 value                   : DeviceManagementManagedDevices.Read.All

 id                      : 44642bfe-8385-4adc-8fc6-fe3cb2c375c3
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write the properties of devices managed by Microsoft Intune. Does not allow high impact operations such as remote wipe and password reset on the device?s owner.
 adminConsentDisplayName : Read and write Microsoft Intune devices
 value                   : DeviceManagementManagedDevices.ReadWrite.All

 id                      : 49f0cc30-024c-4dfd-ab3e-82e137ee5431
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the properties relating to the Microsoft Intune Role-Based Access Control (RBAC) settings.
 adminConsentDisplayName : Read Microsoft Intune RBAC settings
 value                   : DeviceManagementRBAC.Read.All

 id                      : 0c5e8a55-87a6-4556-93ab-adc52c4d862d
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write the properties relating to the Microsoft Intune Role-Based Access Control (RBAC) settings.
 adminConsentDisplayName : Read and write Microsoft Intune RBAC settings
 value                   : DeviceManagementRBAC.ReadWrite.All

 id                      : 8696daa5-bce5-4b2e-83f9-51b6defc4e1e
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read Microsoft Intune service properties including device enrollment and third party service connection configuration.
 adminConsentDisplayName : Read Microsoft Intune configuration
 value                   : DeviceManagementServiceConfig.Read.All

 id                      : 662ed50a-ac44-4eef-ad86-62eed9be2a29
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write Microsoft Intune service properties including device enrollment and third party service connection configuration.
 adminConsentDisplayName : Read and write Microsoft Intune configuration
 value                   : DeviceManagementServiceConfig.ReadWrite.All

 id                      : 0e263e50-5827-48a4-b97c-d940288653c7
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to have the same access to information in the directory as the signed-in user.
 adminConsentDisplayName : Access directory as the signed in user
 value                   : Directory.AccessAsUser.All

 id                      : 06da0dbc-49e2-44d2-8312-53f166ab848a
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read data in your organization's directory, such as users, groups and apps.
 adminConsentDisplayName : Read directory data
 value                   : Directory.Read.All

 id                      : c5366453-9fb0-48a5-a156-24f0c49a4b84
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write data in your organization's directory, such as users, and groups.  It does not allow the app to delete users or groups, or reset user passwords.
 adminConsentDisplayName : Read and write directory data
 value                   : Directory.ReadWrite.All

 id                      : 2f9ee017-59c1-4f1d-9472-bd5529a7b311
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read all domain properties on behalf of the signed-in user.
 adminConsentDisplayName : Read domains.
 value                   : Domain.Read.All

 id                      : 0b5d694c-a244-4bde-86e6-eb5cd07730fe
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write all domain properties on behalf of the signed-in user. Also allows the app to add, verify and remove domains.
 adminConsentDisplayName : Read and write domains
 value                   : Domain.ReadWrite.All

 id                      : 99201db3-7652-4d5a-809a-bdb94f85fe3c
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read eDiscovery objects such as cases, custodians, review sets and other 
                           related objects on behalf of the signed-in user.
 adminConsentDisplayName : Read all eDiscovery objects
 value                   : eDiscovery.Read.All

 id                      : acb8f680-0834-4146-b69e-4ab1b39745ad
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write eDiscovery objects such as cases, custodians, review sets 
                           and other related objects on behalf of the signed-in user.
 adminConsentDisplayName : Read and write all eDiscovery objects
 value                   : eDiscovery.ReadWrite.All

 id                      : 8523895c-6081-45bf-8a5d-f062a2f12c9f
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Read the state and settings of all Microsoft education apps on behalf of the user.
 adminConsentDisplayName : Read education app settings
 value                   : EduAdministration.Read

 id                      : 63589852-04e3-46b4-bae9-15d5b1050748
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Manage the state and settings of all Microsoft education apps on behalf of the user.
 adminConsentDisplayName : Manage education app settings
 value                   : EduAdministration.ReadWrite

 id                      : 091460c9-9c4a-49b2-81ef-1f3d852acce2
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read assignments and their grades on behalf of the user.
 adminConsentDisplayName : Read users' class assignments and their grades
 value                   : EduAssignments.Read

 id                      : c0b0103b-c053-4b2e-9973-9f3a544ec9b8
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read assignments without grades on behalf of the user.
 adminConsentDisplayName : Read users' class assignments without grades
 value                   : EduAssignments.ReadBasic

 id                      : 2f233e90-164b-4501-8bce-31af2559a2d3
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write assignments and their grades on behalf of the user.
 adminConsentDisplayName : Read and write users' class assignments and their grades
 value                   : EduAssignments.ReadWrite

 id                      : 2ef770a1-622a-47c4-93ee-28d6adbed3a0
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write assignments without grades on behalf of the user.
 adminConsentDisplayName : Read and write users' class assignments without grades
 value                   : EduAssignments.ReadWriteBasic

 id                      : a4389601-22d9-4096-ac18-36a927199112
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the structure of schools and classes in an organization's roster and education-specific information about users to be read on behalf of the user.
 adminConsentDisplayName : Read users' view of the roster
 value                   : EduRoster.Read

 id                      : 5d186531-d1bf-4f07-8cea-7c42119e1bd9
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read a limited subset of the properties from the structure of schools and classes in an organization's roster and a limited subset of properties about users to be read on behalf of the user.Includes name, status, education role, email address and photo.
 adminConsentDisplayName : Read a limited subset of users' view of the roster
 value                   : EduRoster.ReadBasic

 id                      : 359e19a6-e3fa-4d7f-bcab-d28ec592b51e
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write the structure of schools and classes in an organization's roster and education-specific information about users to be read and written on behalf of 
                           the user.
 adminConsentDisplayName : Read and write users' view of the roster
 value                   : EduRoster.ReadWrite

 id                      : 5449aa12-1393-4ea2-a7c7-d0e06c1a56b2
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read access packages and related entitlement management resources on behalf of the signed-in user.
 adminConsentDisplayName : Read all entitlement management resources
 value                   : EntitlementManagement.Read.All

 id                      : ae7a573d-81d7-432b-ad44-4ed5c9d89038
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to request access to and management of access packages and related entitlement management resources on behalf of the signed-in user.
 adminConsentDisplayName : Read and write entitlement management resources
 value                   : EntitlementManagement.ReadWrite.All

 id                      : 922f9392-b1b7-483c-a4be-0089be7704fb
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allow the app to read external datasets and content, on behalf of the signed-in user.
 adminConsentDisplayName : Read items in external datasets
 value                   : ExternalItem.Read.All

 id                      : 5f8c59db-677d-491f-a6b8-5f174b11ec1d
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to list groups, and to read their properties and all group memberships on behalf of the signed-in user.  Also allows the app to read calendar, conversations, files, and other group content for all groups the signed-in user can access. 
 adminConsentDisplayName : Read all groups
 value                   : Group.Read.All

 id                      : 4e46008b-f24c-477d-8fff-7bb4ec7aafe0
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to create groups and read all group properties and memberships on behalf of the signed-in user.  Additionally allows group owners to manage their groups and allows group members to update group content.
 adminConsentDisplayName : Read and write all groups
 value                   : Group.ReadWrite.All

 id                      : bc024368-1153-4739-b217-4326f2e966d0
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to list groups, read basic group properties and read membership of all groups the signed-in user has access to.
 adminConsentDisplayName : Read group memberships
 value                   : GroupMember.Read.All

 id                      : f81125ac-d3b7-4573-a3b2-7099cc39df9e
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to list groups, read basic properties, read and update the membership of the groups the signed-in user has access to. Group properties and owners cannot be updated and groups cannot be deleted.
 adminConsentDisplayName : Read and write group memberships
 value                   : GroupMember.ReadWrite.All

 id                      : 43781733-b5a7-4d1b-98f4-e8edff23e1a9
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read your organization?s identity (authentication) providers? properties on behalf of the user.
 adminConsentDisplayName : Read identity providers
 value                   : IdentityProvider.Read.All

 id                      : f13ce604-1677-429f-90bd-8a10b9f01325
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write your organization?s identity (authentication) providers? properties on behalf of the user.
 adminConsentDisplayName : Read and write identity providers
 value                   : IdentityProvider.ReadWrite.All

 id                      : 8f6a01e7-0391-4ee5-aa22-a3af122cef27
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read identity risk event information for all users in your organization on behalf of the signed-in user. 
 adminConsentDisplayName : Read identity risk event information
 value                   : IdentityRiskEvent.Read.All

 id                      : 9e4862a5-b68f-479e-848a-4e07e25c9916
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and update identity risk event information for all users in your organization on behalf of the signed-in user.Update operations include confirming risk event detections.
 adminConsentDisplayName : Read and write risk event information
 value                   : IdentityRiskEvent.ReadWrite.All

 id                      : ea5c4ab0-5a73-4f35-8272-5d5337884e5d
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read all risky service principal information for your organization, on behalf of the signed-in user.
 adminConsentDisplayName : Read all identity risky service principal information
 value                   : IdentityRiskyServicePrincipal.Read.All

 id                      : bb6f654c-d7fd-4ae3-85c3-fc380934f515
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and update identity risky service principal information for all service principals in your organization, on behalf of the signed-in user. Update operations include dismissing risky service principals.
 adminConsentDisplayName : Read and write all risky service principal information
 value                   : IdentityRiskyServicePrincipal.ReadWrite.All

 id                      : d04bb851-cb7c-4146-97c7-ca3e71baf56c
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read identity risky user information for all users in your organization on behalf of the signed-in user.
 adminConsentDisplayName : Read identity risky user information
 value                   : IdentityRiskyUser.Read.All

 id                      : e0a7cdbb-08b0-4697-8264-0069786e9674
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and update identity risky user information for all users in your organization on behalf of the signed-in user.Update operations include dismissing risky users.
 adminConsentDisplayName : Read and write risky user information
 value                   : IdentityRiskyUser.ReadWrite.All

 id                      : 2903d63d-4611-4d43-99ce-a33f3f52e343
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read your organization's user flows, on behalf of the signed-in user.
 adminConsentDisplayName : Read all identity user flows
 value                   : IdentityUserFlow.Read.All

 id                      : 281892cc-4dbf-4e3a-b6cc-b21029bb4e82
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read or write your organization's user flows, on behalf of the signed-in user.
 adminConsentDisplayName : Read and write all identity user flows
 value                   : IdentityUserFlow.ReadWrite.All

 id                      : f6a3db3e-f7e8-4ed2-a414-557c8c9830be
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the memberships of hidden groups and administrative units on behalf of the signed-in user, for those hidden groups and administrative units that the signed-in user has access to.
 adminConsentDisplayName : Read hidden memberships
 value                   : Member.Read.Hidden

 id                      : 8c4d5184-71c2-4bf8-bb9d-bc3378c9ad42
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to manage hybrid identity service configuration by creating, viewing, updating and deleting on-premises published resources, on-premises agents and agent groups, on behalf of the signed-in user.
 adminConsentDisplayName : Manage on-premises published resources
 value                   : OnPremisesPublishingProfiles.ReadWrite.All

 id                      : 4908d5b9-3fb2-4b1e-9336-1888b7937185
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the organization and related resources, on behalf of the signed-in user.Related resources include things like subscribed skus and tenant branding information.
 adminConsentDisplayName : Read organization information
 value                   : Organization.Read.All

 id                      : 46ca0847-7e6b-426e-9775-ea810a948356
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write the organization and related resources, on behalf of the signed-in user.Related resources include things like subscribed skus and tenant branding information.
 adminConsentDisplayName : Read and write organization information
 value                   : Organization.ReadWrite.All

 id                      : 08432d1b-5911-483c-86df-7980af5cdee0
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read all organizational contacts on behalf of the signed-in user. These contacts are managed by the organization and are different from a user's personal contacts.
 adminConsentDisplayName : Read organizational contacts
 value                   : OrgContact.Read.All

 id                      : b89f9189-71a5-4e70-b041-9887f0bc7e4a
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read a scored list of relevant people of the signed-in user or other users in the signed-in user's organization. The list can include local contacts, contacts from social networking, your organization's directory, and people from recent communications 
                           (such as email and Skype).
 adminConsentDisplayName : Read all users' relevant people lists
 value                   : People.Read.All

 id                      : cb8f45a0-5c2e-4ea1-b803-84b870a7d7ec
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read your company's places (conference rooms and room lists) for calendar events and other applications, on behalf of the signed-in user.
 adminConsentDisplayName : Read all company places
 value                   : Place.Read.All

 id                      : 4c06a06a-098a-4063-868e-5dfee3827264
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to manage organization places (conference rooms and room lists) for calendar events and other applications, on behalf of the signed-in user.
 adminConsentDisplayName : Read and write organization places
 value                   : Place.ReadWrite.All

 id                      : 572fea84-0151-49b2-9301-11cb16974376
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read your organization's policies on behalf of the signed-in user.
 adminConsentDisplayName : Read your organization's policies
 value                   : Policy.Read.All

 id                      : 414de6ea-2d92-462f-b120-6e2a809a6d01
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read policies related to consent and permission grants for applications, on behalf of the signed-in user.
 adminConsentDisplayName : Read consent and permission grant policies
 value                   : Policy.Read.PermissionGrant

 id                      : b27add92-efb2-4f16-84f5-8108ba77985c
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write your organization's application configuration policies on behalf of the signed-in user.  This includes policies such as activityBasedTimeoutPolicy, claimsMappingPolicy, homeRealmDiscoveryPolicy,  tokenIssuancePolicy and tokenLifetimePolicy.
 adminConsentDisplayName : Read and write your organization's application configuration policies
 value                   : Policy.ReadWrite.ApplicationConfiguration

 id                      : edb72de9-4252-4d03-a925-451deef99db7
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write the authentication flow policies, on behalf of the signed-in user. 
 adminConsentDisplayName : Read and write authentication flow policies
 value                   : Policy.ReadWrite.AuthenticationFlows

 id                      : 7e823077-d88e-468f-a337-e18f1f0e6c7c
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write the authentication method policies, on behalf of the signed-in user.
 adminConsentDisplayName : Read and write authentication method policies
 value                   : Policy.ReadWrite.AuthenticationMethod

 id                      : edd3c878-b384-41fd-95ad-e7407dd775be
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write your organization's authorization policy on behalf of the signed-in user.  For example, authorization policies can control some of the permissions that the out-of-the-box user role has by default.
 adminConsentDisplayName : Read and write your organization's authorization policy
 value                   : Policy.ReadWrite.Authorization

 id                      : ad902697-1014-4ef5-81ef-2b4301988e8c
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write your organization's conditional access policies on behalf of the signed-in user.
 adminConsentDisplayName : Read and write your organization's conditional access policies
 value                   : Policy.ReadWrite.ConditionalAccess

 id                      : 4d135e65-66b8-41a8-9f8b-081452c91774
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write your organization's consent requests policy on behalf of the signed-in user.
 adminConsentDisplayName : Read and write consent request policy
 value                   : Policy.ReadWrite.ConsentRequest

 id                      : 40b534c3-9552-4550-901b-23879c90bcf9
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write your organization's device configuration policies on behalf of the signed-in user.  For example, device registration policy can limit initial provisioning controls using quota restrictions, additional authentication and authorization checks.
 adminConsentDisplayName : Read and write your organization's device configuration policies
 value                   : Policy.ReadWrite.DeviceConfiguration

 id                      : 92a38652-f13b-4875-bc77-6e1dbb63e1b2
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write your organization's feature rollout policies on behalf of the signed-in user. Includes abilities to assign and remove users and groups to rollout of a specific feature.
 adminConsentDisplayName : Read and write your organization's feature rollout policies
 value                   : Policy.ReadWrite.FeatureRollout

 id                      : a8ead177-1889-4546-9387-f25e658e2a79
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write your organization's mobility management policies on behalf of the signed-in user.  For example, a mobility management policy can set the enrollment scope for a given mobility management application.
 adminConsentDisplayName : Read and write your organization's mobility management policies
 value                   : Policy.ReadWrite.MobilityManagement

 id                      : 2672f8bb-fd5e-42e0-85e1-ec764dd2614e
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to manage policies related to consent and permission grants for applications, on behalf of the signed-in user.
 adminConsentDisplayName : Manage consent and permission grant policies
 value                   : Policy.ReadWrite.PermissionGrant

 id                      : cefba324-1a70-4a6e-9c1d-fd670b7ae392
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write your organization's trust framework policies on behalf of the signed-in user.
 adminConsentDisplayName : Read and write your organization's trust framework policies
 value                   : Policy.ReadWrite.TrustFramework

 id                      : d69c2d6d-4f72-4f99-a6b9-663e32f8cf68
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to read print connectors on behalf of the signed-in user.
 adminConsentDisplayName : Read print connectors
 value                   : PrintConnector.Read.All

 id                      : 79ef9967-7d59-4213-9c64-4b10687637d8
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to read and write print connectors on behalf of the signed-in user. 
 adminConsentDisplayName : Read and write print connectors
 value                   : PrintConnector.ReadWrite.All

 id                      : 90c30bed-6fd1-4279-bf39-714069619721
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to create (register) printers on behalf of the signed-in user.?
 adminConsentDisplayName : Register printers??
 value                   : Printer.Create

 id                      : 93dae4bd-43a1-4a23-9a1a-92957e1d9121
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to create (register), read, update, and delete (unregister) printers on behalf of the signed-in user.
 adminConsentDisplayName : Register, read, update, and unregister printers
 value                   : Printer.FullControl.All

 id                      : 3a736c8a-018e-460a-b60c-863b2683e8bf
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to read printers on behalf of the signed-in user.?
 adminConsentDisplayName : Read printers
 value                   : Printer.Read.All

 id                      : 89f66824-725f-4b8f-928e-e1c5258dc565
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to read and update printers on behalf of the signed-in user. Does not allow creating (registering) or deleting (unregistering) printers.
 adminConsentDisplayName : Read and update printers
 value                   : Printer.ReadWrite.All

 id                      : 06ceea37-85e2-40d7-bec3-91337a46038f
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to read and update printer shares on behalf of the signed-in user.?
 adminConsentDisplayName : Read and write printer shares
 value                   : PrinterShare.ReadWrite.All

 id                      : afdd6933-a0d8-40f7-bd1a-b5d778e8624b
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to read the metadata and document content of print jobs on behalf of the signed-in user.
 adminConsentDisplayName : Read print jobs
 value                   : PrintJob.Read.All

 id                      : 04ce8d60-72ce-4867-85cf-6d82f36922f3
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to read the metadata of print jobs on behalf of the signed-in user. Does not allow access to print job document content.
 adminConsentDisplayName : Read basic information of print jobs
 value                   : PrintJob.ReadBasic.All

 id                      : 036b9544-e8c5-46ef-900a-0646cc42b271
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to read and update the metadata and document content of print jobs on behalf of the signed-in user.
 adminConsentDisplayName : Read and write print jobs
 value                   : PrintJob.ReadWrite.All

 id                      : 3a0db2f6-0d2a-4c19-971b-49109b19ad3d
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to read and update the metadata of print jobs on behalf of the signed-in user.Does not allow access to print job document content.
 adminConsentDisplayName : Read and write basic information of print jobs
 value                   : PrintJob.ReadWriteBasic.All

 id                      : 490f32fd-d90f-4dd7-a601-ff6cdc1a3f6c
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to read tenant-wide print settings on behalf of the signed-in user.
 adminConsentDisplayName : Read tenant-wide print settings
 value                   : PrintSettings.Read.All

 id                      : 9ccc526a-c51c-4e5c-a1fd-74726ef50b8f
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to read and write tenant-wide print settings on behalf of the signed-in user.
 adminConsentDisplayName : Read and write tenant-wide print settings
 value                   : PrintSettings.ReadWrite.All

 id                      : b3a539c9-59cb-4ad5-825a-041ddbdc2bdb
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD built-in and custom administrative roles, on behalf of the signed-in user.
 adminConsentDisplayName : Read privileged access to Azure AD
 value                   : PrivilegedAccess.Read.AzureAD

 id                      : d329c81c-20ad-4772-abf9-3f6fdb7e5988
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups, on behalf of the signed-in user.
 adminConsentDisplayName : Read privileged access to Azure AD groups
 value                   : PrivilegedAccess.Read.AzureADGroup

 id                      : 1d89d70c-dcac-4248-b214-903c457af83a
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read time-based assignment and just-in-time elevation of Azure resources (like your subscriptions, resource groups, storage, compute) on behalf of the signed-in user.
 adminConsentDisplayName : Read privileged access to Azure resources
 value                   : PrivilegedAccess.Read.AzureResources

 id                      : 3c3c74f5-cdaa-4a97-b7e0-4e788bfcfb37
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to request and manage just in time elevation (including scheduled elevation) of users to Azure AD built-in administrative roles, on behalf of signed-in users.
 adminConsentDisplayName : Read and write privileged access to Azure AD
 value                   : PrivilegedAccess.ReadWrite.AzureAD

 id                      : 32531c59-1f32-461f-b8df-6f8a3b89f73b
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to request and manage time-based assignment and just-in-time elevation (including scheduled elevation) of Azure AD groups, on behalf of the signed-in user.
 adminConsentDisplayName : Read and write privileged access to Azure AD groups
 value                   : PrivilegedAccess.ReadWrite.AzureADGroup

 id                      : a84a9652-ffd3-496e-a991-22ba5529156a
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to request and manage time-based assignment and just-in-time elevation of user privileges to manage Azure resources (like subscriptions, resource groups, storage, compute) on behalf of the signed-in users.
 adminConsentDisplayName : Read and write privileged access to Azure resources
 value                   : PrivilegedAccess.ReadWrite.AzureResources

 id                      : c492a2e1-2f8f-4caa-b076-99bbf6e40fe4
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read programs and program controls that the signed-in user has access to in the organization.
 adminConsentDisplayName : Read all programs that user can access
 value                   : ProgramControl.Read.All

 id                      : 50fd364f-9d93-4ae1-b170-300e87cccf84
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read, update, delete and perform actions on programs and program controls that the signed-in user has access to in the organization.
 adminConsentDisplayName : Manage all programs that user can access
 value                   : ProgramControl.ReadWrite.All

 id                      : 02e97553-ed7b-43d0-ab3c-f8bace0d040c
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows an app to read all service usage reports on behalf of the signed-in user.  Services that provide usage reports include Office 365 and Azure Active Directory.
 adminConsentDisplayName : Read all usage reports
 value                   : Reports.Read.All

 id                      : 344a729c-0285-42c6-9014-f12b9b8d6129
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the active role-based access control (RBAC) assignments for your company's directory, on behalf of the signed-in user. This includes reading directory role templates, and directory roles.
 adminConsentDisplayName : Read all active role assignments for your company's directory
 value                   : RoleAssignmentSchedule.Read.Directory

 id                      : 8c026be3-8e26-4774-9372-8d5d6f21daff
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and manage the active role-based access control (RBAC) assignments for your company's directory, on behalf of the signed-in user. This includes managing active directory role membership, and reading directory role templates, directory roles and active memberships.
 adminConsentDisplayName : Read, update, and delete all active role assignments for your company's directory
 value                   : RoleAssignmentSchedule.ReadWrite.Directory

 id                      : eb0788c2-6d4e-4658-8c9e-c0fb8053f03d
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the eligible role-based access control (RBAC) assignments for your company's directory, on behalf of the signed-in user. This includes reading directory role templates, and directory roles.
 adminConsentDisplayName : Read all eligible role assignments for your company's directory
 value                   : RoleEligibilitySchedule.Read.Directory

 id                      : 62ade113-f8e0-4bf9-a6ba-5acb31db32fd
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and manage the eligible role-based access control (RBAC) assignments for your company's directory, on behalf of the signed-in user. This includes managing eligible directory role membership, and reading directory role templates, directory roles 
                           and eligible memberships.
 adminConsentDisplayName : Read, update, and delete  all eligible role assignments for your company's directory
 value                   : RoleEligibilitySchedule.ReadWrite.Directory

 id                      : 48fec646-b2ba-4019-8681-8eb31435aded
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the role-based access control (RBAC) settings for all RBAC providers, on behalf of the signed-in user.  This includes reading role definitions and role assignments.
 adminConsentDisplayName : Read role management data for all RBAC providers
 value                   : RoleManagement.Read.All

 id                      : 741c54c3-0c1e-44a1-818b-3f97ab4e8c83
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the role-based 

access control (RBAC) settings for your company's directory, on behalf of the signed-in user.  This includes reading directory role templates, 
                           directory roles and memberships.
 adminConsentDisplayName : Read directory RBAC settings
 value                   : RoleManagement.Read.Directory

 id                      : d01b97e9-cbc0-49fe-810a-750afd5527a3
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and manage the role-based access control (RBAC) settings for your company's directory, on behalf of the signed-in user. This includes instantiating directory 
                           roles and managing directory role membership, and reading directory role templates, 
                           directory roles and memberships.
 adminConsentDisplayName : Read and write directory RBAC settings
 value                   : RoleManagement.ReadWrite.Directory

 id                      : 3de2cdbe-0ff5-47d5-bdee-7f45b4749ead
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read policies for privileged role-based access control (RBAC) assignments of your company's directory, on behalf of the signed-in user.
 adminConsentDisplayName : Read all policies for privileged role assignments of your company's directory
 value                   : RoleManagementPolicy.Read.Directory

 id                      : 1ff1be21-34eb-448c-9ac9-ce1f506b2a68
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read, update, and delete policies for privileged role-based access control (RBAC) assignments of your company's directory, on behalf of the signed-in user.
 adminConsentDisplayName : Read, update, and delete all policies for privileged role assignments of your company's 
                           directory
 value                   : RoleManagementPolicy.ReadWrite.Directory

 id                      : fccf6dd8-5706-49fa-811f-69e2e1b585d0
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read schedule, schedule groups, shifts and associated entities in the Teams or Shifts application on behalf of the signed-in user.
 adminConsentDisplayName : Read user schedule items
 value                   : Schedule.Read.All

 id                      : 63f27281-c9d9-4f29-94dd-6942f7f1feb0
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to manage schedule, schedule groups, shifts and associated entities in the Teams or Shifts application on behalf of the signed-in user.
 adminConsentDisplayName : Read and write user schedule items
 value                   : Schedule.ReadWrite.All

 id                      : 7d307522-aa38-4cd0-bd60-90c6f0ac50bd
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read search configuration, on behalf of the signed-in user.
 adminConsentDisplayName : Read your organization's search configuration
 value                   : SearchConfiguration.Read.All

 id                      : b1a7d408-cab0-47d2-a2a5-a74a3733600d
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write search configuration, on behalf of the signed-in user.
 adminConsentDisplayName : Read and write your organization's search configuration
 value                   : SearchConfiguration.ReadWrite.All

 id                      : 1638cddf-07a4-4de2-8645-69c96cacad73
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read security actions, on behalf of the signed-in user.
 adminConsentDisplayName : Read your organization's security actions
 value                   : SecurityActions.Read.All

 id                      : dc38509c-b87d-4da0-bd92-6bec988bac4a
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read or update security actions, on behalf of the signed-in user.
 adminConsentDisplayName : Read and update your organization's security actions
 value                   : SecurityActions.ReadWrite.All

 id                      : 64733abd-851e-478a-bffb-e47a14b18235
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read your organization?s security events on behalf of the signed-in user.
 adminConsentDisplayName : Read your organization?s security events
 value                   : SecurityEvents.Read.All

 id                      : 6aedf524-7e1c-45a7-bd76-ded8cab8d0fc
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read your organization?s security events on behalf of the signed-in user. 
                           Also allows the app to update editable properties in security events on behalf of the 
                           signed-in user.
 adminConsentDisplayName : Read and update your organization?s security events
 value                   : SecurityEvents.ReadWrite.All

 id                      : 55896846-df78-47a7-aa94-8d3d4442ca7f
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read your tenant's service health information on behalf of the signed-in user. Health information may include service issues or service health overviews.
 adminConsentDisplayName : Read service health
 value                   : ServiceHealth.Read.All

 id                      : eda39fa6-f8cf-4c3c-a909-432c683e4c9b
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read your tenant's service announcement messages on behalf of the signed-in user. Messages may include information about new or changed features.
 adminConsentDisplayName : Read service announcement messages
 value                   : ServiceMessage.Read.All

 id                      : 9f9ce928-e038-4e3b-8faf-7b59049a8ddc
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read service principal endpoints
 adminConsentDisplayName : Read service principal endpoints
 value                   : ServicePrincipalEndpoint.Read.All

 id                      : 7297d82c-9546-4aed-91df-3d4f0a9b3ff0
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to update service principal endpoints
 adminConsentDisplayName : Read and update service principal endpoints
 value                   : ServicePrincipalEndpoint.ReadWrite.All

 id                      : 5a54b8b3-347c-476d-8f8e-42d5c7424d29
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the application to have full control of all site collections on behalf of the signed-in user.
 adminConsentDisplayName : Have full control of all site collections
 value                   : Sites.FullControl.All

 id                      : 5f88184c-80bb-4d52-9ff2-757288b2e9b7
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read all webhook subscriptions on behalf of the signed-in user.
 adminConsentDisplayName : Read all webhook subscriptions 
 value                   : Subscription.Read.All

 id                      : 2497278c-d82d-46a2-b1ce-39d4cdde5570
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Read the members of teams, on behalf of the signed-in user.
 adminConsentDisplayName : Read the members of teams
 value                   : TeamMember.Read.All

 id                      : 4a06efd2-f825-4e34-813e-82a57b03d1ee
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Add and remove members from teams, on behalf of the signed-in user. Also allows changing a member's role, for example from owner to non-owner.
 adminConsentDisplayName : Add and remove members from teams
 value                   : TeamMember.ReadWrite.All

 id                      : 2104a4db-3a2f-4ea0-9dba-143d457dc666
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Add and remove members from all teams, on behalf of the signed-in user. Does not allow adding or removing a member with the owner role. Additionally, does not allow the app to elevate an existing member to the owner role.
 adminConsentDisplayName : Add and remove members with non-owner role for all teams
 value                   : TeamMember.ReadWriteNonOwnerRole.All

 id                      : 9127ba42-f79f-43b1-be80-f23ecd42377e
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the Teams apps that are installed for the signed-in user, and in all teams the user is a member of. Does not give the ability to read application-specific 
                           settings.
 adminConsentDisplayName : Read all installed Teams apps
 value                   : TeamsApp.Read.All

 id                      : d3f0af02-b22d-4778-a433-14f7e3f2e1e2
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read, install, upgrade, and uninstall Teams apps, on behalf of the signed-in user and also for teams the user is a member of. Does not give the ability to read or write application-specific settings.
 adminConsentDisplayName : Manage all Teams apps
 value                   : TeamsApp.ReadWrite.All

 id                      : 5248dcb1-f83b-4ec3-9f4d-a4428a961a72
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the Teams apps that are installed in teams the signed-in user can access. Does not give the ability to read application-specific settings.
 adminConsentDisplayName : Read installed Teams apps in teams
 value                   : TeamsAppInstallation.ReadForTeam

 id                      : aa85bf13-d771-4d5d-a9e6-bca04ce44edf
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read, install, upgrade, and uninstall Teams apps in chats the signed-in user can access. Does not give the ability to read application-specific settings.
 adminConsentDisplayName : Manage installed Teams apps in chats
 value                   : TeamsAppInstallation.ReadWriteForChat

 id                      : 2e25a044-2580-450d-8859-42eeb6e996c0
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read, install, upgrade, and uninstall Teams apps in teams the signed-in user can access. Does not give the ability to read application-specific settings.
 adminConsentDisplayName : Manage installed Teams apps in teams
 value                   : TeamsAppInstallation.ReadWriteForTeam

 id                      : 093f8818-d05f-49b8-95bc-9d2a73e9a43c
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read, install, upgrade, and uninstall Teams apps installed for the 
signed-in user. Does not give the ability to read application-specific settings.
 adminConsentDisplayName : Manage user's installed Teams apps
 value                   : TeamsAppInstallation.ReadWriteForUser

 id                      : 0ce33576-30e8-43b7-99e5-62f8569a4002
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows a Teams app to read, install, upgrade, and uninstall itself in chats the signed-in user can access.
 adminConsentDisplayName : Allow the Teams app to manage itself in chats
 value                   : TeamsAppInstallation.ReadWriteSelfForChat

 id                      : 0f4595f7-64b1-4e13-81bc-11a249df07a9
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows a Teams app to read, install, upgrade, and uninstall itself to teams the signed-in user can access.
 adminConsentDisplayName : Allow the app to manage itself in teams
 value                   : TeamsAppInstallation.ReadWriteSelfForTeam

 id                      : 48638b3c-ad68-4383-8ac4-e6880ee6ca57
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Read all teams' settings, on behalf of the signed-in user.
 adminConsentDisplayName : Read teams' settings
 value                   : TeamSettings.Read.All

 id                      : 39d65650-9d3e-4223-80db-a335590d027e
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Read and change all teams' settings, on behalf of the signed-in user.
 adminConsentDisplayName : Read and change teams' settings
 value                   : TeamSettings.ReadWrite.All

 id                      : a9ff19c2-f369-4a95-9a25-ba9d460efc8e
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to create tabs in any team in Microsoft Teams, on behalf of the signed-in user. This does not grant the ability to read, modify or delete tabs after they are created, or give access to the content inside the tabs.
 adminConsentDisplayName : Create tabs in Microsoft Teams.
 value                   : TeamsTab.Create

 id                      : 59dacb05-e88d-4c13-a684-59f1afc8cc98
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Read the names and settings of tabs inside any team in Microsoft Teams, on behalf of the signed-in user. This does not give access to the content inside the tabs.
 adminConsentDisplayName : Read tabs in Microsoft Teams.
 value                   : TeamsTab.Read.All

 id                      : b98bfd41-87c6-45cc-b104-e2de4f0dafb9
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Read and write tabs in any team in Microsoft Teams, on behalf of the signed-in user. This does not give access to the content inside the tabs.
 adminConsentDisplayName : Read and write tabs in Microsoft Teams.
 value                   : TeamsTab.ReadWrite.All

 id                      : ee928332-e9c2-4747-b4a0-f8c164b68de6
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows a Teams app to read, install, upgrade, and uninstall all tabs in chats the signed-in user can access.
 adminConsentDisplayName : Allow the Teams app to manage all tabs in chats
 value                   : TeamsTab.ReadWriteForChat

 id                      : c975dd04-a06e-4fbb-9704-62daad77bb49
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows a Teams app to read, install, upgrade, and uninstall all tabs to teams the signed-in user can access.
 adminConsentDisplayName : Allow the Teams app to manage all tabs in teams
 value                   : TeamsTab.ReadWriteForTeam

 id                      : 0c219d04-3abf-47f7-912d-5cca239e90e6
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows a Teams app to read, install, upgrade, and uninstall its own tabs in chats the signed-in user can access.
 adminConsentDisplayName : Allow the Teams app to manage only its own tabs in chats
 value                   : TeamsTab.ReadWriteSelfForChat

 id                      : f266662f-120a-4314-b26a-99b08617c7ef
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows a Teams app to read, install, upgrade, and uninstall its own tabs to teams the signed-in user can access.
 adminConsentDisplayName : Allow the Teams app to manage only its own tabs in teams
 value                   : TeamsTab.ReadWriteSelfForTeam

 id                      : 297f747b-0005-475b-8fef-c890f5152b38
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the term store data that the signed-in user has access to. This includes all sets, groups and terms in the term store.
 adminConsentDisplayName : Read term store data
 value                   : TermStore.Read.All

 id                      : 6c37c71d-f50f-4bff-8fd3-8a41da390140
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read or modify data that the signed-in user has access to.This includes all sets, groups and terms in the term store.
 adminConsentDisplayName : Read and write term store data
 value                   : TermStore.ReadWrite.All

 id                      : cac97e40-6730-457d-ad8d-4852fddab7ad
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows an app to read your organization's threat assessment requests on behalf of the signed-in user. Also allows the app to create new requests to assess threats received by your organization on behalf of the signed-in user.
 adminConsentDisplayName : Read and write threat assessment requests
 value                   : ThreatAssessment.ReadWrite.All

 id                      : 9cc427b4-2004-41c5-aa22-757b755e9796
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read all the indicators for your organization, on behalf of the signed-in user.
 adminConsentDisplayName : Read all threat indicators
 value                   : ThreatIndicators.Read.All

 id                      : 91e7d36d-022a-490f-a748-f8e011357b42
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to create threat indicators, and fully manage those threat indicators (read, update and delete), on behalf of the signed-in user. It cannot update any threat indicators it does not own.
 adminConsentDisplayName : Manage threat indicators this app creates or owns
 value                   : ThreatIndicators.ReadWrite.OwnedBy

 id                      : 7ad34336-f5b1-44ce-8682-31d7dfcd9ab9
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read trust framework key set properties on behalf of the signed-in user.
 adminConsentDisplayName : Read trust framework key sets
 value                   : TrustFrameworkKeySet.Read.All

 id                      : 39244520-1e7d-4b4a-aee0-57c65826e427
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write trust framework key set properties on behalf of the signed-in user.
 adminConsentDisplayName : Read and write trust framework key sets
 value                   : TrustFrameworkKeySet.ReadWrite.All

 id                      : 73e75199-7c3e-41bb-9357-167164dbb415
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read basic unified group properties, memberships and owners of the group the signed-in guest is a member of.
 adminConsentDisplayName : Read unified group memberships as guest
 value                   : UnifiedGroupMember.Read.AsGuest

 id                      : 405a51b5-8d8d-430b-9842-8be4b0e9f324
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to export data (e.g. customer content or system-generated logs), associated with any user in your company, when the app is used by a privileged user (e.g. a Company Administrator).
 adminConsentDisplayName : Export user's data
 value                   : User.Export.All

 id                      : 63dd7cd9-b489-4adf-a28c-ac38b9a0f962
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to invite guest users to the organization, on behalf of the signed-in user.
 adminConsentDisplayName : Invite guest users to the organization
 value                   : User.Invite.All

 id                      : 637d7bec-b31e-4deb-acc9-24275642a2c9
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read, update and delete identities that are associated with a user's account that the signed-in user has access to. This controls the identities users can sign-in with.
 adminConsentDisplayName : Manage  user identities
 value                   : User.ManageIdentities.All

 id                      : a154be20-db9c-4678-8ab7-66f6cc099a59
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.
 adminConsentDisplayName : Read all users' full profiles
 value                   : User.Read.All

 id                      : 204e0828-b5ca-4ad8-b9f3-f32a958e7cc4
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.
 adminConsentDisplayName : Read and write all users' full profiles
 value                   : User.ReadWrite.All

 id                      : 1f6b61c5-2f65-4135-9c9f-31c0f8d32b52
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read the signed-in user's authentication methods, including phone numbers and Authenticator app settings. This does not allow the app to see secret information like the signed-in user's passwords, or to sign-in  or otherwise use the signed-in user's authentication methods.
 adminConsentDisplayName : Read user authentication methods.
 value                   : UserAuthenticationMethod.Read

 id                      : aec28ec7-4d02-4e8c-b864-50163aea77eb
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read authentication methods of all users in your organization that the signed-in user has access to. Authentication methods include things like a user?s phone numbers and Authenticator app settings. This does not allow the app to see secret information like passwords, or to sign-in or otherwise use the authentication methods.
 adminConsentDisplayName : Read all users' authentication methods
 value                   : UserAuthenticationMethod.Read.All

 id                      : 48971fc1-70d7-4245-af77-0beb29b53ee2
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write the signed-in user's authentication methods, including phone numbers and Authenticator app settings.                       This does not allow the app to see secret information like the signed-in user's passwords, or to sign-in or otherwise use the signed-in user's authentication methods.  
 adminConsentDisplayName : Read and write user authentication methods
 value                   : UserAuthenticationMethod.ReadWrite

 id                      : b7887744-6746-4312-813d-72daeaee7e2d
 isEnabled               : True
 type                    : Admin
 adminConsentDescription :  Allows the app to read and write authentication methods of all users in your organization that the signed-in user has access to.                       Authentication methods include things like a user?s phone numbers and Authenticator app settings. This does not allow the app to see secret information like passwords, or to sign-in or otherwise 
                           use the authentication methods.
 adminConsentDisplayName : Read and write all users' authentication methods.
 value                   : UserAuthenticationMethod.ReadWrite.All

 id                      : 11776c0c-6138-4db3-a668-ee621bea2555
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read and write all Windows update deployment settings for the organization on behalf of the signed-in user.
 adminConsentDisplayName : Read and write all Windows update deployment settings
 value                   : WindowsUpdates.ReadWrite.All

 id                      : f1ccd5a7-6383-466a-8db8-1a656f7d06fa
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to read workforce integrations, to synchronize data from Microsoft Teams 
                           Shifts, on behalf of the signed-in user.
 adminConsentDisplayName : Read workforce integrations
 value                   : WorkforceIntegration.Read.All
 
 id                      : 08c4b377-0d23-4a8b-be2a-23c1c1d88545
 isEnabled               : True
 type                    : Admin
 adminConsentDescription : Allows the app to manage workforce integrations, to synchronize data from Microsoft Teams Shifts, on behalf of the signed-in user.
 adminConsentDisplayName : Read and write workforce integrations
 value                   : WorkforceIntegration.ReadWrite.All

List of Delegated Scope IDs

Here is the output from the above script for the Microsoft Graph oAuth delegated permissions.

 id                     : e03cf23f-8056-446a-8994-7d93dfc8b50e
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your activity statistics, such as how much time you've spent on emails, in meetings, or in chat sessions.
 userConsentDisplayName : Read your activity statistics
 value                  : Analytics.Read

 id                     : 88e58d74-d3df-44f3-ad47-e89edf4472e4
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read apps in the app catalogs.
 userConsentDisplayName : Read all app catalogs
 value                  : AppCatalog.Read.All

 id                     : 3db89e36-7fa6-4012-b281-85f3d9d9fd2e
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to submit application packages to the catalog and cancel submissions that are pending review on your behalf.
 userConsentDisplayName : Submit application packages to your organization's catalog and cancel pending submissions
 value                  : AppCatalog.Submit

 id                     : 7f36b48e-542f-4d3b-9bcb-8406f0ab9fdb
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows an app to read, write and manage bookings appointments, businesses, customers, services, and staff on your behalf.
 userConsentDisplayName : Manage bookings information
 value                  : Bookings.Manage.All

 id                     : 33b1df99-4b29-4548-9339-7a7b83eaeebc
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows an app to read bookings appointments, businesses, customers, services, and staff on your behalf.
 userConsentDisplayName : Read bookings information
 value                  : Bookings.Read.All

 id                     : 948eb538-f19d-4ec5-9ccc-f059e1ea4c72
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows an app to read and write Bookings appointments, businesses, customers, services, and staff on your behalf. Does not allow create, delete and publish of booking businesses.
 userConsentDisplayName : Read and write bookings information
 value                  : Bookings.ReadWrite.All

 id                     : 02a5a114-36a6-46ff-a102-954d89d9ab02
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows an app to read and write bookings appointments and customers, and additionally allows read businesses information, services, and staff on your behalf.
 userConsentDisplayName : Read and write booking appointments
 value                  : BookingsAppointment.ReadWrite.All

 id                     : 465a38f9-76ea-45b9-9f34-9e8b0d4b0b42
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read events in your calendars. 
 userConsentDisplayName : Read your calendars 
 value                  : Calendars.Read

 id                     : 2b9c4092-424d-4249-948d-b43879977640
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read events in all calendars that you can access, including delegate and shared calendars.
 userConsentDisplayName : Read calendars?you can access
 value                  : Calendars.Read.Shared

 id                     : 1ec239c2-d7c9-4623-a91a-a9775856bb36
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, update, create and delete events in your calendars. 
 userConsentDisplayName : Have full access to your calendars  
 value                  : Calendars.ReadWrite

 id                     : 12466101-c9b8-439a-8589-dd09ee67e8e9
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, update, create and delete events in all calendars in your organization you have permissions to access. This includes delegate and shared calendars.
 userConsentDisplayName : Read and write to your and shared calendars
 value                  : Calendars.ReadWrite.Shared

 id                     : 9d8982ae-4365-4f57-95e9-d6032a4c0b87
 isEnabled              : True
 type                   : User
 userConsentDescription : Read channel names and channel descriptions, on your behalf.
 userConsentDisplayName : Read the names and descriptions of channels
 value                  : Channel.ReadBasic.All

 id                     : 32ea53ac-4a89-4cde-bac4-727c6fb9ac29
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to delete channel messages in Microsoft Teams, on your behalf.
 userConsentDisplayName : Delete your channel messages
 value                  : ChannelMessage.Delete

 id                     : 2b61aa8a-6d36-4b2f-ac7b-f29867937c53
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to edit channel messages in Microsoft Teams, on your behalf.
 userConsentDisplayName : Edit your channel messages
 value                  : ChannelMessage.Edit

 id                     : ebf0f66e-9fb1-49e4-a278-222f76911cf4
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to send channel messages in Microsoft Teams, on your behalf.
 userConsentDisplayName : Send channel messages
 value                  : ChannelMessage.Send

 id                     : 38826093-1258-4dea-98f0-00003be2b8d0
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to create chats on your behalf.?
 userConsentDisplayName : Create chats
 value                  : Chat.Create

 id                     : f501c180-9344-439a-bca0-6cbf209fd270
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows an app to read your 1 on 1 or group chat messages in Microsoft Teams, on your behalf.
 userConsentDisplayName : Read your chat messages
 value                  : Chat.Read

 id                     : 9547fcb5-d03f-419d-9948-5928bbf71b0f
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows an app to read the members and descriptions of one-to-one and group chat threads, on your behalf.
 userConsentDisplayName : Read names and members of your chat threads
 value                  : Chat.ReadBasic

 id                     : 9ff7295e-131b-4d94-90e1-69fde507ac11
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows an app to read and write your 1 on 1 or group chat messages in Microsoft Teams, on your behalf.
 userConsentDisplayName : Read and write your chat messages
 value                  : Chat.ReadWrite

 id                     : cdcdac3a-fd45-410d-83ef-554db620e5c7
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows an app to read one-to-one or group chat messages in Microsoft Teams, on your behalf.
 userConsentDisplayName : Read user chat messages
 value                  : ChatMessage.Read

 id                     : 116b7235-7cc6-461e-b163-8e55691d839e
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows an app to send one-to-one and group chat messages in Microsoft Teams, on your behalf.
 userConsentDisplayName : Send chat messages
 value                  : ChatMessage.Send

 id                     : 5252ec4e-fd40-4d92-8c68-89dd1d3c6110
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read the properties of Cloud PCs, on your behalf.
 userConsentDisplayName : Read Cloud PCs
 value                  : CloudPC.Read.All

 id                     : ff74d97f-43af-4b68-9f2a-b77ee6968c5d
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read contacts in your contact folders. 
 userConsentDisplayName : Read your contacts 
 value                  : Contacts.Read

 id                     : 242b9d9e-ed24-4d09-9a52-f43769beb9d4
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read contacts you have permissions to access, including your own and shared contacts.
 userConsentDisplayName : Read your and shared contacts
 value                  : Contacts.Read.Shared

 id                     : d56682ec-c09e-4743-aaf4-1a3aac4caa21
 isEnabled              : True 
 type                   : User
 userConsentDescription : Allows the app to read, update, create and delete contacts in your contact folders. 
 userConsentDisplayName : Have full access of your contacts 
 value                  : Contacts.ReadWrite

 id                     : afb6c84b-06be-49af-80bb-8f3f77004eab
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, update, create, and delete contacts you have permissions to access, including your own and shared contacts.
 userConsentDisplayName : Read and write to your and shared contacts
 value                  : Contacts.ReadWrite.Shared

 id                     : bac3b9c2-b516-4ef4-bd3b-c2ef73d8d804
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to launch another app or communicate with another app on a device that you own.
 userConsentDisplayName : Communicate with your other devices
 value                  : Device.Command

 id                     : 11d4cd79-5ba5-460f-803f-e22c8ab85ccd
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to see your list of devices.
 userConsentDisplayName : View your list of devices
 value                  : Device.Read

 id                     : ff91d191-45a0-43fd-b837-bd682c4a0b0f
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app full access to your mailboxes on your behalf.
 userConsentDisplayName : Access your mailboxes
 value                  : EAS.AccessAsUser.All

 id                     : 64a6cdd6-aab1-4aaf-94b8-3cc8405e90d0
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your primary email address
 userConsentDisplayName : View your email address
 value                  : email

 id                     : 9769c687-087d-48ac-9cb3-c37dde652038
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app full access to your mailboxes on your behalf.
 userConsentDisplayName : Access your mailboxes
 value                  : EWS.AccessAsUser.All

 id                     : 3a1e4806-a744-4c70-80fc-223bf8582c46
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your family information, members and their basic profile.
 userConsentDisplayName : Read your family info
 value                  : Family.Read

 id                     : 10465720-29dd-4523-a11a-6a75c743c9d9
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your files.
 userConsentDisplayName : Read your files
 value                  : Files.Read

 id                     : df85f4d6-205c-4ac5-a5ea-6bf408dba283
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read all files you can access.
 userConsentDisplayName : Read all files that you have access to
 value                  : Files.Read.All

 id                     : 5447fe39-cb82-4c1a-b977-520e67e724eb
 isEnabled              : True
 type                   : User
 userConsentDescription : (Preview) Allows the app to read files that you select. After you select a file, the app has access to the file for several hours.
 userConsentDisplayName : Read selected files
 value                  : Files.Read.Selected

 id                     : 5c28f0bf-8a70-41f1-8ab2-9032436ddb65
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, create, update, and delete your files.
 userConsentDisplayName : Have full access to your files
 value                  : Files.ReadWrite

 id                     : 863451e7-0667-486c-a5d6-d135439485f0
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, create, update and delete all files that you can access.
 userConsentDisplayName : Have full access to all files you have access to
 value                  : Files.ReadWrite.All

 id                     : 8019c312-3263-48e6-825e-2b833497195b
 isEnabled              : True
 type                   : User
 userConsentDescription : (Preview) Allows the app to read, create, update and delete files in the application's folder.
 userConsentDisplayName : Have full access to the application's folder
 value                  : Files.ReadWrite.AppFolder

 id                     : 17dde5bd-8c17-420f-a486-969730c1b827
 isEnabled              : True
 type                   : User
 userConsentDescription : (Preview) Allows the app to read and write files that you select. After you select a file, the app has access to the file for several hours.
 userConsentDisplayName : Read and write selected files
 value                  : Files.ReadWrite.Selected

 id                     : f534bf13-55d4-45a9-8f3c-c92fe64d6131
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read and write financials data on your behalf.
 userConsentDisplayName : Read and write financials data
 value                  : Financials.ReadWrite.All

 id                     : 652390e4-393a-48de-9484-05f9b1212954
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, update, create and delete email in your mailbox. Does not include permission to send mail.
 userConsentDisplayName : Read and write access to your mail.
 value                  : IMAP.AccessAsUser.All

 id                     : 4ad84827-5578-4e18-ad7a-86530b12f884
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows an app to read information protection sensitivity labels and label policy settings, on 
                          behalf of the signed-in user.
 userConsentDisplayName : Read user sensitivity labels and label policies.
 value                  : InformationProtectionPolicy.Read

 id                     : 570282fd-fa5c-430d-a7fd-fc8dc98a9dca
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read email in your mailbox. 
 userConsentDisplayName : Read your mail 
 value                  : Mail.Read

 id                     : 7b9103a5-4610-446b-9670-80643382c1fa
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read mail you can access, including shared mail.
 userConsentDisplayName : Read mail you can access
 value                  : Mail.Read.Shared

 id                     : a4b8392a-d8d1-4954-a029-8e668a39a170
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read email in the signed-in user's mailbox except body, previewBody, attachments and any extended properties.
 userConsentDisplayName : Read user basic mail
 value                  : Mail.ReadBasic

 id                     : 024d486e-b451-40bb-833d-3e66d98c5c73
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, update, create and delete email in your mailbox. Does not include 
                          permission to send mail. 
 userConsentDisplayName : Read and write access to your mail 
 value                  : Mail.ReadWrite

 id                     : 5df07973-7d5d-46ed-9847-1271055cbd51
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, update, create, and delete mail you have permission to access, including your own and shared mail. Does not allow the app to send mail on your behalf.
 userConsentDisplayName : Read and write mail?you can access
 value                  : Mail.ReadWrite.Shared

 id                     : e383f46e-2787-4529-855e-0e479a3ffac0
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to send mail as you. 
 userConsentDisplayName : Send mail as you 
 value                  : Mail.Send

 id                     : a367ab51-6b49-43bf-a716-a1fb06d2a174
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to send mail as you or on-behalf of someone else.
 userConsentDisplayName : Send mail on behalf of others or yourself
 value                  : Mail.Send.Shared

 id                     : 87f447af-9fa4-4c32-9dfa-4a57a73d18ce
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your mailbox settings.
 userConsentDisplayName : Read your mailbox settings
 value                  : MailboxSettings.Read

 id                     : 818c620a-27a9-40bd-a6a5-d96f7d610b4b
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, update, create, and delete your mailbox settings.
 userConsentDisplayName : Read and write to your mailbox settings
 value                  : MailboxSettings.ReadWrite

 id                     : 9d822255-d64d-4b7a-afdb-833b9a97ed02
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to view the titles of your OneNote notebooks and sections and to create new pages, notebooks, and sections on your behalf.
 userConsentDisplayName : Create your OneNote notebooks
 value                  : Notes.Create

 id                     : 371361e4-b9e2-4a3f-8315-2a301a3b0a3d
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read OneNote notebooks on your behalf.
 userConsentDisplayName : Read your OneNote notebooks
 value                  : Notes.Read

 id                     : dfabfca6-ee36-4db2-8208-7a28381419b3
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read all the OneNote notebooks that you have access to.
 userConsentDisplayName : Read all OneNote notebooks that you can access
 value                  : Notes.Read.All

 id                     : 615e26af-c38a-4150-ae3e-c3b0d4cb1d6a
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, share, and modify OneNote notebooks on your behalf.
 userConsentDisplayName : Read and write your OneNote notebooks
 value                  : Notes.ReadWrite

 id                     : 64ac0503-b4fa-45d9-b544-71a463f05da0
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, share, and modify all the OneNote notebooks that you have access to.
 userConsentDisplayName : Read and write all OneNote notebooks that you can access
 value                  : Notes.ReadWrite.All

 id                     : ed68249d-017c-4df5-9113-e684c7f8760b
 isEnabled              : True
 type                   : User
 userConsentDescription : This permission no longer has any effect. You can safely consent to it. No additional 
                          privileges will be granted to the app.
 userConsentDisplayName : Limited access to your OneNote notebooks for this app (preview)
 value                  : Notes.ReadWrite.CreatedByApp

 id                     : 89497502-6e42-46a2-8cb2-427fd3df970a
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to deliver its notifications, on your behalf. Also allows the app to read, update, and delete your notification items for this app.
 userConsentDisplayName : Deliver and manage your notifications for this app
 value                  : Notifications.ReadWrite.CreatedByApp

 id                     : 7427e0e9-2fba-42fe-b0c0-848c9e6a8182
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to see and update the data you gave it access to, even when you are not currently using the app. This does not give the app any additional permissions.
 userConsentDisplayName : Maintain access to data you have given it access to
 value                  : offline_access

 id                     : 110e5abb-a10c-4b59-8b55-9b4daa4ef743
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read online meeting artifacts on your behalf.
 userConsentDisplayName : Read user's online meeting artifacts
 value                  : OnlineMeetingArtifact.Read.All

 id                     : 9be106e1-f4e3-4df5-bdff-e4bc531cbe43
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read online meeting details on your behalf.
 userConsentDisplayName : Read your online meetings
 value                  : OnlineMeetings.Read

 id                     : a65f2972-a4f8-4f5e-afd7-69ccb046d5dc
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read and create online meetings on your behalf.
 userConsentDisplayName : Read and create your online meetings
 value                  : OnlineMeetings.ReadWrite

 id                     : 37f7f235-527c-4136-accd-4a02d197296e
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows you to sign in to the app with your work or school account and allows the app to read your basic profile information.
 userConsentDisplayName : Sign in as you
 value                  : openid

 id                     : ba47897c-39ec-4d83-8086-ee8256fa737d
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read a list of people in the order that's most relevant to you. This includes your local contacts, your contacts from social networking, people listed in your organization's directory, and people from recent communications.
 userConsentDisplayName : Read your relevant people list
 value                  : People.Read

 id                     : 40f6bacc-b201-40da-90a5-09775cc4a863
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your personal places.
 userConsentDisplayName : Read your places
 value                  : Place.Read

 id                     : 0b3f56bc-fecd-4036-8930-660fc672e342
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your personal places and other users? personal places that you have 
                          delegate access to.
 userConsentDisplayName : Read user delegate places
 value                  : Place.Read.Shared

 id                     : 012ba4a5-ca82-4a76-95ba-6c27f44364c3
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to create, read, and update personal places on your behalf.
 userConsentDisplayName : Read and write your places
 value                  : Place.ReadWrite

 id                     : 633e0fce-8c58-4cfb-9495-12bbd5a24f7c
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your organization's conditional access policies on your behalf.
 userConsentDisplayName : Read your organization's conditional access policies
 value                  : Policy.Read.ConditionalAccess

 id                     : d7b7f2d9-0f45-4ea1-9d42-e50810c06991
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, update, create and delete email in your mailbox. Does not include permission to send mail.
 userConsentDisplayName : Read and write access to your mail.
 value                  : POP.AccessAsUser.All

 id                     : 76bc735e-aecd-4a1d-8b4c-2b915deabb79
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your presence information on your behalf. Presence information includes activity, availability, status note, calendar out-of-office message, timezone and location.
 userConsentDisplayName : Read your presence information
 value                  : Presence.Read

 id                     : 9c7a330d-35b3-4aa1-963d-cb2b9f927841
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read presence information of all users in the directory on your behalf. Presence information includes activity, availability, status note, calendar out-of-office message, timezone and location.
 userConsentDisplayName : Read presence information of all users in your organization
 value                  : Presence.Read.All

 id                     : 8d3c54a7-cf58-4773-bf81-c0cd6ad522bb
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read the presence information and write activity and availability on-behalf-of the signed-in user. Presence information includes activity, availability, status note, calendar out-of-office message, timezone and location.
 userConsentDisplayName : Read and write your presence information
 value                  : Presence.ReadWrite

 id                     : ed11134d-2f3f-440d-a2e1-411efada2502
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the application to read printer shares on your behalf.?
 userConsentDisplayName : Read printer shares
 value                  : PrinterShare.Read.All

 id                     : 5fa075e9-b951-4165-947b-c63396ff0a37
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the application to read basic information about printer shares on your behalf.
 userConsentDisplayName : Read basic information about printer shares
 value                  : PrinterShare.ReadBasic.All

 id                     : 21f0d9c0-9f13-48b3-94e0-b6b231c7d320
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the application to create print jobs on your behalf and upload document content to print jobs  that you created.
 userConsentDisplayName : Create your print jobs
 value                  : PrintJob.Create

 id                     : 248f5528-65c0-4c88-8326-876c7236df5e
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the application to read the metadata and document content of print jobs that you created.
 userConsentDisplayName : Read your print jobs
 value                  : PrintJob.Read

 id                     : 6a71a747-280f-4670-9ca0-a9cbf882b274
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the application to read the metadata of print jobs that you created. Does not allow access to print job document content.
 userConsentDisplayName : Read basic information of your print jobs
 value                  : PrintJob.ReadBasic

 id                     : b81dd597-8abb-4b3f-a07a-820b0316ed04
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the application to read and update the metadata and document content of print jobs that you created.
 userConsentDisplayName : Read and update your print jobs
 value                  : PrintJob.ReadWrite

 id                     : 6f2d22f2-1cb6-412c-a17c-3336817eaa82
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the application to read and update the metadata of print jobs that you created. Does not allow access to print job document content.
 userConsentDisplayName : Read and write basic information of your print jobs
 value                  : PrintJob.ReadWriteBasic

 id                     : 14dad69e-099b-42c9-810b-d002981feec1
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to see your basic profile (name, picture, user name)
 userConsentDisplayName : View your basic profile
 value                  : profile

 id                     : 50f66e47-eb56-45b7-aaa2-75057d9afe08
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your short notes.
 userConsentDisplayName : Read your short notes
 value                  : ShortNotes.Read

 id                     : 328438b7-4c01-4c07-a840-e625a749bb89
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, create, edit, and delete your short notes.
 userConsentDisplayName : Read, create, edit, and delete your short notes
 value                  : ShortNotes.ReadWrite

 id                     : 65e50fdc-43b7-4915-933e-e8138f11f40a
 isEnabled              : True
 type                   : User
 userConsentDescription : Allow the application to create or delete document libraries and lists in all site collections on your behalf.
 userConsentDisplayName : Create, edit, and delete items and lists in all your site collections
 value                  : Sites.Manage.All

 id                     : 205e70e5-aba6-4c52-a976-6d2d46c48043
 isEnabled              : True
 type                   : User
 userConsentDescription : Allow the application to read documents and list items in all site collections on your behalf
 userConsentDisplayName : Read items in all site collections
 value                  : Sites.Read.All

 id                     : 89fe6a52-be36-487e-b7d8-d061c450a026
 isEnabled              : True
 type                   : User
 userConsentDescription : Allow the application to edit or delete documents and list items in all site collections on your behalf.
 userConsentDisplayName : Edit or delete items in all site collections
 value                  : Sites.ReadWrite.All

 id                     : 258f6531-6087-4cc4-bb90-092c5fb3ed3f
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to send emails on your behalf from your mailbox.
 userConsentDisplayName : Access to sending emails from your mailbox.
 value                  : SMTP.Send

 id                     : f45671fb-e0fe-4b4b-be20-3d3ce43f1bcb
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your tasks and task lists, including any shared with you. Doesn't include permission to create, delete, or update anything.
 userConsentDisplayName : Read your tasks and task lists
 value                  : Tasks.Read

 id                     : 88d21fd4-8e5a-4c32-b5e2-4a1c95f34f72
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read tasks you have permissions to access, including your own and shared tasks.
 userConsentDisplayName : Read your and shared tasks
 value                  : Tasks.Read.Shared

 id                     : 2219042f-cab5-40cc-b0d2-16b1540b4c5f
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to create, read, update, and delete your tasks and task lists, including any shared with you.
 userConsentDisplayName : Create, read, update, and delete your tasks and task lists
 value                  : Tasks.ReadWrite

 id                     : c5ddf11b-c114-4886-8558-8a4e557cd52b
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, update, create, and delete tasks you have permissions to access, including your own and shared tasks.
 userConsentDisplayName : Read and write to your and shared tasks
 value                  : Tasks.ReadWrite.Shared

 id                     : 7825d5d6-6049-4ce7-bdf6-3b8d53f4bcd0
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to create teams on your behalf.?
 userConsentDisplayName : Create teams
 value                  : Team.Create

 id                     : 485be79e-c497-4b35-9400-0e3fa7f2a5d4
 isEnabled              : True
 type                   : User
 userConsentDescription : Read the names and  descriptions of teams, on your behalf.
 userConsentDisplayName : Read the names and descriptions of teams
 value                  : Team.ReadBasic.All

 id                     : 0e755559-83fb-4b44-91d0-4cc721b9323e
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your teamwork activity feed.
 userConsentDisplayName : Read your teamwork activity feed
 value                  : TeamsActivity.Read

 id                     : 7ab1d787-bae7-4d5d-8db6-37ea32df9186
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to create new activities in your teamwork activity feed, and send new activities to other users' activity feed, on your behalf.
 userConsentDisplayName : Send a teamwork activity
 value                  : TeamsActivity.Send

 id                     : daef10fc-047a-48b0-b1a5-da4b5e72fabc
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read the Teams apps that are installed for you. Does not give the ability to read application-specific settings.
 userConsentDisplayName : Read your installed Teams apps
 value                  : TeamsApp.Read

 id                     : 2a5addc2-4d9e-4d7d-8527-5215aec410f3
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read, install, upgrade, and uninstall Teams apps, on your behalf. Does not give the ability to read or write application-specific settings.
 userConsentDisplayName : Manage your Teams apps
 value                  : TeamsApp.ReadWrite

 id                     : bf3fbf03-f35f-4e93-963e-47e4d874c37a
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read the Teams apps that are installed in chats that you can access. Does not give the ability to read application-specific settings.
 userConsentDisplayName : Read installed Teams apps in chats
 value                  : TeamsAppInstallation.ReadForChat

 id                     : c395395c-ff9a-4dba-bc1f-8372ba9dca84
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read the Teams apps that are installed for you. Does not give the ability to read application-specific settings.
 userConsentDisplayName : Read your installed Teams apps
 value                  : TeamsAppInstallation.ReadForUser

 id                     : 207e0cb1-3ce7-4922-b991-5a760c346ebc
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows a Teams app to read, install, upgrade, and uninstall itself for you.
 userConsentDisplayName : Allow the Teams app to manage itself for you
 value                  : TeamsAppInstallation.ReadWriteSelfForUser

 id                     : c37c9b61-7762-4bff-a156-afc0005847a0
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows a Teams app to read, install, upgrade, and uninstall all tabs for you.
 userConsentDisplayName : Allow the Teams app to manage all tabs for you
 value                  : TeamsTab.ReadWriteForUser

 id                     : 395dfec1-a0b9-465f-a783-8250a430cb8c
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows a Teams app to read, install, upgrade, and uninstall its own tabs for you.
 userConsentDisplayName : Allow the Teams app to manage only its own tabs for you
 value                  : TeamsTab.ReadWriteSelfForUser

 id                     : e1fe6dd8-ba31-4d61-89e7-88639da4683d
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows you to sign in to the app with your organizational account and let the app read your profile. It also allows the app to read basic company information.
 userConsentDisplayName : Sign you in and read your profile
 value                  : User.Read

 id                     : b340eb25-3456-403f-be2f-af7a0d370277
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read a basic set of profile properties of other users in your organization on your behalf. Includes display name, first and last name, email address and photo.
 userConsentDisplayName : Read all users' basic profiles
 value                  : User.ReadBasic.All

 id                     : b4e74841-8e56-480b-be8b-910348b18b4c
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read your profile, and discover your group membership, reports and manager. It also allows the app to update your profile information on your behalf.
 userConsentDisplayName : Read and update your profile
 value                  : User.ReadWrite

 id                     : 47607519-5fb1-47d9-99c7-da4b48f369b1
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to read and report your activity in the app.
 userConsentDisplayName : Read and write app activity to your activity feed
 value                  : UserActivity.ReadWrite.CreatedByApp

 id                     : 26e2f3e8-b2a1-47fc-9620-89bb5b042024
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to send, read, update and delete your app-specific notifications.
 userConsentDisplayName : Deliver and manage your notifications
 value                  : UserNotification.ReadWrite.CreatedByApp

 id                     : 367492fc-594d-4972-a9b5-0d58c622c91c
 isEnabled              : True
 type                   : User
 userConsentDescription : Allows the app to report your app activity information to Microsoft Timeline.
 userConsentDisplayName : Write app activity to your timeline
 value                  : UserTimelineActivity.Write.CreatedByApp

Summary

Here is a list of MS Graph Permission Scope IDs. New APIs and scopes are being added all the time but the quick command line method to obtain the full list is also in this post. Also refer to Merill’s fantastic Microsoft Graph Permissions Explorer which I utilise a lot.