Set (EduRoster.Read.All, EduRoster.ReadWrite.All) Application Permissions

1
votes

I am working with School Data Sync(SDS) and Azure Active Directory with Microsoft Graph API with a custom Web App that is being developed. I require read and write to the SDS objects (class, school etc) created by a SDS sync profile.

Reading https://developer.microsoft.com/en-us/graph/docs/api-reference/beta/api/educationroot_list_schools and related documentation - I can potentially achieve the above.

Yet the required permissions ( EduRoster.Read.All, EduRoster.ReadWrite.All ) are not available to be set in the Active Directory Portal (using application > Settings > Required Permissions > Microsoft Graph)

How can I perhaps set the required permissions, perhaps by some other means or through the portal, for my app?

1
azure-active-directorymicrosoft-graph-api

1 Answers

2
votes

The documentation you posted is right. The documentation shows Permissions's Name directly. Acutally, if you use v2 endpoint application in Microsoft App Registration Portal to choose permissions, you will see these permissions directly.

For this case, the permissions you saw in the Azure portal is the permission's Display String.

For Example:

Application permissions: EduRoster.ReadWrite.All 's Display string is Read and write the organization's roster.

So, you can add these permissions for your scenario:

enter image description here

You can see details about Microsoft Graph Permissions Reference in this documentation.