GUID Table for Windows Azure Active Directory Permissions
Introduction
This blog is meant to help users who need to get the Windows Azure Active Directory Permissions (WAAD) Globally Unique Identifiers (GUIDs) in order to create AAD Applications using the Microsoft Graph API, or for other reasons where they just need to get the GUID for a certain WAAD permission. For further information regarding AAD permissions please refer to the blog post : https://blogs.msdn.microsoft.com/aaddevsup/2018/05/21/finding-the-correct-permissions-for-a-microsoft-or-azure-active-directory-graph-call/
Note: That these GUIDs are subject to change in the future and may not be the same anymore.
Table
The Resource App ID for the Windows Azure Active Directory is : 00000002-0000-0000-c000-000000000000
| GUID of Permission | Permission |
| 5778995a-e1bf-45b8-affa-663a9f3f4d04Type : Role | Read directory data |
| abefe9df-d5a9-41c6-a60b-27b38eac3efbType : Role | Read and write domains |
| 78c8a3c8-a07e-4b9e-af1b-b5ccab50a175Type : Role | Read and write directory data |
| 1138cb37-bd11-4084-a2b7-9f71582aeddbType : Role | Read and write devices |
| 9728c0c4-a06b-4e0e-8d1b-3d694e8ec207Type : Role | Read all hidden memberships |
| 824c81eb-e3f8-4ee6-8f6d-de7f50d565b7Type : Role | Manage apps that this app creates or owns |
| 1cda74f2-2616-4834-b122-5cb1b07f8a59Type : Role | Read and write all applications |
| aaff0dfd-0295-48b6-a5cc-9f465bc87928Type : Role | Read and write domains |
| a42657d6-7f20-40e3-b6f0-cee03008a62aType : Scope | Access the directory as the signed-in user |
| 5778995a-e1bf-45b8-affa-663a9f3f4d04Type : Scope | Read directory data |
| 78c8a3c8-a07e-4b9e-af1b-b5ccab50a175Type : Scope | Read and write directory data |
| 970d6fa6-214a-4a9b-8513-08fad511e2fdtype: Scope | Read and write all groups |
| 6234d376-f627-4f0f-90e0-dff25c5211a3type: Scope | Read all groups |
| c582532d-9d9e-43bd-a97c-2667a28ce295type: Scope | Read all users' full profiles |
| cba73afc-7f69-4d86-8450-4978e04ecd1atype: Scope | Read all users' basic profiles |
| 311a71cc-e848-46a1-bdf8-97ff7156d8e6type: Scope | Sign in and read user profile |
| 2d05a661-f651-4d57-a595-489c91eda336type: Scope | Read hidden memberships |
Conclusion
If you have anymore issues in regards to this please file a support ticket and one of our support engineers will reach out to you to resolve the issue. Please include a fiddler trace of a repro of the issue occurring as well as a summary of the expected behavior versus the current behavior.