Find permissions for MS Graph using PowerShell

Get MS Graph permissions using PowerShell Find-MgGraphPermission

You can use the Find-MgGraphPermission PowerShell command to search for Graph permissions

# Find graph permissions for users
Find-MgGraphPermission user
 
# Find graph permissions for groups
Find-MgGraphPermission group
 
# Find graph permissions for applications
Find-MgGraphPermission application
 
# Get details for a specific permission
Find-MgGraphPermission user.read.all

The results show both delegate and application only permissions

Export Graph permissions to a file

A quick way to search for graph permissions is to export them to a text file

Find-MgGraphPermission user | fl > C:\temp\graph-user-permissions.txt

MS Graph Permission Examples

User.Read.All (Application)
Allows the app to read user profiles without a signed in user.

Group.Read.All (Application)
Allows the app to read group properties and memberships, and read the calendar and conversations for all groups, without a signed-in user.

References:
Using Find-MgGraphPermission cmdlet
https://learn.microsoft.com/en-us/powershell/microsoftgraph/find-mg-graph-permission