+description: "Remove an accessPackageResourceRoleScope from an accessPackage list of resource role scopes."

+Remove an [accessPackageResourceRoleScope](../resources/accesspackageresourcerolescope.md) from an [accessPackage](../resources/accesspackage.md) list of resource role scopes.

+> [!CAUTION]

+> The **filterByCurrentUser** function is on a deprecation path and exists only to support current customers. We don't recommend using this function.

+description: "Resume a user's access package request after waiting for a callback from a custom extension."

+Resume a user's access package request after waiting for a callback from a custom extension.

+In [Microsoft Entra entitlement management](../resources/entitlementmanagement-overview.md), when an access package policy has been enabled to call out a custom extension and the request processing is waiting for the callback from the customer, the customer can initiate a resume action. It's performed on an [accessPackageAssignmentRequest](../resources/accesspackageassignmentrequest.md) object whose **requestStatus** is in a `WaitingForCallback` state.

+> [!IMPORTANT]

+> App-only access can be authorized *without* granting the `EntitlementManagement.ReadWrite.All` application permission to the caller. Instead, assign the caller an [Entitlement Management role](/entr#example-4-create-a-role-assignment-with-access-package-catalog-scope) or [Delegate access governance to access package managers in entitlement management](/entra/id-governance/entitlement-management-delegate-managers#as-a-catalog-owner-delegate-to-an-access-package-manager).

+Get newly created, updated, or deleted **administrativeUnits** without having to perform a full read of the entire resource collection. For more information, see [Use delta query to track changes in Microsoft Graph data](/graph/delta-query-overview) for details.

+| Query parameter | Type |Description|

+> [!IMPORTANT]

+> To create a new group in an administrative unit, the calling principal must be assigned at least one of the following [Microsoft Entra roles](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) at the scope of the administrative unit:

+> - Groups Administrator

+> - User Administrator

+>

+> For app-only scenarios - apart from these roles, the service principal requires additional permissions to read the directory. These permissions can be granted via assignment of supported Microsoft Entra roles, such the Directory Readers role; or they can be granted via Microsoft Graph application permissions that allow reading the directory, such as *Directory.Read.All*.

+ Title: "Update administrativeUnit"

+# Update administrativeUnit

+| membershipRule | String | The dynamic membership rule for the administrative unit. For more information about the rules you can use for dynamic administrative units and dynamic groups, see [Manage rules for dynamic membership groups in Microsoft Entra ID](/entra/identity/users/groups-dynamic-membership).|

+| membershipRuleProcessingState | String | Controls whether the dynamic membership rule is actively processed. Set to `On` to activate the dynamic membership rule, or `Paused` to stop updating membership dynamically. |

+| membershipType | String | Indicates the membership type for the administrative unit. The possible values are: `dynamic`, `assigned`. If not set, the default value is `null` and the default behavior is assigned. |

+| visibility | String | The visibility of the administrative unit. If not set, the default value is `null` and the default behavior is public. It can be set to `HiddenMembership` to hide the membership from nonmembers. |

+The **administrativeUnit** resource supports [extensions](/graph/extensibility-overview), which allows you to use the `PATCH` operation to add, update, or delete your own app-specific data in custom properties of an extension in an existing **administrativeUnit** instance.

+The following example shows a request that sets a dynamic membership rule on an existing administrative unit to include all users whose country is the United States. It also updates the display name of the administrative unit.

+The following example shows the response.

+> **Note:** For delegated permissions to allow apps to get report settings on behalf of a user, the tenant administrator must have assigned the user the appropriate Microsoft Entra ID limited administrator role. For more information, see [Authorization for APIs to read Microsoft 365 usage reports](/graph/reportroot-authorization).

+## Optional query parameters

+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.

+> **Note:** For delegated permissions to allow apps to update report settings on behalf of a user, the tenant administrator must have assigned the user the appropriate Microsoft Entra ID limited administrator role. For more information, see [Authorization for APIs to read Microsoft 365 usage reports](/graph/reportroot-authorization).

+| displayConcealedNames | Boolean | If set to `true`, all reports conceal user information such as usernames, groups, and sites. If `false`, all reports show identifiable information. This property represents a setting in the Microsoft 365 admin center. Required. |

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following privileged roles are supported for this operation.

+> - Attribute Definition Reader

+> - Attribute Definition Administrator

+>

+> - By default, Global Administrator and other administrator roles do not have permissions to read, define, or assign custom security attributes.

+ "clientAppId": "6ed63604-0ba7-4a28-bb3a-dda03ea18d54",

+ "clientAppId": null,

+ "clientAppId": null,

+Get newly created, updated, or deleted applications without having to perform a full read of the entire resource collection. For more information, see [Use delta query to track changes in Microsoft Graph data](/graph/delta-query-overview) for details.

+ Title: "List owners of an application"

+description: "Retrieve a list of owners for an application."

+# List owners of an application

+Retrieve a list of owners for an application that are [directoryObject](../resources/directoryobject.md) types.

+This method supports the `$count`, `$expand`, `$filter`, `$orderby`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on directory objects](/graph/aad-advanced-queries).

+### Request

+The following example shows a request that uses the **appId** alternate key to query the owners of an application.

+GET https://graph.microsoft.com/beta/applications(appId='bbec3106-565f-4907-941e-96b4dbfef21c')/owners

+### Response

+The following example shows the response. It shows only the **id** property as populated while other properties as `null`. This is because the caller did not have permissions to read users in the tenant.

+>**Note:** The response object shown here might be shortened for readability.

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#directoryObjects",

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET applications(appId=<key>)/owners?$select=deletedDateTime",

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.user",

+ "id": "ce4770b3-70b2-4a38-a242-76631e9f7408",

+ "businessPhones": [],

+ "displayName": null,

+ "givenName": null,

+ "jobTitle": null,

+ "mail": null,

+ "mobilePhone": null,

+ "officeLocation": null,

+ "preferredLanguage": null,

+ "surname": null,

+ "userPrincipalName": null

+ },

+ {

+ "@odata.type": "#microsoft.graph.user",

+ "id": "858a9c90-38b3-4e78-b915-234aece712c4",

+ },

+ {

+ "@odata.type": "#microsoft.graph.user",

+ "id": "7585d967-f300-43de-b817-7119a6404c5e",

+ }

+ ]

+This API supports the following PSTN scenarios:

+ "isContentSharingNotificationEnabled": true,

+ "isDeltaRosterEnabled": true

+ "callOptions": {

+ "@odata.type": "#microsoft.graph.outgoingCallOptions",

+ "isContentSharingNotificationEnabled": true,

+ "isDeltaRosterEnabled": true

+ },

+|audiences|String collection|Required. The audience that can appear in the external token. This field is mandatory and should be set to `api://AzureADTokenExchange` for Microsoft Entra ID. It says what Microsoft identity platform should accept in the `aud` claim in the incoming token. This value represents Microsoft Entra ID in your external identity provider and has no fixed value across identity providers - you may need to create a new application registration in your identity provider to serve as the audience of this token. This field can only accept a single value and has a limit of 600 characters.|

+|issuer|String|Required. The URL of the external identity provider and must match the issuer claim of the external token being exchanged. The combination of the values of **issuer** and **subject** must be unique on the app. It has a limit of 600 characters.|

+|name|String|Required. The unique identifier for the federated identity credential, which has a limit of 120 characters and must be URL friendly. It is immutable once created.|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+For [non-gallery apps](/entra/identity/enterprise-apps/add-application-portal), use an application template with one of the following IDs to configure different single sign-on (SSO) modes like SAML SSO and password-based SSO.

+- Global service: `8adf8e6e-67b2-4cf2-a259-e3dc5476c621`

+- US government: `4602d0b4-76bb-404b-bca9-2652e1a39c6d`

+- China operated by 21Vianet: `5a532e38-1581-4918-9658-008dc27c1d68`

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+|serviceManagementReference|String|The service tree ID for this service. Optional.|

+The following example shows a request. The request URL specifies `8adf8e6e-67b2-4cf2-a259-e3dc5476c621` as the application template ID, which means that the request is instantiating a non-gallery app.

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+ ],

+ "applicationRestrictions": {

+ "identifierUris": {

+ "nonDefaultUriAddition": {

+ "restrictForAppsCreatedAfterDateTime": "2024-01-01T10:37:00Z",

+ "excludeAppsReceivingV2Tokens": true,

+ "excludeSaml": true

+ }

+ }

+ }

+ ],

+ "applicationRestrictions": {

+ "identifierUris": {

+ "nonDefaultUriAddition": {

+ "restrictForAppsCreatedAfterDateTime": "2024-01-01T10:37:00Z",

+ "excludeAppsReceivingV2Tokens": true,

+ "excludeSaml": true

+ }

+ }

+ }

+ ],

+ "applicationRestrictions": {

+ "identifierUris": {

+ "nonDefaultUriAddition": {

+ "restrictForAppsCreatedAfterDateTime": "2024-01-01T10:37:00Z",

+ "excludeAppsReceivingV2Tokens": true,

+ "excludeSaml": true

+ }

+ }

+ }

+### Other supported permissions

+The following higher privileged permissions are supported by each resource:

+- Groups:

+ - Delegated and application permissions: Directory.Read.All, AppRoleAssignment.ReadWrite.All, Directory.ReadWrite.All

+- Users:

+ - Delegated permissions: User.ReadBasic.All, Directory.Read.All, AppRoleAssignment.ReadWrite.All

+ - Application permissions: Directory.Read.All, AppRoleAssignment.ReadWrite.All

+- Service principals:

+ - Delegated permissions: Directory.Read.All, Application.ReadWrite.All, Directory.ReadWrite.All

+ - Application permissions: Application.ReadWrite.OwnedBy, Application.ReadWrite.All, Directory.ReadWrite.All

+<!-- { "blockType": "permissions", "name": "approvalitem_cancel" } -->

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalitem_get" } -->

+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+```msgraph-interactive

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalitem_list_requests" } -->

+This method supports the `$filter`, `$orderby`, `$count` and `$select` [OData query parameters](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalitem_list_responses" } -->

+This method supports the `$filter`, `$orderby`, `$count` and `$select` [OData query parameters](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+ "createdDateTime":"2022-04-12T20:51:19Z"

+ "createdDateTime":"2022-04-12T20:51:19Z"

+<!-- { "blockType": "permissions", "name": "approvalitem_post_responses" } -->

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalitemrequest_get" } -->

+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalitemresponse_get" } -->

+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvaloperation_get" } -->

+This method supports the `$filter`, `$orderby`, `$count` and `$select` [OData query parameters](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalsolution_get" } -->

+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalsolution_list_approvalitems" } -->

+This method supports the `$filter`, `$orderby`, `$top`, `$count`, and `$select` [OData query parameters](/graph/query-parameters) to help customize the response.

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalsolution_post_approvalitems" } -->

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "approvalsolution_provision" } -->

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+<!-- { "blockType": "permissions", "name": "authentication_post_fido2methods" } -->

+<!-- { "blockType": "permissions", "name": "authentication_update_2" } -->

+<!-- { "blockType": "permissions", "name": "authentication_update_3" } -->

+description: "Delete an authenticationEventListener object."

+Delete an [authenticationEventListener](../resources/authenticationeventlistener.md) object. The following derived types are currently supported.

+- [onTokenIssuanceStartListener resource type](../resources/ontokenissuancestartlistener.md) resource type

+- [onInteractiveAuthFlowStartListener resource type](../resources/oninteractiveauthflowstartlistener.md) resource type

+- [onAuthenticationMethodLoadStartListener resource type](../resources/onauthenticationmethodloadstartlistener.md) resource type

+- [onAttributeCollectionListener resource type](../resources/onattributecollectionlistener.md) resource type

+- [onUserCreateStartListener resource type](../resources/onusercreatestartlistener.md) resource type

+- [onAttributeCollectionStartListener](../resources/onattributecollectionstartlistener.md) resource type

+- [onAttributeCollectionSubmitListener](../resources/onattributecollectionsubmitlistener.md) resource type

+Read the properties and relationships of an [authenticationEventListener](../resources/authenticationeventlistener.md) object. The **@odata.type** property in the response object indicates the type of the authenticationEventListener object. The following derived types are currently supported.

+- [onTokenIssuanceStartListener resource type](../resources/ontokenissuancestartlistener.md) resource type

+- [onInteractiveAuthFlowStartListener resource type](../resources/oninteractiveauthflowstartlistener.md) resource type

+- [onAuthenticationMethodLoadStartListener resource type](../resources/onauthenticationmethodloadstartlistener.md) resource type

+- [onAttributeCollectionListener resource type](../resources/onattributecollectionlistener.md) resource type

+- [onUserCreateStartListener resource type](../resources/onusercreatestartlistener.md) resource type

+- [onAttributeCollectionStartListener](../resources/onattributecollectionstartlistener.md) resource type

+- [onAttributeCollectionSubmitListener](../resources/onattributecollectionsubmitlistener.md) resource type

+Update the properties of an [authenticationEventListener](../resources/authenticationeventlistener.md) object. You must specify the **@odata.type** property and the value of the [authenticationEventListener](../resources/authenticationeventlistener.md) object type to update. The following derived types are currently supported.

+- [onTokenIssuanceStartListener resource type](../resources/ontokenissuancestartlistener.md) resource type

+- [onInteractiveAuthFlowStartListener resource type](../resources/oninteractiveauthflowstartlistener.md) resource type

+- [onAuthenticationMethodLoadStartListener resource type](../resources/onauthenticationmethodloadstartlistener.md) resource type

+- [onAttributeCollectionListener resource type](../resources/onattributecollectionlistener.md) resource type

+- [onUserCreateStartListener resource type](../resources/onusercreatestartlistener.md) resource type

+- [onAttributeCollectionStartListener](../resources/onattributecollectionstartlistener.md) resource type

+- [onAttributeCollectionSubmitListener](../resources/onattributecollectionsubmitlistener.md) resource type

+### Example 1: Update an authentication event listener's trigger conditions or priority

+#### Request

+The following example shows a request to update an authentication event listener's trigger conditions or priority.

+#### Response

+### Example 2: Add an application to an authentication event listener's trigger conditions

+#### Request

+The following example shows a request to add an application to an authentication event listener's trigger conditions.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "update_authenticationeventlistener_2"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/identity/authenticationEventListeners/0313cc37-d421-421d-857b-87804d61e33e/conditions/applications/includeApplications

+Content-Type: application/json

+{

+ "@odata.type": "#microsoft.graph.authenticationConditionApplication",

+ "appId": "63856651-13d9-4784-9abf-20758d509e19"

+}

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response to a request to add an application to an authentication event listener's trigger conditions:

+<!-- {

+ "blockType": "response",

+ "@odata.type": "microsoft.graph.authenticationConditionApplication",

+ "truncated": true,

+}

+-->

+``` http

+HTTP/1.1 201 Created

+Content-Type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/authenticationEventListeners('0313cc37-d421-421d-857b-87804d61e33e')/conditions/applications/includeApplications/$entity",

+ "appId": "63856651-13d9-4784-9abf-20758d509e19"

+}

+```

+Update the properties of an [authenticationEventsFlow](../resources/authenticationeventsflow.md) object by ID. You must specify the **@odata.type** property and the value of the [authenticationEventsFlow](../resources/authenticationeventsflow.md) object type to update. The following derived subtypes are supported:

+- [externalUsersSelfServiceSignupEventsFlow](../resources/externalusersselfservicesignupeventsflow.md)

+|onAttributeCollection|[onAttributeCollectionHandler](../resources/onattributecollectionhandler.md)|The configuration for what to invoke for the onAttributeCollection event. <br/><br/><li> You can only update this property if it was configured during user flow creation. If it wasn't, call the [Add attributes to a user flow](../api/onattributecollectionexternalusersselfservicesignup-post-attributes.md) API first. </li><li> You can't add or remove attributes by updating the **attributeCollectionPage** > **views** > **inputs** and **attributes** objects. Use the [Add attribute to user flow](../api/onattributecollectionexternalusersselfservicesignup-post-attributes.md) or [Remove attribute from user flow](../api/onattributecollectionexternalusersselfservicesignup-post-attributes.md) APIs instead to update both objects.</li><li> To update the **attributeCollectionPage** > **views** > **inputs** collection, you must include all objects in the collection, not only the changed objects. <li> The order of objects in the **attributeCollectionPage** > **views** > **inputs** collection corresponds to the order in which the attributes are displayed on the app's sign-up UI. |

+The following example shows a request that updates the display name of a specific external identities user flow, as well as the priority for all the listeners associated with the policy.

+### Example 2: Update the page layout of a self-service sign up user flow

+The following request updates the configuration of some of the attributes. All the attributes are marked as required; the email attribute is marked as hidden; the input type of the custom attribute is also updated to a radio button with two options.

+ "required": true,

+ "required": true,

+ "attribute": "extension_331d514c0c18477583ea7dd5a79feda2_RockorCountry",

+ "label": "Rock music or Country",

+ "inputType": "radioSingleSelect",

+ "required": true,

+ "options": [

+ {

+ "label": "Rock music",

+ "value": "Rock"

+ },

+ {

+ "label": "Country music",

+ "value": "Country"

+ }

+ ]

+If the caller provided a password in the request body, this method returns a `202 Accepted` response code and no response body. The response might also include a **Location** header with a URL to check the status of the [reset operation](longrunningoperation-get.md).

+If the caller used the system-generated password option, this method returns a `202 Accepted` response code and a [passwordResetResponse](../resources/passwordresetresponse.md) object in the response body which contains a Microsoft-generated password. The response might also include a **Location** header with a URL to check the status of the [reset operation](longrunningoperation-get.md).

+ "truncated": true

+ "@odata.type": "microsoft.graph.passwordResetResponse"

+description: "Get a list of the drive protection units that are associated with a OneDrive for work or school protection policy."

+GET /solutions/backupRestore/protectionUnits/microsoft.graph.driveProtectionUnit

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+GET /solutions/backupRestore/protectionUnits/microsoft.graph.driveProtectionUnit

+ "@odata.nextLink": "https://graph.microsoft.com/betB8MTYxNjk2NDUwOTgzMg%3d%3d",

+### Example 2: List the driveProtectionUnits associated with a OneDrive for work or school protection policy

+GET /solutions/backupRestore/protectionUnits/microsoft.graph.mailboxProtectionUnit

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+GET https://graph.microsoft.com/beta/solutions/backupRestore/protectionUnits/microsoft.graph.mailboxProtectionUnit

+ "@odata.nextLink": "https://graph.microsoft.com/betB8MTYxNjk2NDUwOTgzMg%3d%3d",

+description: "Get a list of restorePoint objects and their properties."

+Get a list of [restorePoint](../resources/restorepoint.md) objects and their properties.

+> **Note:** This API returns a maximum of five **restorePoint** objects. If you don't include the `orderBy` parameter, the five most recent restore points are returned.

+This method supports the `$expand`, `$filter` and `orderBy` [OData query parameters](/graph/query-parameters), as shown in the [example](../api/backuprestoreroot-list-restorepoints.md#request) later in this topic.

+The `$expand` and `$filter` query parameters are required.

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+GET /solutions/backupRestore/protectionUnits/microsoft.graph.siteProtectionUnit

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+GET https://graph.microsoft.com/beta/solutions/backupRestore/protectionUnits/microsoft.graph.siteProtectionUnit

+ "@odata.nextLink": "https://graph.microsoft.com/betB8MTYxNjk2NDUwOTgzMg%3d%3d",

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+For a list of possible error responses, see [Backup Storage API error responses](/graph/backup-storage-error-codes).

+> [!IMPORTANT]

+> For delegated permissions, the calling user must be the registered owner of the device that the BitLocker recovery key was originally backed up from, or they must be assigned a supported [Microsoft Entra roles](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json).The following least privileged roles are supported for this operation.

+>

+> - Cloud device administrator

+> - Helpdesk administrator

+> - Intune service administrator

+> - Security administrator

+> - Security reader

+> - Global reader

+> [!IMPORTANT]

+> For delegated permissions, the calling user must be the registered owner of the device that the BitLocker recovery key was originally backed up from, or they must be assigned a supported [Microsoft Entra roles](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json).The following least privileged roles are supported for this operation.

+>

+> - Cloud device administrator

+> - Helpdesk administrator

+> - Intune service administrator

+> - Security administrator

+> - Security reader

+> - Global reader

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| If-Match | Last known ETag value for the **businessScenarioTask** to be updated. Required.|

+If-Match: W/"JzEtVGFzayAgQEBAQEBAQEBAQEBAQEBAWCc="

+| If-Match | Last known ETag value for the **businessScenarioTask** to be updated. Required.|

+If-Match: W/"JzEtVGFzayAgQEBAQEBAQEBAQEBAQEBAWCc="

+ Title: "calendar: permanentDelete"

+description: "Permanently delete a calendar folder and the events that it contains and remove them from the mailbox."

+ms.localizationpriority: high

+# calendar: permanentDelete

+Namespace: microsoft.graph

+Permanently delete a calendar folder and the events that it contains and remove them from the mailbox. For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+>**Note:** Folders aren't placed in the Purges folder when they are permanently deleted. Permanently deleted folders are removed from the mailbox.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "calendar_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/calendar/permanentDelete

+POST /groups/{groupsId}/calendar/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "calendarthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/calendar/permanentDelete

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+Enable a bot to answer an incoming [call](../resources/call.md). The incoming call request can be an invitation from a participant in a group call or a peer-to-peer call. If an invitation to a group call is received, the notification contains the [chatInfo](../resources/chatinfo.md) and [meetingInfo](../resources/meetinginfo.md) parameters.

+This API supports the following PSTN scenarios:

+ "isContentSharingNotificationEnabled": true,

+ "isDeltaRosterEnabled": true

+Delta query supports both full synchronization that gets all the recordings for online meetings organized by the user, and incremental synchronization that gets recordings added since the last synchronization. Typically, you do an initial full synchronization, and then get incremental changes to that recording view periodically.

+A GET request with the delta function returns one of the following:

+- An **@odata.nextLink** that contains a URL with a **delta** function call and a `skipToken`.

+- An **@odata.deltaLink** that contains a URL with a **delta** function call and a `deltaToken`.

+State tokens are opaque to the client. To proceed with a round of change tracking, copy and apply the **@odata.nextLink** or **@odata.deltaLink** URL returned from the last GET request to the next **delta** function call for that same recording view. An **@odata.deltaLink** returned in a response signifies that the current round of change tracking is complete. You can save and use the **@odata.deltaLink** URL when you start the next round of synchronization to get the new recordings added after you acquire **@odata.deltaLink**.

+- [Using the `$top` query parameter might not return the **@odata.nextLink**](https://developer.microsoft.com/en-us/graph/known-issues/?search=22931).

+>**Note:** The request fails if you don't pass the function parameter **meetingOrganizerUserId**.

+Tracking changes in call recordings incurs a round of one or more **delta** function calls. If you use any query parameter (other than `$deltaToken` and `$skipToken`), you must specify it in the initial **delta** request. Microsoft Graph automatically encodes any specified parameters into the token portion of the **@odata.nextLink** or **@odata.deltaLink** URL provided in the response.

+In subsequent requests, copy and apply the **@odata.nextLink** or **@odata.deltaLink** URL from the previous response, as that URL already includes the encoded parameters.

+| `$deltaToken` | String | A [state token](/graph/delta-query-overview) returned in the **@odata.deltaLink** URL of the previous **delta** function call that indicates the completion of that round of change tracking. Save and apply the entire **@odata.deltaLink** URL including this token in the first request of the next round of change tracking for that collection.|

+| `$skipToken` | String | A [state token](/graph/delta-query-overview) returned in the **@odata.nextLink** URL of the previous **delta** function call that indicates that there are further changes to be tracked. |

+| `$top` | Integer | Allows the caller to specify the maximum number of objects per page. |

+If successful, this method returns a `200 OK` response code and a collection of [callRecording](../resources/callrecording.md) objects in the response body. The response also includes an **@odata.nextLink** URL or an **@odata.deltaLink** URL.

+- Step 2: [second request](#second-request) and [response](#second-response).

+See also what you do in the [next round to get more recordings](#example-2-next-round-to-get-more-recordings).

+In this example, the call recordings synchronize for the first time and the initial sync request doesn't include any state token. This round returns all recordings available at the time.

+The response includes two call recordings and an **@odata.nextLink** response header with a `skipToken`. The **@odata.nextLink** URL indicates that more call recordings are available to retrieve.

+ "@odata.type": "Collection(microsoft.graph.callRecording)"

+The second request specifies the **@odata.nextLink** URL returned from the previous response. Notice that it no longer has to specify the same query parameters as in the initial request, as the `skipToken` in the **@odata.nextLink** URL encodes and includes them.

+The second response returns one or more next call recordings and an **@odata.nextLink** property with a `skipToken` that indicates that more recordings are available.

+ "@odata.type": "Collection(microsoft.graph.callRecording)"

+The third request continues to use the latest **@odata.nextLink** returned from the last sync request.

+GET https://graph.microsoft.com/beta/users/8b081ef6-4792-4def-b2c9-c363a1bf41d5/onlineMeetings/getAllRecordings(meetingOrganizerUserId='8b081ef6-4792-4def-b2c9-c363a1bf41d5')/delta?skipToken={skipToken2}

+The third response returns the only remaining recordings and an **@odata.deltaLink** property with a `deltaToken` that indicates that all recordings are returned. Save and use the **@odata.deltaLink** URL to query for any new recording that is added from this point onwards.

+ "@odata.type": "Collection(microsoft.graph.callRecording)"

+Using the **@odata.deltaLink** from the last request in the last round, you can get only those recordings added since the **@odata.deltaLink** was acquired.

+GET https://graph.microsoft.com/beta/users/8b081ef6-4792-4def-b2c9-c363a1bf41d5/onlineMeetings/getAllRecordings(meetingOrganizerUserId='8b081ef6-4792-4def-b2c9-c363a1bf41d5')/delta?skipToken={deltaToken1}

+ "@odata.type": "Collection(microsoft.graph.callRecording)"

+Get a log of PSTN calls as a collection of [pstnCallLogRow](../resources/callrecords-pstncalllogrow.md) entries.

+> [!NOTE]

+> This API doesn't return information for **Telstra** or **Softbank** calling plans.

+The following example shows how to get a collection of records for PSTN calls that occurred in the specified date range. The response includes `"@odata.count": 1000` to enumerate the number of records in this first response, and `@odata.nextLink` to get records beyond the first 1,000. For readability, the response shows only a collection of one record. Assume there are more than 1,000 calls in that date range.

+- [Get log of Direct Routing calls](callrecords-callrecord-getdirectroutingcalls.md)

+Delta query supports both full synchronization that gets all the transcripts for online meetings organized by the user, and incremental synchronization that gets transcripts added since the last synchronization. Typically, you do an initial full synchronization, and then get incremental changes to that transcript view periodically.

+A GET request with the delta function returns one of the following:

+- An **@odata.nextLink** that contains a URL with a **delta** function call and a `skipToken`.

+- An **@odata.deltaLink** that contains a URL with a **delta** function call and a `deltaToken`.

+State tokens are opaque to the client. To proceed with a round of change tracking, copy and apply the **@odata.nextLink** or **@odata.deltaLink** URL returned from the last GET request to the next **delta** function call for that same transcript view. An **@odata.deltaLink** returned in a response signifies that the current round of change tracking is complete. You can save and use the **@odata.deltaLink** URL when you start the next round of synchronization to get the new transcripts added after you acquire **@odata.deltaLink**.

+- [Using the `$top` query parameter might not return the **@odata.nextLink**](https://developer.microsoft.com/en-us/graph/known-issues/?search=22931).

+>**Note:** The request fails if you don't pass the function parameter **meetingOrganizerUserId**.

+Tracking changes in call transcripts incurs a round of one or more **delta** function calls. If you use any query parameter (other than `$deltaToken` and `$skipToken`), you must specify it in the initial **delta** request. Microsoft Graph automatically encodes any specified parameters into the token portion of the **@odata.nextLink** or **@odata.deltaLink** URL provided in the response.

+In subsequent requests, copy and apply the **@odata.nextLink** or **@odata.deltaLink** URL from the previous response, as that URL already includes the encoded parameters.

+| `$deltaToken` | String | A [state token](/graph/delta-query-overview) returned in the **@odata.deltaLink** URL of the previous **delta** function call that indicates the completion of that round of change tracking. Save and apply the entire **@odata.deltaLink** URL including this token in the first request of the next round of change tracking for that collection.|

+| `$skipToken` | String | A [state token](/graph/delta-query-overview) returned in the **@odata.nextLink** URL of the previous **delta** function call that indicates that there are further changes to be tracked. |

+| `$top` | Integer | Allows the caller to specify the maximum number of objects per page. |

+If successful, this method returns a `200 OK` response code and a collection of [callTranscript](../resources/calltranscript.md) objects in the response body. The response also includes an **@odata.nextLink** URL or an **@odata.deltaLink** URL.

+- Step 2: [second request](#second-request) and [response](#second-response).

+See also what you do in the [next round to get more transcripts](#example-2-next-round-to-get-more-transcripts).

+In this example, the call transcripts synchronize for the first time and the initial sync request doesn't include any state token. This round returns all transcripts available at the time.

+The response includes two call transcripts and an **@odata.nextLink** response header with a `skipToken`. The **@odata.nextLink** URL indicates that more call transcripts are available to retrieve.

+ "@odata.type": "Collection(microsoft.graph.callTranscript)"

+The second request specifies the **@odata.nextLink** URL returned from the previous response. Notice that it no longer has to specify the same query parameters as in the initial request, as the `skipToken` in the **@odata.nextLink** URL encodes and includes them.

+The second response returns one or more next call transcripts and an **@odata.nextLink** property with a `skipToken` that indicates that more transcripts are available.

+ "@odata.type": "Collection(microsoft.graph.callTranscript)"

+The third request continues to use the latest **@odata.nextLink** returned from the last sync request.

+GET https://graph.microsoft.com/beta/users/8b081ef6-4792-4def-b2c9-c363a1bf41d5/onlineMeetings/getAllTranscripts(meetingOrganizerUserId='8b081ef6-4792-4def-b2c9-c363a1bf41d5')/delta?skipToken={skipToken2}

+The third response returns the only remaining transcripts and an **@odata.deltaLink** property with a `deltaToken` that indicates that all transcripts are returned. Save and use the **@odata.deltaLink** URL to query for any new transcript that is added from this point onwards.

+ "@odata.type": "Collection(microsoft.graph.callTranscript)"

+Using the **@odata.deltaLink** from the last request in the last round, you can get only those transcripts added since the **@odata.deltaLink** was acquired.

+GET https://graph.microsoft.com/beta/users/8b081ef6-4792-4def-b2c9-c363a1bf41d5/onlineMeetings/getAllTranscripts(meetingOrganizerUserId='8b081ef6-4792-4def-b2c9-c363a1bf41d5')/delta?skipToken={deltaToken1}

+ "@odata.type": "Collection(microsoft.graph.callTranscript)"

+# [HTTP](#tab/http)

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+|trustedCertificateAuthorities |[certificateAuthorityAsEntity](../resources/certificateauthorityasentity.md)|Multi-value property that represents a list of trusted certificate authorities. At least one trusted certificate authority must be provided when you create a certificate-based application configuration. |

+> Only a single instance of a **certificateBasedAuthConfiguration** can be created (the collection can only have one member). It always has a fixed ID with a value of `29728ade-6ae4-4ee9-9103-412912537da5`.

+This API supports admin permissions. Microsoft Teams service admins can access teams that they aren't a member of.

+This API supports admin permissions. Microsoft Teams service admins can access teams that they aren't a member of.

+This API supports admin permissions. Microsoft Teams service admins can access teams that they aren't a member of.

+description: "Get all retained messages across all channels in a team."

+Get all retained [messages](../resources/chatmessage.md) across all [channels](../resources/channel.md) in a [team](../resources/team.md).

+> - The `ChannelMessage.Read.Group` permission uses [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).

+> - The `Group.Read.All` and `Group.ReadWrite.All` permissions are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.

+If successful, this method returns a `200 OK` response code and a collection of [chatMessage](../resources/chatmessage.md) objects in the response body. The channel messages in the response are sorted by the last modified date of the entire reply chain, including both the root channel message and its replies.

+The response includes replies of that channel message. In practice, this operation can return up to 1,000 replies of a channel message, and includes a URL in `replies@odata.nextLink` to get any further replies beyond the page size of 1,000. This example assumes more than 1,000 replies in that channel message, but for readability, the following response shows only three replies.

+This API supports admin permissions. Microsoft Teams service admins can access teams that they aren't a member of.

+This API supports admin permissions. Microsoft Teams service admins can access teams that they aren't a member of.

+This API supports admin permissions. Microsoft Teams service admins can access teams that they aren't a member of.

+This API supports admin permissions. Microsoft Teams service admins can access teams that they aren't a member of.

+This API supports admin permissions. Microsoft Teams service admins can access teams that they aren't a member of.

+description: "Get all retained messages from all chats that a user is a participant in, including one-on-one chats, group chats, and meeting chats."

+Get all retained [messages](../resources/chatmessage.md) from all [chats](../resources/chat.md) that a user is a participant in, including one-on-one chats, group chats, and meeting chats.

+|Get messages sent by user identity type |$filter=from/user/userIdentityType eq '{teamworkUserIdentityType}' |`aadUser`, `onPremiseAadUser`, `anonymousGuest`, `federatedUser`, `personalMicrosoftAccountUser`, `skypeUser`, `phoneUser`|

+|Get messages sent by application type |$filter=from/application/applicationIdentityType eq '{teamworkApplicationIdentity}' |`aadApplication`, `bot`, `tenantBot`, `office365Connector`, `outgoingWebhook` |

+description: "Get the list of messages from all chats in which a user is a participant, including one-on-one chats, group chats, and meeting chats."

+Get the list of [messages](../resources/chatmessage.md) from all [chats](../resources/chat.md) in which a user is a participant, including one-on-one chats, group chats, and meeting chats. When you use delta query, you can obtain new or updated messages.

+> **Note:** Delta only returns messages within the last eight months. You can use [GET /users/{id | user-principal-name}/chats/getAllMessages](chats-getallmessages.md) to retrieve older messages.

+Delta query supports both full synchronization that gets all the messages from all chats in which a user is a participant, and incremental synchronization that gets messages added or changed since the last synchronization. Typically, you do an initial full synchronization, and then get incremental changes to that messages view periodically.

+To get the replies for a message, use the [list message replies](chatmessage-list-replies.md) or the [get message reply](chatmessage-get.md) operations.

+A GET request with the delta function returns one of the following:

+- An **@odata.nextLink** that contains a URL with a **delta** function call and a `skipToken`.

+- An **@odata.deltaLink** that contains a URL with a **delta** function call and a `deltaToken`.

+State tokens are opaque to the client. To proceed with a round of change tracking, copy and apply the **@odata.nextLink** or **@odata.deltaLink** URL returned from the last GET request to the next **delta** function call. An **@odata.deltaLink** returned in a response signifies that the current round of change tracking is complete. You can save and use the **@odata.deltaLink** URL when you begin to retrieve more changes (messages changed or posted after you acquire **@odata.deltaLink**).

+GET /users/{id | user-principal-name}/chats/getAllMessages/delta

+Tracking changes in messages incurs a round of one or more **delta** function calls. If you use any query parameter (other than `$deltatoken` and `$skiptoken`), you must specify it in the initial **delta** request. Microsoft Graph automatically encodes any specified parameters into the token portion of the **@odata.nextLink** or **@odata.deltaLink** URL provided in the response.

+You only need to specify query parameters once.

+In subsequent requests, copy and apply the **@odata.nextLink** or **@odata.deltaLink** URL from the previous response, as that URL already includes the encoded parameters.

+| `$deltatoken` | String | A [state token](/graph/delta-query-overview) returned in the **@odata.deltaLink** URL of the previous **delta** function call that indicates that the completion of that round of change tracking. Save and apply the entire **@odata.deltaLink** URL including this token in the first request of the next iteration of change tracking for that collection.|

+| `$skiptoken` | String | A [state token](/graph/delta-query-overview) returned in the **@odata.nextLink** URL of the previous **delta** function call that indicates that further changes are available to be tracked. |

+This API supports the following [OData query parameters](/graph/query-parameters):

+- `$top` represents the maximum number of messages to fetch in a call. The upper limit is `50`.

+- `$filter` returns messages that meet a certain criteria. The only property that supports filters is **lastModifiedDateTime**`, and only the `gt` operator is supported. For example, `../messages/delta?$filter=lastModifiedDateTime gt 2024-08-27T07:13:28.000z` fetches any message created or changed after the specified date and time.

+If successful, this method returns a `200 OK` response code and a collection of [chatMessage](../resources/chatmessage.md) objects in the response body. The response also includes an **@odata.nextLink** URL or an **@odata.deltaLink** URL.

+The following example shows a series of three requests to synchronize the messages. The response consists of three messages:

+For brevity, the sample responses show only a subset of the properties for a message. In an actual call, most message properties are returned.

+See also what you can do in the [next round to get more messages](#example-2-the-next-round-to-get-more-messages).

+In this example, the chat messages synchronize for the first time and the initial sync request doesn't include any state token.

+The request specifies the optional `$top` query parameter that returns two messages at a time.

+ "name": "get_chatmessagedeltachats_1"

+GET https://graph.microsoft.com/beta/users/5ed12dd6-24f8-4777-be3d-0d234e06cefa/chats/getAllMessages/delta?$top=2

+The response includes two messages and an **@odata.nextLink** response header with a `skipToken`. The **@odata.nextLink** URL indicates that more messages in the chats are available to retrieve.

+ "@odata.type": "Collection(microsoft.graph.chatMessage)"

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.chatMessage)",

+ "@odata.nextLink": "https://graph.microsoft.com/beta/users/5ed12dd6-24f8-4777-be3d-0d234e06cefa/chats/getAllMessages/delta?$skiptoken=a-5fqdzHFr_L_cc7C0q1F-HCB8Z9SjwOsMN37XV5yfSnYgK4jVGVGEl25GFlxKWq0Wv6quL-5qcNg4nUnxzof6namZ_DM5no-hcL515cSrRGDoRLn38fZE1AXoDugSTOohOq3YRCYLqJbFGIoovMPTar32oLuoltHixme-Bf1lZtscv1wv5uu-MtkpYZIT0uDw-umQUK7mLNjMcyhNaifDrdemGUDMaQ25_QuHukNbkXcxsKMJdJ288p9IkaSeEyJHX5a6T_kEdAmuffsdzOGY8mLbLc7VEsUL75rGdt2aiKkywaPHsT9bDGV7MBo7WM2g_kdPeLdRPSdSxxhkGpNA.y_WMscy7negz0HZPhgjH-YyzsdeXzr2UDSfNrdzC78A",

+ "value": [

+ {

+ "replyToId": null,

+ "etag": "1727366299993",

+ "messageType": "message",

+ "createdDateTime": "2024-09-26T15:58:19.993Z",

+ "lastModifiedDateTime": "2024-09-26T15:58:19.993Z",

+ "lastEditedDateTime": null,

+ "deletedDateTime": null,

+ "subject": "",

+ "summary": null,

+ "chatId": "19:65a44130a0f249359d77858287ed39f0@thread.v2",

+ "importance": "normal",

+ "locale": "en-us",

+ "webUrl": null,

+ "channelIdentity": null,

+ "policyViolation": null,

+ "eventDetail": null,

+ "id": "1727366299993",

+ "from": {

+ "application": null,

+ "device": null,

+ "user": {

+ "@odata.type": "#microsoft.graph.teamworkUserIdentity",

+ "id": "43383bf2-f7ab-4ba3-bf5e-12d071db189b",

+ "displayName": "CFCC5",

+ "userIdentityType": "aadUser",

+ "tenantId": "f54e6700-e876-410b-8996-d6447d64098a"

+ },

+ "body": {

+ "contentType": "html",

+ "content": "<div>\n<div itemprop=\"copy-paste-block\">reply 9&nbsp;to new conv</div>\n</div>"

+ },

+ "attachments": [],

+ "mentions": [],

+ "reactions": []

+ },

+ {

+ "replyToId": null,

+ "etag": "1727216579286",

+ "messageType": "message",

+ "createdDateTime": "2024-09-24T22:22:59.286Z",

+ "lastModifiedDateTime": "2024-09-24T22:22:59.286Z",

+ "lastEditedDateTime": null,

+ "deletedDateTime": null,

+ "subject": "",

+ "summary": null,

+ "chatId": "19:2a247d5dadc24f408d009e4ae84502cf@thread.v2",

+ "importance": "normal",

+ "locale": "en-us",

+ "webUrl": null,

+ "channelIdentity": null,

+ "policyViolation": null,

+ "eventDetail": null,

+ "id": "1727216579286",

+ "from": {

+ "application": null,

+ "device": null,

+ "user": {

+ "@odata.type": "#microsoft.graph.teamworkUserIdentity",

+ "id": "43383bf2-f7ab-4ba3-bf5e-12d071db189b",

+ "displayName": "CFCC5",

+ "userIdentityType": "aadUser",

+ "tenantId": "f54e6700-e876-410b-8996-d6447d64098a"

+ }

+ },

+ "body": {

+ "contentType": "html",

+ "content": "<div>\n<div itemprop=\"copy-paste-block\">reply 10 to new conv</div>\n</div>"

+ },

+ "attachments": [],

+ "mentions": [],

+ "reactions": []

+ }

+ ]

+The second request specifies the **@odata.nextLink** URL returned from the previous response. Notice that it no longer has to specify the same `$top` parameter as in the initial request, as the `skipToken` in the **@odata.nextLink** URL encodes and includes those parameters.

+ "name": "get_chatmessagedeltachats_2"

+GET https://graph.microsoft.com/beta/users/5ed12dd6-24f8-4777-be3d-0d234e06cefa/chats/getAllMessages/delta?&%24skiptoken=a-5fqdzHFr_L_cc7C0q1F-HCB8Z9SjwOsMN37XV5yfSnYgK4jVGVGEl25GFlxKWq0Wv6quL-5qcNg4nUnxzof6namZ_DM5no-hcL515cSrRGDoRLn38fZE1AXoDugSTOohOq3YRCYLqJbFGIoovMPTar32oLuoltHixme-Bf1lZtscv1wv5uu-MtkpYZIT0uDw-umQUK7mLNjMcyhNaifMIVTT-htmEOClLVwgcyWLR-sl9Qb73uTTtPXdFdMK6FDE4gpwvvKxvo2ChsW2c4eo77LDh6ZL_WQ8Luq00koQ6vHIrLBHPMUdOAxDxu-U7N7H4hsFn9aRDRdwRky7067A.V2a-J-86yXTd9SJMA4CHP6enI-Ab-bQzRgYujwsIwDo

+The second response returns the next two messages and an **@odata.nextLink** response header with a `skipToken` that indicates that more messages are available to retrieve.

+ "@odata.type": "Collection(microsoft.graph.chatMessage)"

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.chatMessage)",

+ "@odata.nextLink": "https://graph.microsoft.com/beta/users/5ed12dd6-24f8-4777-be3d-0d234e06cefa/chats/getAllMessages/delta?$skiptoken=yJQeoV00BlfhYsCMsrn1GnNz7v5S39NShp1U4rzLZnPsraIATwnnsvbdv52hvKp7AAG-Bcwdu7dA7UweXHvGYQ2M5eysh-cNz6EZICZp7kM9HtmQHu7JU-_sX5S1edvEQxyAgm1R2HXk4R9_TWn9ZAu1BRQ-elS9hg0f8BlwKLCIluuSPS2ZuNVnQTOOYMMpmzKGX4wVVQUv0UlrIFZIPWTeriNpg5sJFd91n2GHSMnS7WaRTh3NSmvJE08ww-2CjGml2RjPyHfLHSqywuNt5BGNVj_vqsLbjetdDIYZFa_yaQqV_Bp5DaWM_nXD8RjVULH7H4ATXoUiG3Etsd_Nhd_GIYoxV6x2_rmbh928WPGSsenCOa352tyFxmuyTH0ozDmU4onVbGnOBQEYJDKZjuIeNVW-E19VHthjZ9GvYGE.NHJkfAbRu3Qoozl699AinriiHvWofLVnWkB5wEJmZlk",

+ "value": [

+ {

+ "replyToId": null,

+ "etag": "1726706286844",

+ "messageType": "message",

+ "createdDateTime": "2024-09-19T00:38:06.844Z",

+ "lastModifiedDateTime": "2024-09-19T00:38:06.844Z",

+ "lastEditedDateTime": null,

+ "deletedDateTime": null,

+ "subject": "",

+ "summary": null,

+ "chatId": "19:65a44130a0f249359d77858287ed39f0@thread.v2",

+ "importance": "normal",

+ "locale": "en-us",

+ "webUrl": null,

+ "channelIdentity": null,

+ "policyViolation": null,

+ "eventDetail": null,

+ "id": "1726706286844",

+ "from": {

+ "application": null,

+ "device": null,

+ "user": {

+ "@odata.type": "#microsoft.graph.teamworkUserIdentity",

+ "id": "43383bf2-f7ab-4ba3-bf5e-12d071db189b",

+ "displayName": "CFCC5",

+ "userIdentityType": "aadUser",

+ "tenantId": "f54e6700-e876-410b-8996-d6447d64098a"

+ },

+ "body": {

+ "contentType": "html",

+ "content": "<p>Not one message, but several combined together to give you the full picture</p>"

+ },

+ "attachments": [],

+ "mentions": [],

+ "reactions": []

+ },

+ {

+ "replyToId": null,

+ "etag": "1726706276201",

+ "messageType": "message",

+ "createdDateTime": "2024-09-19T00:37:56.201Z",

+ "lastModifiedDateTime": "2024-09-19T00:37:56.201Z",

+ "lastEditedDateTime": null,

+ "deletedDateTime": null,

+ "subject": "",

+ "summary": null,

+ "chatId": "19:65a44130a0f249359d77858287ed39f0@thread.v2",

+ "importance": "normal",

+ "locale": "en-us",

+ "webUrl": null,

+ "channelIdentity": null,

+ "policyViolation": null,

+ "eventDetail": null,

+ "id": "1726706276201",

+ "from": {

+ "application": null,

+ "device": null,

+ "user": {

+ "@odata.type": "#microsoft.graph.teamworkUserIdentity",

+ "id": "43383bf2-f7ab-4ba3-bf5e-12d071db189b",

+ "displayName": "CFCC5",

+ "userIdentityType": "aadUser",

+ "tenantId": "f54e6700-e876-410b-8996-d6447d64098a"

+ }

+ },

+ "body": {

+ "contentType": "html",

+ "content": "<p>Dive into the possibilities of incorporating context into ML evaluations by looking at entire conversations</p>"

+ },

+ "attachments": [],

+ "mentions": [],

+ "reactions": []

+ }

+ ]

+The third request continues to use the latest **@odata.nextLink** returned from the last sync request.

+ "name": "get_chatmessagedeltachats_3"

+GET https://graph.microsoft.com/beta/users/5ed12dd6-24f8-4777-be3d-0d234e06cefa/chats/getAllMessages/delta?$skiptoken=8UusBixEHS9UUau6uGcryrA6FpnWwMJbuTYILM1PArHxnZzDVcsHQrijNzCyIVeEauMQsKUfMhNjLWFs1o4sBS_LofJ7xMftZUfec_pijuT6cAk5ugcWCca9RCjK7iVj.DKZ9w4bX9vCR7Sj9P0_qxjLAAPiEZgxlOxxmCLMzHJ4

+The third response returns the only remaining messages and an **@odata.deltaLink** response header with a `deltaToken` which indicates that all messages are returned. Save and use the **@odata.deltaLink** URL to query for any new messages added or changed from this point onwards.

+ "@odata.type": "Collection(microsoft.graph.chatMessage)"

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.chatMessage)",

+ "@odata.deltaLink": "https://graph.microsoft.com/betik_JIC44iCZpv-GLiA2VnFuE5yG-kCEBROb2iaPT_y_eMWVQtBO_ejzzyIxl00ji-tQ3HzAbW4liZAVG88lO3nG_6-MBFoHY1n8y21YUzjocG-Cn1tCNeeLPLTzIe5Dw.EP9gLiCoF2CE_e6l_m1bTk2aokD9KcgfgfcLGqd1r_4",

+ "value": [

+ {

+ "replyToId": null,

+ "etag": "1726706340932",

+ "messageType": "message",

+ "createdDateTime": "2024-09-19T00:39:00.932Z",

+ "lastModifiedDateTime": "2024-09-19T00:39:00.932Z",

+ "lastEditedDateTime": null,

+ "deletedDateTime": null,

+ "subject": "",

+ "summary": null,

+ "chatId": "19:65a44130a0f249359d77858287ed39f0@thread.v2",

+ "importance": "normal",

+ "locale": "en-us",

+ "webUrl": null,

+ "channelIdentity": null,

+ "policyViolation": null,

+ "eventDetail": null,

+ "id": "1726706340932",

+ "from": {

+ "application": null,

+ "device": null,

+ "user": {

+ "@odata.type": "#microsoft.graph.teamworkUserIdentity",

+ "id": "43383bf2-f7ab-4ba3-bf5e-12d071db189b",

+ "displayName": "CFCC5",

+ "userIdentityType": "aadUser",

+ "tenantId": "f54e6700-e876-410b-8996-d6447d64098a"

+ },

+ "body": {

+ "contentType": "html",

+ "content": "<p>let's get started!</p>"

+ },

+ "attachments": [],

+ "mentions": [],

+ "reactions": []

+ }

+ ]

+### Example 2: The next round to get more messages

+Using the **@odata.deltaLink** from the last request in the last round, you can get only those messages that changed (added or updated) since the **@odata.deltaLink** was acquired. Your request should look like the following, assuming you want to keep the same maximum page size in the response.

+The following example shows a request.

+ "name": "get_chatmessagedeltachats_4"

+GET https://graph.microsoft.com/betik_JIC44iCZpv-GLiA2VnFuE5yG-kCEBROb2iaPT_y_eMWVQtBO_ejzzyIxl00ji-tQ3HzAbW4liZAVG88lO3nG_6-MBFoHY1n8y21YUzjocG-Cn1tCNeeLPLTzIe5Dw.EP9gLiCoF2CE_e6l_m1bTk2aokD9KcgfgfcLGqd1r_4

+The following example shows the response.

+ "@odata.type": "Collection(microsoft.graph.chatMessage)"

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(chatMessage)",

+ "@odata.deltaLink": "https://graph.microsoft.com/betik_JIC44iCZpv-GLiA2VnFuE5yG-kCEBROb2iaPT_yjz2nsMoh1gXNtXii7s78HapCi5woifXqwXlVNxICh8wUUnvE2gExsa8eZ2Vy_ch5rVIhm067_1mUPML3iYUVyg.3o0rhgaBUduuxOr98An5pjBDP5JjKUiVWku3flSiOsk",

+ "value": [

+ {

+ "replyToId": null,

+ "etag": "1727366299999",

+ "messageType": "message",

+ "createdDateTime": "2024-09-26T15:58:19.993Z",

+ "lastModifiedDateTime": "2024-09-26T17:58:19.993Z",

+ "lastEditedDateTime": null,

+ "deletedDateTime": null,

+ "subject": "",

+ "summary": null,

+ "chatId": "19:65a44130a0f249359d77858287ed39f0@thread.v2",

+ "importance": "normal",

+ "locale": "en-us",

+ "webUrl": null,

+ "channelIdentity": null,

+ "policyViolation": null,

+ "eventDetail": null,

+ "id": "1727366299999",

+ "from": {

+ "application": null,

+ "device": null,

+ "user": {

+ "@odata.type": "#microsoft.graph.teamworkUserIdentity",

+ "id": "43383bf2-f7ab-4ba3-bf5e-12d071db189b",

+ "displayName": "CFCC5",

+ "userIdentityType": "aadUser",

+ "tenantId": "f54e6700-e876-410b-8996-d6447d64098a"

+ },

+ "body": {

+ "contentType": "html",

+ "content": "newly added content"

+ },

+ "attachments": [],

+ "mentions": [],

+ "reactions": []

+ }

+ ]

+ "description": "Chat messages: delta",

+ "content": "<p>I am looking&nbsp;<emoji id=\"1f440_eyes\" alt=\"👀\" title=\"Eyes\"></emoji><customemoji id=\"dGVzdHNjOzAtd3VzLWQyLTdiNWRkZGQ2ZGVjMDNkYzIwNTgxY2NkYTE1MmEyZTM4\" alt=\"microsoft_teams\" source=\"https://graph.microsoft.com/beta/chats/19:bcf84b15c2994a909770f7d05bc4fe16@thread.v2/messages/1706638496169/hostedContents/aWQ9LHR5cGU9MSx1cmw9aHR0cHM6Ly91cy1jYW5hcnkuYXN5bmNndy50ZWFtcy5taWNyb3NvZnQuY29tL3YxL29iamVjdHMvMC13dXMtZDItN2I1ZGRkZDZkZWMwM2RjMjA1ODFjY2RhMTUyYTJlMzgvdmlld3MvaW1ndDJfYW5pbQ==/$value\"></customemoji></p>"

+ "displayName": "Hundred points",

+ "displayName": "microsoft_teams",

+### Example 5: Get a chat message with an @mention for everyone

+The following example shows a request to get a chat message that @mentions everyone in a group chat.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "get_chatmessage_5",

+ "sampleKeys": ["19:80a7ff67c0ef43c19d88a7638be436b1@thread.v2", "1725986575123"]

+}-->

+```msgraph-interactive

+GET https://graph.microsoft.com/beta/chats/19:80a7ff67c0ef43c19d88a7638be436b1@thread.v2/messages/1725986575123

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response. The message body contains an @mention for everyone in a group chat that is represented by the `<at></at>` tag. The **conversationIdentityType** property is set to `chat` in the **conversation** identity of the **mentioned** object.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.chatMessage"

+} -->

+```http

+HTTP/1.1 200 OK

+Content-type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#chats('19%3A80a7ff67c0ef43c19d88a7638be436b1%40thread.v2')/messages/$entity",

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET chats('<key>')/messages('<key>')?$select=attachments,body",

+ "id": "1725986575123",

+ "replyToId": null,

+ "etag": "1725986575123",

+ "messageType": "message",

+ "createdDateTime": "2024-09-10T16:42:55.123Z",

+ "lastModifiedDateTime": "2024-09-10T16:42:55.123Z",

+ "lastEditedDateTime": null,

+ "deletedDateTime": null,

+ "subject": null,

+ "summary": null,

+ "chatId": "19:80a7ff67c0ef43c19d88a7638be436b1@thread.v2",

+ "importance": "normal",

+ "locale": "en-us",

+ "webUrl": null,

+ "channelIdentity": null,

+ "onBehalfOf": null,

+ "policyViolation": null,

+ "eventDetail": null,

+ "from": {

+ "application": null,

+ "device": null,

+ "user": {

+ "@odata.type": "#microsoft.graph.teamworkUserIdentity",

+ "id": "28c10244-4bad-4fda-993c-f332faef94f0",

+ "displayName": "Adele Vance",

+ "userIdentityType": "aadUser",

+ "tenantId": "2432b57b-0abd-43db-aa7b-16eadd115d34"

+ }

+ },

+ "body": {

+ "contentType": "html",

+ "content": "<p>Hi&nbsp;<at id=\"0\">Everyone</at></p>"

+ },

+ "attachments": [],

+ "mentions": [

+ {

+ "id": 0,

+ "mentionText": "Everyone",

+ "mentioned": {

+ "application": null,

+ "device": null,

+ "user": null,

+ "tag": null,

+ "conversation": {

+ "id": "19:80a7ff67c0ef43c19d88a7638be436b1@thread.v2",

+ "displayName": "Everyone",

+ "conversationIdentityType": "chat"

+ }

+ }

+ }

+ ],

+ "reactions": []

+}

+```

+### Example 6: Get a chat message with a forwarded message

+The following example shows a request that gets a chat message with a forwarded message as an attachment.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "get_chatmessage_6",

+ "sampleKeys": ["19:e2ed97baac8e4bffbb91299a38996790@thread.v2", "1727903166936"]

+}-->

+```msgraph-interactive

+GET https://graph.microsoft.com/beta/chats/19:e2ed97baac8e4bffbb91299a38996790@thread.v2/messages/1727903166936

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response. The message body contains a forwarded message as an attachment. The **contentType** for the forwarded message is identified as `forwardedMessageReference`. The original message that was forwarded is also available in the attachment **content**.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.chatMessage"

+} -->

+```http

+HTTP/1.1 200 OK

+Content-type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#chats('19%3Ae2ed97baac8e4bffbb91299a38996790%40thread.v2')/messages/$entity",

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET chats('<key>')/messages('<key>')?$select=attachments,body",

+ "id": "1727903166936",

+ "replyToId": null,

+ "etag": "1727903166936",

+ "messageType": "message",

+ "createdDateTime": "2024-10-02T21:06:06.936Z",

+ "lastModifiedDateTime": "2024-10-02T21:06:06.936Z",

+ "lastEditedDateTime": null,

+ "deletedDateTime": null,

+ "subject": null,

+ "summary": null,

+ "chatId": "19:e2ed97baac8e4bffbb91299a38996790@thread.v2",

+ "importance": "normal",

+ "locale": "en-us",

+ "webUrl": null,

+ "channelIdentity": null,

+ "onBehalfOf": null,

+ "policyViolation": null,

+ "eventDetail": null,

+ "from": {

+ "application": null,

+ "device": null,

+ "user": {

+ "@odata.type": "#microsoft.graph.teamworkUserIdentity",

+ "id": "28c10244-4bad-4fda-993c-f332faef94f0",

+ "displayName": null,

+ "userIdentityType": "aadUser",

+ "tenantId": "2432b57b-0abd-43db-aa7b-16eadd115d34"

+ }

+ },

+ "body": {

+ "contentType": "html",

+ "content": "<attachment id=\"1727881360458\"></attachment>"

+ },

+ "attachments": [

+ {

+ "id": "1727881360458",

+ "contentType": "forwardedMessageReference",

+ "contentUrl": null,

+ "content": "{\"originalMessageId\":\"1727881360458\",\"originalMessageContent\":\"\\n<p>hello</p>\\n\",\"originalConversationId\":\"19:97641583cf154265a237da28ebbde27a@thread.v2\",\"originalSentDateTime\":\"2024-10-02T15:02:40.458+00:00\",\"originalMessageSender\":{\"application\":null,\"device\":null,\"user\":{\"userIdentityType\":\"aadUser\",\"tenantId\":\"2432b57b-0abd-43db-aa7b-16eadd115d34\",\"id\":\"28c10244-4bad-4fda-993c-f332faef94f0\",\"displayName\":null}}}",

+ "name": null,

+ "thumbnailUrl": null,

+ "teamsAppId": null

+ }

+ ],

+ "mentions": [],

+ "reactions": []

+}

+```

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+ Title: "List usageRights for group"

+description: "Get a list of the usageRight objects granted to a group."

+ms.localizationpriority: medium

+# List usageRights for group

+Namespace: microsoft.graph.cloudLicensing

+Get a list of the [usageRight](../resources/cloudlicensing-usageright.md) objects granted to a group.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "cloudlicensing_groupcloudlicensing_list_usagerights" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /groups/{groupId}/cloudLicensing/usageRights

+```

+## Optional query parameters

+This method supports the `$select` and `$filter` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+The following examples show how to get usage rights information for groups based on specific filters:

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /groups/0003985b-dfc1-4f42-97d4-65f70a335ca8/cloudLicensing/usageRights?$filter=skuId eq 639dec6b-bb19-468b-871c-c5c441c4b0cb

+GET /groups/0003985b-dfc1-4f42-97d4-65f70a335ca8/cloudLicensing/usageRights?$filter=skuId in (639dec6b-bb19-468b-871c-c5c441c4b0cb, a403ebcc-fae0-4ca2-8c8c-7a907fd6c235)

+GET /groups/0003985b-dfc1-4f42-97d4-65f70a335ca8/cloudLicensing/usageRights?$filter=services/any(c:c/planId eq 113feb6c-3fe4-4440-bddc-54d774bf0318)

+GET /groups/0003985b-dfc1-4f42-97d4-65f70a335ca8/cloudLicensing/usageRights?$filter=services/any(c:c/planId in (113feb6c-3fe4-4440-bddc-54d774bf0318, 2049e525-b859-401b-b2a0-e0a31c4b1fe4))

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.cloudLicensing.usageRight](../resources/cloudlicensing-usageright.md) objects in the response body.

+## Examples

+### Example 1: Get all usage rights for a group

+The following example shows how to get all usage rights granted to a group.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "cloudlicensing-groupusageright-list-example-1"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/groups/0003985b-dfc1-4f42-97d4-65f70a335ca8/cloudLicensing/usageRights

+```

+# [JavaScript](#tab/javascript)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.cloudLicensing.usageRight)"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.cloudLicensing.usageRight",

+ "id": "1e373a1d-1f05-28cf-bfc0-ee0ecfd3db15",

+ "skuId": "639dec6b-bb19-468b-871c-c5c441c4b0cb",

+ "skuPartNumber": "Microsoft_365_Copilot",

+ "services": [

+ {

+ "@odata.type": "microsoft.graph.cloudLicensing.service",

+ "assignableTo": "user,group",

+ "planId": "fe6c28b3-d468-44ea-bbd0-a10a5167435c",

+ "planName": "COPILOT_STUDIO_IN_COPILOT_FOR_M365"

+ }

+ ]

+ }

+ ]

+}

+```

+### Example 2: Get all usage rights for a group with a specific service plan

+The following example shows how to get all usage rights granted to a group for a specific service plan.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "cloudlicensing-groupusageright-list-example-2"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/groups/0003985b-dfc1-4f42-97d4-65f70a335ca8/cloudLicensing/usageRights?$filter=services/any(c:c/planId eq 113feb6c-3fe4-4440-bddc-54d774bf0318)

+```

+# [JavaScript](#tab/javascript)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.cloudLicensing.usageRight)"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.cloudLicensing.usageRight",

+ "id": "5bbc716a-f73f-4cc1-bf16-53d38b407b8f",

+ "skuId": "75398b2a-b060-4057-9ae2-9eb00ef68579",

+ "skuPartNumber": "Copilot_Pro",

+ "services": [

+ {

+ "@odata.type": "microsoft.graph.cloudLicensing.service",

+ "assignableTo": "group",

+ "planId": "113feb6c-3fe4-4440-bddc-54d774bf0318",

+ "planName": "EXCHANGE_S_FOUNDATION"

+ }

+ ]

+ }

+ ]

+}

+```

+ Title: "Get usageRight"

+description: "Get the properties and relationships of a usageRight for a user or group."

+ms.localizationpriority: medium

+# Get usageRight

+Namespace: microsoft.graph.cloudLicensing

+Get the properties and relationships of a [usageRight](../resources/cloudlicensing-usageright.md) for a [user](../resources/user.md) or [group](../resources/group.md).

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+Permissions to get a **usageRight** for a user:

+<!-- { "blockType": "ignored"} -->

+``` http

+GET /me/cloudLicensing/usageRights/{usageRightId}

+GET /users/{userId}/cloudLicensing/usageRights/{usageRightId}

+```

+<!-- { "blockType": "permissions", "name": "cloudlicensing_usageright_get" } -->

+Permissions to get a **usageRight** for a group:

+<!-- { "blockType": "ignored"} -->

+``` http

+GET /groups/{groupId}/cloudLicensing/usageRights/{usageRightId}

+```

+<!-- { "blockType": "permissions", "name": "cloudlicensing_usageright_get", "requestUrls": "GET /groups/{groupId}/cloudLicensing/usageRights/{usageRightId}" } -->

+|Permission type|Least privileged permissions|Higher privileged permissions|

+|:|:|:|

+|Delegated (work or school account)|Group-UsageRight.Read.All|Directory.Read.All, Directory.ReadWrite.All, Group-CloudLicensing.Read, Group-CloudLicensing.Read.All, Group.Read.All, Group.ReadWrite.All, User.Read.All, User.ReadWrite.All|

+|Delegated (personal Microsoft account)|Not supported.|Not supported.|

+|Application|Group-UsageRight.Read.All|Directory.Read.All, Directory.ReadWrite.All, Group-CloudLicensing.Read.All, Group.Read.All, Group.ReadWrite.All, User.Read.All, User.ReadWrite.All|

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /groups/{groupId}/cloudLicensing/usageRights/{usageRightId}

+GET /me/cloudLicensing/usageRights/{usageRightId}

+GET /users/{userId}/cloudLicensing/usageRights/{usageRightId}

+```

+## Optional query parameters

+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a [microsoft.graph.cloudLicensing.usageRight](../resources/cloudlicensing-usageright.md) object in the response body.

+## Examples

+### Example 1: Get a usageRight for a user

+The following example shows how to get a usage right for a user.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "cloudlicensing-usageright-get-example",

+ "sampleKeys": ["48fbdf70-9e09-40df-9dbe-17af483ab113","i6sq63x2vd3esbkifv7m42xdaugc6lfpqf3ozgvdlvk3ttnamby3"]

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/users/48fbdf70-9e09-40df-9dbe-17af483ab113/cloudLicensing/usageRights/i6sq63x2vd3esbkifv7m42xdaugc6lfpqf3ozgvdlvk3ttnamby3

+```

+# [JavaScript](#tab/javascript)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.cloudLicensing.usageRight"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "@odata.type": "#microsoft.graph.cloudLicensing.usageRight",

+ "id": "i6sq63x2vd3esbkifv7m42xdaugc6lfpqf3ozgvdlvk3ttnamby3",

+ "skuId": "639dec6b-bb19-468b-871c-c5c441c4b0cb",

+ "skuPartNumber": "Microsoft_365_Copilot",

+ "services": [

+ {

+ "@odata.type": "microsoft.graph.cloudLicensing.service",

+ "assignableTo": "user,group",

+ "planId": "fe6c28b3-d468-44ea-bbd0-a10a5167435c",

+ "planName": "COPILOT_STUDIO_IN_COPILOT_FOR_M365"

+ }

+ ]

+}

+```

+### Example 2: Get a usageRight for a group

+The following example shows how to get a usage right for a group.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "cloudlicensing-usageright-get-2-example",

+ "sampleKeys": ["1003985b-dfc1-4f42-97d4-65f70a335ca8","j6sq63x2vd3esbkifv7m42xdaugc6lfpqf3ozgvdlvk3ttnamby4"]

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/groups/1003985b-dfc1-4f42-97d4-65f70a335ca8/cloudLicensing/usageRights/j6sq63x2vd3esbkifv7m42xdaugc6lfpqf3ozgvdlvk3ttnamby4

+```

+# [JavaScript](#tab/javascript)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.cloudLicensing.usageRight"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "@odata.type": "#microsoft.graph.cloudLicensing.usageRight",

+ "id": "j6sq63x2vd3esbkifv7m42xdaugc6lfpqf3ozgvdlvk3ttnamby4",

+ "skuId": "639dec6b-bb19-468b-871c-c5c441c4b0cb",

+ "skuPartNumber": "Microsoft_365_Copilot",

+ "services": [

+ {

+ "@odata.type": "microsoft.graph.cloudLicensing.service",

+ "assignableTo": "user,group",

+ "planId": "fe6c28b3-d468-44ea-bbd0-a10a5167435c",

+ "planName": "COPILOT_STUDIO_IN_COPILOT_FOR_M365"

+ }

+ ]

+}

+```

+ Title: "List usageRights for user"

+description: "Get a list of the usageRight objects granted to a user."

+ms.localizationpriority: medium

+# List usageRights for user

+Namespace: microsoft.graph.cloudLicensing

+Get a list of the [usageRight](../resources/cloudlicensing-usageright.md) objects granted to a user. This API returns details about licenses that are directly assigned to a user and those licenses transitively assigned through membership in licensed groups.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "cloudlicensing_usercloudlicensing_list_usagerights" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /me/cloudLicensing/usageRights

+GET /users/{userId}/cloudLicensing/usageRights

+```

+## Optional query parameters

+This method supports the `$select` and `$filter` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+The following examples show how to get usage rights information for users based on specific filters:

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /users/48fbdf70-9e09-40df-9dbe-17af483ab113/cloudLicensing/usageRights?$filter=skuId eq 639dec6b-bb19-468b-871c-c5c441c4b0cb

+GET /users/48fbdf70-9e09-40df-9dbe-17af483ab113/cloudLicensing/usageRights?$filter=skuId in (639dec6b-bb19-468b-871c-c5c441c4b0cb, a403ebcc-fae0-4ca2-8c8c-7a907fd6c235)

+GET /users/48fbdf70-9e09-40df-9dbe-17af483ab113/cloudLicensing/usageRights?$filter=services/any(c:c/planId eq 113feb6c-3fe4-4440-bddc-54d774bf0318)

+GET /users/48fbdf70-9e09-40df-9dbe-17af483ab113/cloudLicensing/usageRights?$filter=services/any(c:c/planId in (113feb6c-3fe4-4440-bddc-54d774bf0318, 2049e525-b859-401b-b2a0-e0a31c4b1fe4))

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a collection of [microsoft.graph.cloudLicensing.usageRight](../resources/usageright.md) objects in the response body.

+## Examples

+### Example 1: Get all usage rights for a user

+The following example shows how to get all usage rights granted to a user.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "cloudlicensing-userusageright-list-example-1"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/users/48fbdf70-9e09-40df-9dbe-17af483ab113/cloudLicensing/usageRights

+```

+# [JavaScript](#tab/javascript)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.cloudLicensing.usageRight)"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.cloudLicensing.usageRight",

+ "id": "1e373a1d-1f05-28cf-bfc0-ee0ecfd3db15",

+ "skuId": "639dec6b-bb19-468b-871c-c5c441c4b0cb",

+ "skuPartNumber": "Microsoft_365_Copilot",

+ "services": [

+ {

+ "@odata.type": "microsoft.graph.cloudLicensing.service",

+ "assignableTo": "user,group",

+ "planId": "fe6c28b3-d468-44ea-bbd0-a10a5167435c",

+ "planName": "COPILOT_STUDIO_IN_COPILOT_FOR_M365"

+ }

+ ]

+ }

+ ]

+}

+```

+### Example 2: Get all usage rights for a user with a specific service plan

+The following example shows how to get all usage rights granted to a user for a specific service plan.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "cloudlicensing-userusageright-list-example-2"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/users/48fbdf70-9e09-40df-9dbe-17af483ab113/cloudLicensing/usageRights?$filter=services/any(c:c/planId eq 113feb6c-3fe4-4440-bddc-54d774bf0318)

+```

+# [JavaScript](#tab/javascript)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.cloudLicensing.usageRight)"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.cloudLicensing.usageRight",

+ "id": "5bbc716a-f73f-4cc1-bf16-53d38b407b8f",

+ "skuId": "75398b2a-b060-4057-9ae2-9eb00ef68579",

+ "skuPartNumber": "Copilot_Pro",

+ "services": [

+ {

+ "@odata.type": "microsoft.graph.cloudLicensing.service",

+ "assignableTo": "user",

+ "planId": "113feb6c-3fe4-4440-bddc-54d774bf0318",

+ "planName": "EXCHANGE_S_FOUNDATION"

+ }

+ ]

+ }

+ ]

+}

+```

+ "value": "active"

+ "value": "active"

+## Optional query parameters

+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response. You can use `$select` to get specific properties, including those properties that aren't returned by default.

+### Example 1: Get all provisioned Cloud PCs and their default properties

+The following example shows how to get all provisioned Cloud PCs and their default properties.

+#### Request

+ "name": "cloudpc.getProvisionedCloudPCs_1"

+#### Response

+The following example shows the response. It includes only the default properties.

+> **Note:** The response object shown here might be shortened for readability. All the default properties are returned in an actual call.

+ "name": "cloudpc.getProvisionedCloudPCs_1",

+ "provisioningPolicyName": "Test-Policy"

+ "provisioningPolicyName": "Test-Policy"

+### Example 2: Get all provisioned Cloud PCs and specific properties

+The following example shows how to get all provisioned Cloud PCs and use `$select` to get specific properties, including those properties that aren't returned by default.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "cloudpc.getProvisionedCloudPCs_2"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/cloudPCs/getProvisionedCloudPCs(groupId='30d0e128-de93-41dc-89ec-33d84bb662a0',servicePlanId='9ecf691d-8b82-46cb-b254-cd061b2c02fb')?$select=id,displayName,powerState,connectivityResult,lastLoginResult,lastRemoteActionResult,osVersion,provisioningPolicyName,userAccountType

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "@odata.type": "Collection(microsoft.graph.cloudPC)",

+ "name": "cloudpc.getProvisionedCloudPCs_2",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.cloudPC",

+ "id": "662009bc-7732-4f6f-8726-25883518b33e",

+ "displayName": "Demo-0",

+ "powerState": "running",

+ "connectivityResult": "",

+ "lastLoginResult": "2020-07-23T10:29:57Z",

+ "lastRemoteActionResult": "Succeed",

+ "osVersion": null,

+ "provisioningPolicyName": "Test-Policy",

+ "userAccountType": null

+ },

+ {

+ "@odata.type": "#microsoft.graph.cloudPC",

+ "id": "ac74ae8b-85f7-4272-88cc-5419267403ed",

+ "displayName": "Demo-1",

+ "powerState": "running",

+ "connectivityResult": "",

+ "lastLoginResult": "2020-07-23T10:29:57Z",

+ "lastRemoteActionResult": "Succeed",

+ "osVersion": null,

+ "provisioningPolicyName": "Test-Policy",

+ "userAccountType": null

+ }

+ ]

+}

+```

+# [PowerShell](#tab/powershell)

+ Title: "cloudPC: retrieveSnapshots"

+description: "List all snapshots of a Cloud PC."

+ms.localizationpriority: medium

+# cloudPC: retrieveSnapshots

+Namespace: microsoft.graph

+List all [cloudPcSnapshot](../resources/cloudpcsnapshot.md) resources for a Cloud PC.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "cloudpc_retrievesnapshots" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /cloudPCs/{cloudPCId}/retrieveSnapshots

+```

+## Request headers

+|Name |Description |

+|:- |: |

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a list of [cloudPcSnapshot](../resources/cloudpcsnapshot.md) object in the response body.

+## Examples

+### Request

+The following example shows a request.

+<!-- {

+ "blockType": "request",

+ "name": "cloudpc.retrieveSnapshots"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/cloudPCs/b0a9cde2-e170-4dd9-97c3-ad1d3328a711/retrieveSnapshots

+```

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.cloudPcSnapshot)"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.cloudPcSnapshot)",

+ "value": [

+ {

+ "id": "CPC_d4cfdeb2-d409-4e97-87ce-618b704d75f1_d95c0bde-485d-400e-9bef-083905e1b768",

+ "cloudPcId": "d8b39ec3-03c9-457f-824e-25f48197cec6",

+ "status": "ready",

+ "createdDateTime": "2024-08-19T14:05:17.2480723Z",

+ "lastRestoredDateTime": null,

+ "snapshotType": "automatic",

+ "expirationDateTime": null

+ },

+ {

+ "id": "CPC_d4cfdeb2-d409-4e97-87ce-618b704d75f1_423e5d9d-06e0-4b3b-8f0c-80f5a5215a10",

+ "cloudPcId": "d8b39ec3-03c9-457f-824e-25f48197cec6",

+ "status": "ready",

+ "createdDateTime": "2024-08-19T02:05:15.624315Z",

+ "lastRestoredDateTime": null,

+ "snapshotType": "automatic",

+ "expirationDateTime": null

+ }

+ ]

+}

+```

+ "errorCode": null,

+ "osVersionNumber": "10.0.22631.3593"

+ "expirationDate": "2022-11-10",

+ "osVersionNumber": "10.0.18363.720"

+ "autopilotConfiguration": {

+ "devicePreparationProfileId": "59e5d3d2-ec68-4bfe-9693-27975b318990",

+ "applicationTimeoutInMinutes": 60,

+ "onFailureDeviceAccessDenied": false

+ },

+ "autopilotConfiguration": {

+ "devicePreparationProfileId": "59e5d3d2-ec68-4bfe-9693-27975b318990",

+ "applicationTimeoutInMinutes": 60,

+ "onFailureDeviceAccessDenied": false

+ },

+|autopilotConfiguration|[cloudPcAutopilotConfiguration](../resources/cloudpcautopilotconfiguration.md)|The specific settings for Windows Autopilot that enable Windows 365 customers to experience it on Cloud PC.|

+PATCH https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/provisioningPolicies/1d164206-bf41-4fd2-8424-a3192d39ffff

+ },

+ "autopilotConfiguration": {

+ "devicePreparationProfileId": "59e5d3d2-ec68-4bfe-9693-27975b318990",

+ "applicationTimeoutInMinutes": 30,

+ "onFailureDeviceAccessDenied": false

+ "truncated": true

+ Title: "cloudPcReports: getConnectionQualityReports (deprecated)"

+# cloudPcReports: getConnectionQualityReports (deprecated)

+>[!CAUTION]

+> This API is deprecated and will stop returning data on December 31, 2024. Going forward, use the [retrieveConnectionQualityReports](cloudpcreports-retrieveconnectionqualityreports.md) API.

+|reportName|cloudPcReportName|The report name. The possible values are: `remoteConnectionHistoricalReports`, `dailyAggregatedRemoteConnectionReports`, `totalAggregatedRemoteConnectionReports`, `sharedUseLicenseUsageReport`, `sharedUseLicenseUsageRealTimeReport`, `unknownFutureValue`, `noLicenseAvailableConnectivityFailureReport`, `frontlineLicenseUsageReport`, `frontlineLicenseUsageRealTimeReport`, `remoteConnectionQualityReports`, `inaccessibleCloudPcReports`, `crossRegionDisasterRecoveryReport`, `regionalConnectionQualityTrendReport`, `regionalConnectionQualityInsightsReport`, `remoteConnectionQualityReport`. You must use the `Prefer: include-unknown-enum-members` request header to get the following values in this [evolvable enum](/graph/best-practices-concept#handling-future-members-in-evolvable-enumerations): `noLicenseAvailableConnectivityFailureReport`, `frontlineLicenseUsageReport`, `frontlineLicenseUsageRealTimeReport`, `remoteConnectionQualityReports`, `inaccessibleCloudPcReports`, `crossRegionDisasterRecoveryReport`.|

+ Title: "cloudPcReports: retrieveBulkActionStatusReport"

+description: "Get the bulk remote action status reports, including data such as the bulk action ID, bulk action display name, initiating user's principal name, action type, and action state."

+ms.localizationpriority: medium

+# cloudPcReports: retrieveBulkActionStatusReport

+Namespace: microsoft.graph

+Get the bulk remote action status report, including data such as the bulk action ID, bulk action display name, initiating user's principal name, action type, and action state.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "cloudpcreports_retrieveBulkActionStatusReport" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /deviceManagement/virtualEndpoint/reports/retrieveBulkActionStatusReport

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+|Content-Type|application/json. Required.|

+## Request body

+In the request body, supply a JSON representation of the parameters.

+The following table shows the parameters that can be used with this method.

+| Parameter | Type | Description |

+|:-|:|:-|

+| filter | String | OData `$filter` syntax. Supported filters are: `and`, `or`, `gt` ,`ge`, and `eq`. |

+| groupBy | String collection | Specifies how to group the reports. If used, must have the same content as the **select** parameter. |

+| orderBy | String collection | Specifies the order by columns name. The default **orderBy** column is `RequestDateTime`. |

+| search | String | Specifies a string to search for. |

+| select | String collection | OData `$select` syntax. The selected columns of the reports. |

+| skip | Int32 | Number of records to skip. |

+| top | Int32 | The number of top records to return. If not specified, the default limit is 25, with a maximum of 100. |

+## Response

+If successful, this method returns a `200 OK` response code and a stream object in the response body.

+## Examples

+### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "cloudpcreports.retrieveBulkActionStatusReport"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/reports/retrieveBulkActionStatusReport

+Content-Type: application/octet-stream

+{

+ "filter": "RequestDateTime ge datetime'2024-08-30'",

+ "select": [

+ "BulkActionId",

+ "BulkActionDisplayName",

+ "Action",

+ "BulkActionStatus",

+ "InitiatedByUserPrincipalName",

+ "RequestDateTime",

+ "SucceedCount",

+ "FailedCount",

+ "InprogressCount",

+ "TotalCount",

+ "Completion"

+ ],

+ "skip": 0,

+ "top": 50

+}

+```

+# [JavaScript](#tab/javascript)

+### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Edm.Stream"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/octet-stream

+{

+ "TotalRowCount": 1,

+ "Schema": [

+ {

+ "Column": "BulkActionId",

+ "PropertyType": "String"

+ },

+ {

+ "Column": "BulkActionDisplayName",

+ "PropertyType": "String"

+ },

+ {

+ "Column": "Action",

+ "PropertyType": "String"

+ },

+ {

+ "Column": "BulkActionStatus",

+ "PropertyType": "String"

+ },

+ {

+ "Column": "RequestDateTime",

+ "PropertyType": "DateTime"

+ },

+ {

+ "Column": "SucceedCount",

+ "PropertyType": "Int64"

+ },

+ {

+ "Column": "FailedCount",

+ "PropertyType": "Int64"

+ },

+ {

+ "Column": "InprogressCount",

+ "PropertyType": "Int64"

+ },

+ {

+ "Column": "TotalCount",

+ "PropertyType": "Int64"

+ }

+ ],

+ "Values": [

+ [

+ "63792ef5-db62-437f-8d7e-7b3b695abb48",

+ "BulkRestart on 2024-8-22 17:26:52 GMT+0800 (China Standard Time)",

+ "Restart",

+ "",

+ "2024-08-22T09:26:54",

+ 1,

+ 0,

+ 0,

+ 1

+ ]

+ ]

+}

+```

+ Title: "cloudPcReports: retrieveConnectionQualityReports"

+description: "Get the overall connection quality reports for all devices in the current tenant, the regional connection quality trend report, and the regional connection quality insight report, including round trip time, available bandwidth, UPD usage, and drop connections."

+ms.localizationpriority: medium

+# cloudPcReports: retrieveConnectionQualityReports

+Namespace: microsoft.graph

+Get the overall connection quality reports for all devices in the current tenant. This includes the regional connection quality trend report, and the regional connection quality insight report, including round trip time, available bandwidth, UPD usage, and drop connections.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "cloudpcreports_retrieveconnectionqualityreports" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /deviceManagement/virtualEndpoint/reports/retrieveConnectionQualityReports

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+|Content-Type|application/json. Required.|

+## Request body

+In the request body, supply a JSON representation of the parameters.

+The following table shows the parameters that can be used with this action.

+|Parameter|Type|Description|

+|:|:|:|

+|filter|String|OData `$filter` syntax. Supported filters include: `and`, `or`, `lt`, `le`, `gt`, `ge`, and `eq`.|

+|groupBy|String collection|Specifies how to group the reports. If used, must have the same contents as the **select** parameter.|

+|orderBy|String collection|Specifies how to sort the reports.|

+|search|String|Specifies a String to search.|

+|select|String collection|OData `$select` syntax. The selected columns of the reports. |

+|skip|Int32|The number of records to skip.|

+|top|Int32|The number of top records to return.|

+## Response

+If successful, this action returns a `200 OK` response code and a Stream in the response body.

+## Examples

+### Request

+The following example shows a request.

+``` http

+POST https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/reports/retrieveConnectionQualityReports

+Content-Type: application/json

+Content-length: 200

+{

+ "reportName":"regionalConnectionQualityTrendReport",

+ "filter": "",

+ "select": ["GatewayRegion", "RoundTripTimeTrend", "AvailableBandwidthTrend", "UDPUtilizationTrend", "DroppedConnectionTrend", "WeeklyAvgRoundTripTimeInMs", "DailyAvgRoundTripTimeInMs", "WeeklyAvailableBandwidthInMBps", "DailyAvailableBandwidthInMBps", "WeeklyUdpUtilization", "DailyWeeklyUdpUtilization", "WeeklyDroppedConnectionsCount", "DailyDroppedConnectionsCount"],

+ "search": "",

+ "skip": 0,

+ "top": 50

+}

+```

+### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Edm.Stream"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Type: application/octet-stream

+{

+ "TotalRowCount": 2,

+ "Schema": [

+ {

+ "Column": "GatewayRegion",

+ "PropertyType": "String"

+ },

+ {

+ "Column": "RoundTripTimeTrend",

+ "PropertyType": "String"

+ },

+ {

+ "Column": "AvailableBandwidthTrend",

+ "PropertyType": "String"

+ },

+ {

+ "Column": "UDPUtilizationTrend",

+ "PropertyType": "String"

+ },

+ {

+ "Column": "DroppedConnectionTrend",

+ "PropertyType": "String"

+ },

+ {

+ "Column": "WeeklyAvgRoundTripTimeInMs",

+ "PropertyType": "Double"

+ },

+ {

+ "Column": "DailyAvgRoundTripTimeInMs",

+ "PropertyType": "Double"

+ },

+ {

+ "Column": "WeeklyAvailableBandwidthInMBps",

+ "PropertyType": "Double"

+ },

+ {

+ "Column": "DailyAvailableBandwidthInMBps",

+ "PropertyType": "Double"

+ },

+ {

+ "Column": "WeeklyUdpUtilization",

+ "PropertyType": "Double"

+ },

+ {

+ "Column": "DailyWeeklyUdpUtilization",

+ "PropertyType": "Double"

+ },

+ {

+ "Column": "WeeklyDroppedConnectionsCount",

+ "PropertyType": "Int32"

+ },

+ {

+ "Column": "DailyDroppedConnectionsCount",

+ "PropertyType": "Int32"

+ }

+ ],

+ "Values" :[

+ ["Japan East", "Increasing", "Decreasing", "Static", "Decreasing", "296.25", "350.50", "3.1", "2,1", "51.2", "47.8", "19", "29"],

+ ["Southeast Asia", "Decreasing", "Static", "Increasing", "Increasing", "337.14", "299.50", "1.7", "2,2", "33.5", "67.8", "17", "16"],

+ ]

+}

+```

+description: "Delete a Viva Engage community along with all associated Microsoft 365 content, including the connected Microsoft 365 group, OneNote notebook, and Planner plans."

+ Title: "contact: permanentDelete"

+description: "Permanently delete a contact and place it in the Purges folder in the user's mailbox."

+ms.localizationpriority: high

+# contact: permanentDelete

+Namespace: microsoft.graph

+Permanently delete a contact and place it in the Purges folder in the dumpster in the user's mailbox. Email clients such as Outlook or Outlook on the web can't access permanently deleted items. Unless there's a hold set on the mailbox, the items are permanently deleted after a set period of time.

+For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "contact_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/contacts/{contactId}/permanentDelete

+POST /users/{usersId}/contactFolders/{contactFolderId}/contacts/{contactId}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "contactthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/contacts/{contactId}/permanentDelete

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+ Title: "contactFolder: permanentDelete"

+description: "Permanently delete a contact folder and remove its items from the user's mailbox."

+ms.localizationpriority: high

+# contactFolder: permanentDelete

+Namespace: microsoft.graph

+Permanently delete a contact folder and remove its items from the user's mailbox. For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+>**Note:** Folders aren't placed in the Purges folder when they are permanently deleted. Permanently deleted folders are removed from the mailbox.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "contactfolder_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/contactFolders/{contactFolderId}/permanentDelete

+POST /users/{usersId}/contactFolders/{contactFolderId}/childFolders/{contactFolderId}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "contactfolderthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/contactFolders/{contactFolderId}/permanentDelete

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+# [PowerShell](#tab/powershell)

+> [!IMPORTANT]

+>

+> In delegated scenarios with work or school accounts, the signed-in user be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. *Directory Readers* is the only least privileged role supported for this operation.

+> [!IMPORTANT]

+>

+> In delegated scenarios with work or school accounts, the signed-in user be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. *Directory Readers* is the only least privileged role supported for this operation.

+ Title: "conversationMember: remove"

+description: "Remove members in bulk from a team."

+ms.localizationpriority: high

+# conversationMember: remove

+Namespace: microsoft.graph

+Remove multiple members from a [team](../resources/team.md) in a single request. The response provides details about which memberships could and couldn't be removed.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "conversationmember_remove" } -->

+## HTTP request

+This is a bound action to remove multiple elements from a [conversationMember](../resources/conversationmember.md) collection in a single request.

+<!-- { "blockType": "ignored" } -->

+```http

+POST /teams/{team-id}/members/remove

+```

+## Request headers

+| Header | Value |

+| : | : |

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Content-Type | application/json. Required. |

+## Request body

+In the request body, supply the JSON representation of the list of **conversationMember** derivatives to be removed from a team. A maximum of 20 **conversationMember** derivatives can be removed in a single request.

+The following table shows the parameter that you can use with this method.

+|Parameter|Type|Description|

+|:|:|:|

+|values|[conversationMember](../resources/conversationmember.md) collection|A list of conversation members that should be removed.|

+## Response

+If successful, this method returns either a `204 No Content` response if all specified members were successfully removed from the team or a `207 Multi-Status` response if only some members were removed. The caller should inspect the response payload to identify which member removals failed. The response body contains a collection of derivatives of the [actionResultPart](../resources/actionresultpart.md) resource. If the request fails, the API returns an error. For more information about Microsoft Graph errors, see [Microsoft Graph error responses and resource types](/graph/errors).

+## Examples

+### Example 1: Remove members in bulk from a team

+The following example shows how to remove multiple members from a **team** in a single request.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "bulkremovemembers_team"

+}-->

+```http

+POST https://graph.microsoft.com/beta/teams/e4183b04-c9a2-417c-bde4-70e3ee46a6dc/members/remove

+Content-Type: application/json

+{

+ "values": [

+ {

+ "@odata.type": "microsoft.graph.aadUserConversationMember",

+ "user@odata.bind": "https://graph.microsoft.com/beta/users('18a80140-b0fb-4489-b360-2f6efaf225a0')"

+ },

+ {

+ "@odata.type": "microsoft.graph.aadUserConversationMember",

+ "user@odata.bind": "https://graph.microsoft.com/beta/users('86503198-b81b-43fe-81ee-ad45b8848ac9')"

+ }

+ ]

+}

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": false

+} -->

+```http

+HTTP/1.1 204 No Content

+```

+### Example 2: Remove members in bulk from a team using user principal name

+The following example shows how to remove multiple members from a **team** in a single request using their user principal names.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "bulkdeletemembers_team_upn"

+}-->

+```http

+POST https://graph.microsoft.com/beta/teams/e4183b04-c9a2-417c-bde4-70e3ee46a6dc/members/remove

+Content-Type: application/json

+{

+ "values": [

+ {

+ "@odata.type": "microsoft.graph.aadUserConversationMember",

+ "user@odata.bind": "https://graph.microsoft.com/beta/users('jacob@contoso.com')"

+ },

+ {

+ "@odata.type": "microsoft.graph.aadUserConversationMember",

+ "user@odata.bind": "https://graph.microsoft.com/beta/users('alex@contoso.com')"

+ }

+ ]

+}

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": false

+} -->

+```http

+HTTP/1.1 204 No Content

+```

+### Example 3: Remove members in bulk from a team with failed removals

+The following example shows how to remove multiple members from a **team** when the removal of a member fails.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "bulkdeletemembers_team_partial"

+}-->

+```http

+POST https://graph.microsoft.com/beta/teams/e4183b04-c9a2-417c-bde4-70e3ee46a6dc/members/remove

+Content-Type: application/json

+{

+ "values": [

+ {

+ "@odata.type": "microsoft.graph.aadUserConversationMember",

+ "user@odata.bind": "https://graph.microsoft.com/beta/users('c04f28bf-ab68-40a2-974b-e6af31fa78fb')"

+ },

+ {

+ "@odata.type": "microsoft.graph.aadUserConversationMember",

+ "user@odata.bind": "https://graph.microsoft.com/beta/users('86503198-b81b-43fe-81ee-ad45b8848ac9')"

+ }

+ ]

+}

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+> **Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.actionResultPart)"

+} -->

+```http

+HTTP/1.1 207 Multi-Status

+Content-Type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.aadUserConversationMemberResult)",

+ "value": [

+ {

+ "@odata.type": "#microsoft.graph.aadUserConversationMemberResult",

+ "userId": "c04f28bf-ab68-40a2-974b-e6af31fa78fb",

+ "error": {

+ "code": "NotFound",

+ "message": "Could not find resource"

+ }

+ },

+ {

+ "@odata.type": "#microsoft.graph.aadUserConversationMemberResult",

+ "userId": "86503198-b81b-43fe-81ee-ad45b8848ac9",

+ "error": null

+ }

+ ]

+}

+```

+## Related content

+[Remove member from team](team-delete-members.md)

+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79

+2024-09-12 06:02:30 UTC -->

+<!--

+{

+ "type": "#page.annotation",

+ "description": "Remove members from a team in bulk.",

+ "keywords": "",

+ "section": "documentation",

+ "tocPath": "",

+ "suppressions": []

+}

+-->

+Delete a [customAuthenticationExtension](../resources/customauthenticationextension.md) object. The following derived types are currently supported.

+- [onTokenIssuanceStartCustomExtension](../resources/ontokenissuancestartcustomextension.md) resource type.

+- [onAttributeCollectionStartCustomExtension](../resources/onattributecollectionstartcustomextension.md) resource type.

+- [onAttributeCollectionSubmitCustomExtension](../resources/onattributecollectionsubmitcustomextension.md) resource type.

+Read the properties and relationships of a [customAuthenticationExtension](../resources/customauthenticationextension.md) object. The following derived types are currently supported.

+- [onTokenIssuanceStartCustomExtension](../resources/ontokenissuancestartcustomextension.md) resource type.

+- [onAttributeCollectionStartCustomExtension](../resources/onattributecollectionstartcustomextension.md) resource type.

+- [onAttributeCollectionSubmitCustomExtension](../resources/onattributecollectionsubmitcustomextension.md) resource type.

+Update the properties of a [customAuthenticationExtension](../resources/customauthenticationextension.md) object. The following derived types are currently supported.

+- [onTokenIssuanceStartCustomExtension](../resources/ontokenissuancestartcustomextension.md) resource type.

+- [onAttributeCollectionStartCustomExtension](../resources/onattributecollectionstartcustomextension.md) resource type.

+- [onAttributeCollectionSubmitCustomExtension](../resources/onattributecollectionsubmitcustomextension.md) resource type.

+An API to check validity of the endpoint and and authentication configuration for a [customAuthenticationExtension](../resources/customauthenticationextension.md) object, which can represent one of the following derived types:

+- [onTokenIssuanceStartCustomExtension](../resources/ontokenissuancestartcustomextension.md) resource type.

+- [onAttributeCollectionStartCustomExtension](../resources/onattributecollectionstartcustomextension.md) resource type.

+- [onAttributeCollectionSubmitCustomExtension](../resources/onattributecollectionsubmitcustomextension.md) resource type.

+<!-- { "blockType": "permissions", "name": "daynote_delete" } -->

+<!-- { "blockType": "permissions", "name": "daynote_get" } -->

+<!-- { "blockType": "permissions", "name": "daynote_list" } -->

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

+> - Intune Administrator

+> - Windows 365 Administrator

+> - Cloud Device Administrator

+Get newly created, updated, or deleted devices without performing a full read of the entire resource collection. For more information, see [Use delta query to track changes in Microsoft Graph data](/graph/delta-query-overview) for details.

+| Query parameter | Type |Description|

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

+> - Directory Readers

+> - Global Reader

+> - Intune Administrator

+> - Windows 365 Administrator

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

+> - Directory Readers

+> - Global Reader

+> - Intune Administrator

+> - Windows 365 Administrator

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

+> - Directory Readers

+> - Global Reader

+> - Intune Administrator

+> - Windows 365 Administrator

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

+> - Directory Readers

+> - Global Reader

+> - Intune Administrator

+> - Windows 365 Administrator

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

+> - Directory Readers

+> - Global Reader

+> - Intune Administrator

+> - Windows 365 Administrator

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. *Intune Administrator* is the least privileged role supported for this operation. A calling user in the *Cloud Device Administrator* role can only enable or disable devices and a user with the *Windows 365 Administrator* role can only update basic device properties.

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

+> - Cloud Device Administrator

+> - Helpdesk Administrator

+> - Intune Service Administrator

+> - Security Administrator

+> - Security Reader

+> - Global Reader

+>

+> To access the actual passwords on the device by using the `$select=credentials` query parameter, the following least privileged roles are supported:

+> - Cloud Device Administrator

+> - Intune Service Administrator

+<!-- { "blockType": "permissions", "name": "directory_delete_externaluserprofiles" } -->

+<!-- { "blockType": "permissions", "name": "directory_delete_pendingexternaluserprofiles" } -->

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following privileged roles are supported for this operation.

+> - Attribute Definition Reader

+> - Attribute Assignment Administrator

+> - Attribute Definition Administrator

+>

+> By default, Global Administrator and other administrator roles do not have permissions to read, define, or assign custom security attributes.

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

+> - Cloud Device Administrator

+> - Helpdesk Administrator

+> - Intune Service Administrator

+> - Security Administrator

+> - Security Reader

+> - Global Reader

+<!-- { "blockType": "permissions", "name": "directory_list_externaluserprofiles" } -->

+<!-- { "blockType": "permissions", "name": "directory_list_pendingexternaluserprofile" } -->

+description: "Create a new administrativeUnit."

+Create a new [administrativeUnit](../resources/administrativeunit.md).

+You can specify the following properties when you create an **administrativeUnit**.

+| membershipRule | String | The dynamic membership rule for the administrative unit. For more information about the rules you can use for dynamic administrative units and dynamic groups, see [Manage rules for dynamic membership groups in Microsoft Entra ID](/entra/identity/users/groups-dynamic-membership). Optional.|

+| membershipRuleProcessingState | String | Controls whether the dynamic membership rule is actively processed. Set to `On` to activate the dynamic membership rule, or `Paused` to stop updating membership dynamically. Optional. |

+| membershipType | String | Indicates the membership type for the administrative unit. The possible values are: `dynamic`, `assigned`. If not set, the default value is `null` and the default behavior is assigned. Optional. |

+| visibility | String | The visibility of the administrative unit. If not set, the default value is `null` and the default behavior is public. It can be set to `HiddenMembership` to hide the membership from nonmembers. Optional. |

+The **administrativeUnit** resource supports [extensions](/graph/extensibility-overview), which allows you to use the `POST` operation to add custom properties with your own data when you create the administrative unit.

+The following example shows a request.

+The following example shows a request.

+The following example shows the response.

+<!-- { "blockType": "permissions", "name": "directory_post_pendingexternaluserprofile" } -->

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+### Group memberships for the signed-in user

+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->

+| Permission type | Permissions (from least to most privileged) |

+|:-|:-|

+| Delegated (work or school account) | User.Read, User.ReadBasic.All, User.Read.All, Directory.Read.All, User.ReadWrite.All, Directory.ReadWrite.All |

+| Delegated (personal Microsoft account) | Not supported. |

+| Application | Not supported. |

+### Group memberships for other users

+<!-- { "blockType": "permissions", "name": "directoryobject_checkmembergroups_6" } -->

+Group memberships for the signed-in user.

+```

+Group memberships for other users.

+<!-- { "blockType": "ignored" } -->

+```http

+### Memberships for the signed-in user

+|Application | Not supported. |

+### Memberships for other users

+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->

+|Permission type | Permissions (from least to most privileged) |

+|:--|:|

+|Delegated (work or school account) | User.Read.All, Directory.Read.All, User.ReadWrite.All, Directory.ReadWrite.All |

+|Delegated (personal Microsoft account) | Not supported. |

+Memberships for the signed-in user.

+Memberships for other users.

+<!-- { "blockType": "ignored" } -->

+```http

+POST /users/{id | userPrincipalName}/checkMemberObjects

+```

+Get newly created, updated, or deleted directory objects without performing a full read of the entire directoryObject collection. For more information, see [Use delta query to track changes in Microsoft Graph data](/graph/delta-query-overview) for details.

+Here, the permission allows you to read *any* directory object, regardless of the object type. To scope the operation to a specific object type and use lesser-privileged permissions, refer to other permissions tables on this page.

+|Delegated (work or school account) | Directory.Read.All |

+|Application | Directory.Read.All |

+|Application | User.ReadBasic.All and GroupMember.Read.All, User.Read.All and GroupMember.Read.All, User.ReadBasic.All and Group.Read.All, User.Read.All and Group.Read.All, Directory.Read.All |

+> [!NOTE]

+> Microsoft recommends that you use the unified RBAC API instead of this API. The unified RBAC API provides more functionality and flexibility. For more information, see [Delete unifiedRoleAssignment](./unifiedroleassignment-delete.md).

+Get newly created, updated, or deleted directory roles without having to perform a full read of the entire resource collection. For more information, see [Use delta query to track changes in Microsoft Graph data](/graph/delta-query-overview) for details.

+> [!NOTE]

+> Microsoft recommends that you use the unified RBAC API instead of this API. The unified RBAC API provides more functionality and flexibility. For more information, see [Get unifiedRoleDefinition](./unifiedroledefinition-get.md).

+> [!NOTE]

+> Microsoft recommends that you use the unified RBAC API instead of this API. The unified RBAC API provides more functionality and flexibility. For more information, see [List unifiedRoleAssignments](./rbacapplication-list-roleassignments.md).

+> [!NOTE]

+> Microsoft recommends that you use the unified RBAC API instead of this API. The unified RBAC API provides more functionality and flexibility. For more information, see [List unifiedRoleAssignments](./rbacapplication-list-roleassignments.md).

+> [!NOTE]

+> Microsoft recommends that you use the unified RBAC API instead of this API. The unified RBAC API provides more functionality and flexibility. For more information, see [List roleDefinitions](./rbacapplication-list-roledefinitions.md).

+> [!NOTE]

+> Microsoft recommends that you use the unified RBAC API instead of this API. The unified RBAC API provides more functionality and flexibility. For more information, see [Create unifiedRoleAssignment](./rbacapplication-post-roleassignments.md).

+> [!NOTE]

+> Microsoft recommends that you use the unified RBAC API instead of this API. The unified RBAC API provides more functionality and flexibility. For more information, see [Get unifiedRoleDefinition](./unifiedroledefinition-get.md).

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. *Global Reader* is the least privileged role supported for this operation.

+> [!NOTE]

+> Microsoft recommends that you use the unified RBAC API instead of this API. The unified RBAC API provides more functionality and flexibility. For more information, see [List roleDefinitions](./rbacapplication-list-roledefinitions.md).

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. *Global Reader* is the least privileged role supported for this operation.

+### For tenant-wide settings

+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->

+### For group-specific settings

+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->

+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->

+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->

+### For all settings *except* the Consent Policy Settings object

+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->

+<!-- { "blockType": "ignored" } // Note: Removing this line will result in the permissions autogeneration tool overwriting the table. -->

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

+> - Microsoft Entra Joined Device Local Administrator - basic properties only

+> - Directory Readers

+> - Global Reader

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation.

+> - Microsoft Entra Joined Device Local Administrator - basic properties only

+> - Directory Readers

+> - Global Reader

+ "sampleKeys": ["woodgrovedemo.com"]

+GET https://graph.microsoft.com/beta/domains/woodgrovedemo.com

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#domains/$entity",

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET domains('<key>')?$select=authenticationType,availabilityStatus",

+ "authenticationType": "Managed",

+ "availabilityStatus": null,

+ "id": "woodgrovedemo.com",

+ "isAdminManaged": true,

+ "isDefault": true,

+ "isInitial": true,

+ "isRoot": true,

+ "isVerified": true,

+ "supportedServices": [

+ "Email",

+ "OfficeCommunicationsOnline",

+ "CustomUrlDomain"

+ ],

+ "passwordValidityPeriodInDays": 2147483647,

+ "passwordNotificationWindowInDays": 14,

+ "state": null

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation: *Domain Name Administrator* or *Global Reader*.

+ "passwordResetUri": "https://sts.contoso.com/adfs/passwordReset",

+# [PowerShell](#tab/powershell)

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation: *Domain Name Administrator* or *Global Reader*.

+> [!IMPORTANT]

+> In delegated scenarios with work or school accounts, the signed-in user must be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with a supported role permission. The following least privileged roles are supported for this operation: *Domain Name Administrator* or *Global Reader*.

+|activeSignInUri|String|URL of the endpoint used by active clients when authenticating with federated domains set up for single sign-on in Microsoft Entra ID. Corresponds to the **ActiveLogOnUri** property of the [Set-MsolDomainFederationSettings MSOnline v1 PowerShell cmdlet](/powershell/module/msonline/set-msoldomainfederationsettings).|

+|federatedIdpMfaBehavior|federatedIdpMfaBehavior|Determines whether Microsoft Entra ID accepts the MFA performed by the federated IdP when a federated user accesses an application that is governed by a conditional access policy that requires MFA. The possible values are: `acceptIfMfaDoneByFederatedIdp`, `enforceMfaByFederatedIdp`, `rejectMfaByFederatedIdp`, `unknownFutureValue`. For more information, see [federatedIdpMfaBehavior values](#federatedidpmfabehavior-values).|

+|isSignedAuthenticationRequestRequired|Boolean|If true, when SAML authentication requests are sent to the federated SAML IDP, Microsoft Entra ID signs those requests using the OrgID signing key. If false (default), the SAML authentication requests sent to the federated IDP aren't signed.|

+|nextSigningCertificate|String|Fallback token signing certificate that is used to sign tokens when the primary signing certificate expires. Formatted as Base 64 encoded strings of the public portion of the federated IdP's token signing certificate. Needs to be compatible with the X509Certificate2 class. Much like the **signingCertificate**, the **nextSigningCertificate** property is used if a rollover is required outside of the autorollover update, a new federation service is being set up, or if the new token signing certificate isn't present in the federation properties after the federation service certificate has been updated.|

+|passwordResetUri|String|URI that clients are redirected to for resetting their password.|

+|preferredAuthenticationProtocol|authenticationProtocol|Preferred authentication protocol. This parameter must be configured explicitly for the federation passive authentication flow to work. The possible values are: `wsFed`, `saml`, `unknownFutureValue`.|

+|signingCertificate|String|Current certificate used to sign tokens passed to the Microsoft identity platform. The certificate is formatted as a Base 64 encoded string of the public portion of the federated IdP's token signing certificate and must be compatible with the X509Certificate2 class. <br>This property is used in the following scenarios: <li> If a rollover is required outside of the autorollover update <li> A new federation service is being set up <li> If the new token signing certificate isn't present in the federation properties after the federation service certificate has been updated.<br>Microsoft Entra ID updates certificates via an autorollover process in which it attempts to retrieve a new certificate from the federation service metadata, 30 days before expiry of the current certificate. If a new certificate isn't available, Microsoft Entra ID monitors the metadata daily and updates the federation settings for the domain when a new certificate is available.|

+|signOutUri|String|URI that clients are redirected to when they sign out of Microsoft Entra services. Corresponds to the **LogOffUri** property of the [Set-MsolDomainFederationSettings MSOnline v1 PowerShell cmdlet](/powershell/module/msonline/set-msoldomainfederationsettings).|

+ "federatedIdpMfaBehavior": "rejectMfaByFederatedIdp",

+ "passwordResetUri": "https://sts.contoso.com/adfs/passwordReset"

+ "federatedIdpMfaBehavior": "rejectMfaByFederatedIdp",

+ "passwordResetUri": "https://sts.contoso.com/adfs/passwordReset"

+> [!IMPORTANT]

+> The work or school account needs to belong to at least one of the following [Microsoft Entra roles](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json):

+> - Domain Name Administrator

+> - Security Administrator

+> - External Identity Provider Administrator

+> [!NOTE]

+> Verifying a domain through Microsoft Graph doesn't configure the domain for use with Office 365 services like Exchange. Fully configuring the domain to work with Microsoft 365 products might require extra steps. For more information, see [Microsoft 365 admin setup](/microsoft-365/admin/setup/add-domain).

+| includeAllVersionHistory | Boolean | Optional. If set to `true`, source files version history (major versions and minor versions, if any) should be copied to the destination, within the target version setting limit. If `false`, only the latest major version is copied to the destination. The default value is `false`. |

+ "driveId": "b!s8RqPCGh0ESQS2EYnKM0IKS3lM7GxjdAviiob7oc5pXv_0LiL-62Qq3IXyrXnEop",

+ "driveId": "b!s8RqPCGh0ESQS2EYnKM0IKS3lM7GxjdAviiob7oc5pXv_0LiL-62Qq3IXyrXnEop",

+ "driveId": "b!s8RqPCGh0ESQS2EYnKM0IKS3lM7GxjdAviiob7oc5pXv_0LiL-62Qq3IXyrXnEop",

+ "driveId": "b!s8RqPCGh0ESQS2EYnKM0IKS3lM7GxjdAviiob7oc5pXv_0LiL-62Qq3IXyrXnEop",

+### Example 5: Copy operation preserve version history

+The following example copies the item identified by `{item-id}` into a folder identified with a `driveId` and `id` value. It also copies the version history to the target folder. If the source file contains 20 versions and the destination version limit setting is 10, the copy only transfers the maximum number of versions the destination site allows, starting from the most recent.

+#### Request

+# [HTTP](#tab/http)

+<!-- { "blockType": "request", "name": "copy-item-5", "scopes": "files.readwrite", "target": "action" } -->

+```http

+POST https://graph.microsoft.com/beta/me/drive/items/{item-id}/copy

+Content-Type: application/json

+{

+ "parentReference": {

+ "driveId": "b!s8RqPCGh0ESQS2EYnKM0IKS3lM7GxjdAviiob7oc5pXv_0LiL-62Qq3IXyrXnEop",

+ "id": "DCD0D3AD-8989-4F23-A5A2-2C086050513F"

+ },

+ "includeAllVersionHistory": true

+}

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+<!-- { "blockType": "response" } -->

+```http

+HTTP/1.1 202 Accepted

+Location: https://contoso.sharepoint.com/_api/v2.0/monitor/4A3407B5-88FC-4504-8B21-0AABD3412717

+```

+### Example 6: Copy the children in a folder from root

+<!-- { "blockType": "ignored", "name": "copy-item-6" } -->

+ "driveId": "b!s8RqPCGh0ESQS2EYnKM0IKS3lM7GxjdAviiob7oc5pXv_0LiL-62Qq3IXyrXnEop",

+### Example 7: Copy the children in a folder where source has more than 150 direct children

+<!-- { "blockType": "ignored", "name": "copy-item-7" } -->

+ "driveId": "b!s8RqPCGh0ESQS2EYnKM0IKS3lM7GxjdAviiob7oc5pXv_0LiL-62Qq3IXyrXnEop",

+### Example 8: Copy the children where the source item is a file

+<!-- { "blockType": "ignored", "name": "copy-item-8" } -->

+ "driveId": "b!s8RqPCGh0ESQS2EYnKM0IKS3lM7GxjdAviiob7oc5pXv_0LiL-62Qq3IXyrXnEop",

+### Example 9: Copy the children in a folder with childrenOnly and name

+<!-- { "blockType": "ignored", "name": "copy-item-9" } -->

+ "driveId": "b!s8RqPCGh0ESQS2EYnKM0IKS3lM7GxjdAviiob7oc5pXv_0LiL-62Qq3IXyrXnEop",

+### Error responses

+The request returns `400 Bad Request` if the file isn't checked out. Requests made with delegated access return `423 Locked` if another user has the file checked out. Requests made with application access can discard any checkout.

+For more information about how errors are returned, see [Error responses][error-response].

+# [PowerShell](#tab/powershell)

+[error-response]: /graph/errors

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "driveitem_getretentionlabel" } -->

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "driveitem_lockorunlockrecord" } -->

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "driveitem_removeretentionlabel" } -->

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "driveitem_setretentionlabel" } -->

+ Title: "Get driveProtectionUnitsBulkAdditionJob"

+description: "Get a driveProtectionUnitsBulkAdditionJob in a OneDrive protection policy."

+ms.localizationpriority: medium

+# Get driveProtectionUnitsBulkAdditionJob

+Namespace: microsoft.graph

+Get a [driveProtectionUnitsBulkAdditionJob](../resources/driveprotectionunitsbulkadditionjob.md) object by the ID associated with a [oneDriveForBusinessProtectionPolicy](../resources/onedriveforbusinessprotectionpolicy.md).

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "driveprotectionunitsbulkadditionjobs_get" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /solutions/backupRestore/oneDriveForBusinessProtectionPolicies/{driveProtectionPolicyId}/driveProtectionUnitsBulkAdditionJobs/{driveProtectionUnitsBulkAdditionJobId}

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a [driveProtectionUnitsBulkAdditionJob](../resources/driveprotectionunitsbulkadditionjob.md) object in the response body.

+## Examples

+### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "driveprotectionunitsbulkadditionjobs_get"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/solutions/backupRestore/oneDriveForBusinessProtectionPolicies/71633878-8321-4950-bfaf-ed285bdd1461/driveProtectionUnitsBulkAdditionJobs/71633878-8321-4950-bfaf-ed285bdd1461

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.driveProtectionUnitsBulkAdditionJob"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Location: https://graph.microsoft.com/beta/solutions/backupRestore/oneDriveForBusinessProtectionPolicies/71633878-8321-4950-bfaf-ed285bdd1461/driveProtectionUnitsBulkAdditionJobs/61633878-8321-4950-bfaf-ed285bdd1461

+{

+ "@odata.type": "#microsoft.graph.driveProtectionUnitsBulkAdditionJob",

+ "id":"61633878-8321-4950-bfaf-ed285bdd1461",

+ "displayName" : "drives-I",

+ "drives" : ["amala@contoso.com", "conrad@contoso.com", "lothar@contoso.com"],

+ "directoryObjectIds": ["71633878-8321-4950-bfaf-ed285bdd1461"],

+ "status" : "CompletedWithErrors",

+ "createdBy":{

+ "application":{

+ "id":"1fec8e78-bce4-4aaf-ab1b-5451cc387264"

+ },

+ "user":{

+ "id":"845457dc-4bb2-4815-bef3-8628ebd1952e"

+ }

+ },

+ "createdDateTime":"2015-06-19T12-01-03.45Z",

+ "lastModifiedBy":{

+ "application":{

+ "id":"1fec8e78-bce4-4aaf-ab1b-5451cc387264"

+ },

+ "user":{

+ "id":"845457dc-4bb2-4815-bef3-8628ebd1952e"

+ }

+ },

+ "lastModifiedDateTime":"2015-06-19T12-01-03.45Z",

+ "error":{

+ "code" : "ProtectionResourcesNotFound",

+ "message": "Errors while resolving protection resources",

+ "details":

+ [

+ {

+ "code": "EmailNotFound",

+ "message": "Email address 'amala@contoso.com' not found in directory",

+ "target" : "amala@contoso.com"

+ },

+ {

+ "code": "EmailNotFound",

+ "message": "Email address 'conrad@contoso.com' not found in directory",

+ "target" : "conrad@contoso.com"

+ },

+ {

+ "code": "EmailNotFound",

+ "message": "Email address 'lothar@contoso.com' not found in directory",

+ "target" : "lothar@contoso.com"

+ }

+ ]

+ }

+}

+```

+ Title: "Create driveProtectionUnitsBulkAdditionJob"

+description: "Create driveProtectionUnitsBulkAdditionJob for a OneDrive protection policy."

+ms.localizationpriority: medium

+# Create driveProtectionUnitsBulkAdditionJob

+Namespace: microsoft.graph

+Create a [driveProtectionUnitsBulkAdditionJob](../resources/driveprotectionunitsbulkadditionjob.md) object associated with a [oneDriveForBusinessProtectionPolicy](../resources/onedriveforbusinessprotectionpolicy.md).

+The initial status upon creation of the job is `active`. When all the `drives` and `directoryObjectIds` are added into the corresponding OneDrive protection policy, the status of job is `completed`.

+If any failures occur, the status of the job eventually is `completedWithErrors`.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "driveprotectionunitsbulkadditionjobs_post" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /solutions/backupRestore/oneDriveForBusinessProtectionPolicies/{oneDriveForBusinessProtectionPolicyId}/driveProtectionUnitsBulkAdditionJobs

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+|Content-Type|application/json|

+## Request body

+In the request body, include a JSON representation of the [driveProtectionUnitsBulkAdditionJob](../resources/driveprotectionunitsbulkadditionjob.md) object.

+## Response

+If successful, this method returns a `201 Created` response code and a [driveProtectionUnitsBulkAdditionJob](../resources/driveprotectionunitsbulkadditionjob.md) object in the response body.

+## Examples

+### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "driveprotectionunitsbulkadditionjobs_post"

+}

+-->

+```http

+POST https://graph.microsoft.com/beta/solutions/backupRestore/oneDriveForBusinessProtectionPolicies/71633878-8321-4950-bfaf-ed285bdd1461/driveProtectionUnitsBulkAdditionJobs

+Content-Type: application/json

+{

+ "displayName" : "drives-I",

+ "drives" : ["amala@contoso.com", "conrad@contoso.com", "lothar@contoso.com"],

+ "directoryObjectIds" : ["1fec4e78-bce4-4aaf-ab1b-5451cc387264"]

+}

+```

+# [JavaScript](#tab/javascript)

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.driveProtectionUnitsBulkAdditionJob"

+}

+-->

+``` http

+HTTP/1.1 201 Created

+Content-type: application/json

+{

+ "@odata.type": "#microsoft.graph.driveProtectionUnitsBulkAdditionJob",

+ "id" :"71633878-8321-4950-bfaf-ed285bdd1461",

+ "displayName" : "drives-I",

+ "status" : "active",

+ "drives" : ["amala@contoso.com", "conrad@contoso.com", "lothar@contoso.com"],

+ "directoryObjectIds" : ["1fec4e78-bce4-4aaf-ab1b-5451cc387264"],

+ "createdBy":{

+ "application":{

+ "id":"1fec8e78-bce4-4aaf-ab1b-5451cc387264"

+ },

+ "user":{

+ "id":"845457dc-4bb2-4815-bef3-8628ebd1952e"

+ }

+ },

+ "createdDateTime":"2015-06-19T12-01-03.45Z",

+ "lastModifiedBy":{

+ "application":{

+ "id":"1fec8e78-bce4-4aaf-ab1b-5451cc387264"

+ },

+ "user":{

+ "id":"845457dc-4bb2-4815-bef3-8628ebd1952e"

+ }

+ },

+ "lastModifiedDateTime":"2015-06-19T12-01-03.45Z",

+}

+```

+The following tables show the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+Permissions for the following HTTP syntax:

+<!-- { "blockType": "ignored" } -->

+```http

+DELETE /me/profile/educationalActivities/{id}

+```

+<!-- {

+ "blockType": "permissions",

+ "name": "educationalactivity_delete",

+ "requestUrls": ["DELETE /me/profile/educationalActivities/{id}"]

+ } -->

+Permissions for the following HTTP syntax:

+<!-- { "blockType": "ignored" } -->

+```http

+DELETE /users/{id | userPrincipalName}/profile/educationalActivities/{id}

+```

+<!-- {

+ "blockType": "permissions",

+ "name": "educationalactivity_delete_2",

+ "requestUrls": ["DELETE /users/{id | userPrincipalName}/profile/educationalActivities/{id}"]

+ } -->

+The following tables show the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+Permissions for the following HTTP syntax:

+<!-- { "blockType": "ignored" } -->

+```http

+GET /me/profile/educationalActivities/{id}

+```

+<!-- {

+ "blockType": "permissions",

+ "name": "educationalactivity_get",

+ "requestUrls": ["GET /me/profile/educationalActivities/{id}"]

+ } -->

+Permissions for the following HTTP syntax:

+<!-- { "blockType": "ignored" } -->

+```http

+GET /users/{id | userPrincipalName}/profile/educationalActivities/{id}

+```

+<!-- {

+ "blockType": "permissions",

+ "name": "educationalactivity_get_2",

+ "requestUrls": ["GET /users/{id | userPrincipalName}/profile/educationalActivities/{id}"]

+ } -->

+The following tables show the least privileged permission or permissions required to call this API on each supported resource type. Follow [best practices](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions) to request least privileged permissions. For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+Permissions for the following HTTP syntax:

+<!-- { "blockType": "ignored" } -->

+```http

+PATCH /me/profile/educationalActivities/{id}

+```

+<!-- {

+ "blockType": "permissions",

+ "name": "educationalactivity_update",

+ "requestUrls": ["PATCH /me/profile/educationalActivities/{id}"]

+ } -->

+Permissions for the following HTTP syntax:

+<!-- { "blockType": "ignored" } -->

+```http

+PATCH /users/{id | userPrincipalName}/profile/educationalActivities/{id}

+```

+<!-- {

+ "blockType": "permissions",

+ "name": "educationalactivity_update_2",

+ "requestUrls": ["PATCH /users/{id | userPrincipalName}/profile/educationalActivities/{id}"]

+ } -->

+This method supports the `$select`, `$orderby`, and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+You can use `$orderby` with the following properties of the [educationAssignment](../resources/educationassignment.md) resource: **assignDateTime**, **assignedDateTime**, **closeDateTime**, **createdDateTime**, **displayName**, **dueDateTime**, **lastModifiedDateTime**, **moduleUrl**, and **status**.

+In the request body, supply the **odata.id** of an existing [educationCategory](../resources/educationcategory.md) object to add to this assignment.

+### Request

+# [HTTP](#tab/http)

+ "blockType": "request",

+ "name": "add_educationcategory_to_educationassignment"

+POST https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignments/70b7077c-7c1c-4e56-9b3b-2365411900c6/categories/$ref

+ "@odata.id": "https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignmentCategories/39e3d9dc-7244-42d7-8b4d-1071aae5eb41"

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+### Response

+The following example shows the response.

+ "blockType": "response",

+ "truncated": true

+# [HTTP](#tab/http)

+ "blockType": "request",

+ "name": "remove_educationcategory_from_educationassignment"

+DELETE https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignments/e98aaae1-7c98-4e65-bb62-1994fe410552/categories/39e3d9dc-7244-42d7-8b4d-1071aae5eb41/$ref

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+ "blockType": "response",

+ "truncated": true

+ "name": "delete_educationassignment_2"

+DELETE https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/assignmentCategories/39e3d9dc-7244-42d7-8b4d-1071aae5eb41

+This method supports the `$select` and `$orderby` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+You can use `$orderby` with the **displayName** property of the [educationCategory](../resources/educationcategory.md) resource.

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+ Title: "educationClass: getRecentlyModifiedSubmissions"

+description: "Retrieve submissions modified in the previous seven days."

+ms.localizationpriority: medium

+# educationClass: getRecentlyModifiedSubmissions

+Namespace: microsoft.graph

+Retrieve submissions modified in the previous seven days. Only teachers and applications with application permissions can perform this operation.

+A **submission** object represents a student's work for an [assignment](../resources/educationassignment.md). Resources associated with the submission represent their work.

+A teacher or application with application permissions has full access to all **submission** objects.

+The grade and feedback from a teacher are part of the [educationOutcome](../resources/educationoutcome.md) associated with this object. Only teachers or applications with application permissions can add or change grades and feedback. Students can't see the grade or feedback until the **assignment** is released.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "educationclass_getrecentlymodifiedsubmissions" } -->

+## HTTP request

+<!-- { "blockType": "ignored" } -->

+```http

+GET /education/classes/{class-id}/getRecentlyModifiedSubmissions

+```

+## Optional query parameters

+This method supports the `$orderby`, `$top`, `$filter`, `$select`, and `$expand` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+The `$orderby` query parameter only supports the **lastModifiedDateTime** property of the [educationSubmission](../resources/educationsubmission.md) resource.

+The default ordering is by descending **lastModifiedDateTime** property values.

+## Request headers

+| Header | Value |

+|:|:--|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a collection of [educationSubmission](../resources/educationsubmission.md) objects in the response body.

+If you specify an unsupported property for the `$orderby` query parameter, the method returns a `400` error message.

+```http

+HTTP/1.1 400 Bad Request

+Content-type: application/json

+{

+ "error": {

+ "code": "20143",

+ "message": "The OData query is invalid. $orderby clause is only supported for these properties : (lastModifiedDateTime).",

+ "innerError": {

+ "date": "2024-08-27T13:04:10",

+ "request-id": "218ae0dc-664c-4928-b4e1-f3b37c27c472",

+ "client-request-id": "ed8c66ed-fd50-d7ec-d989-5a92140999c1"

+ }

+ }

+}

+```

+If you specify an unsupported value for the `$filter` query parameter, the method returns a `400` error message.

+```http

+HTTP/1.1 400 Bad Request

+Content-type: application/json

+{

+ "error": {

+ "code": "BadRequest",

+ "message": "Invalid filter clause: The $filter expression must evaluate to a single boolean value.",

+ "innerError": {

+ "date": "2024-08-27T13:05:11",

+ "request-id": "31233bf3-c442-4a8d-a1ff-56c665239e25",

+ "client-request-id": "30f9e18f-f311-741b-bf48-23fd4feecdb9"

+ }

+ }

+}

+```

+## Examples

+### Example 1: Get recently modified submissions

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "get_educationclass_getrecentlymodifiedsubmissions"

+}-->

+```msgraph-interactive

+GET https://graph.microsoft.com/beta/education/classes/bf1f1963-05f6-4cba-903c-5892b4ce3bd7/getRecentlyModifiedSubmissions

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.educationSubmission)"

+} -->

+```http

+HTTP/1.1 200 OK

+Content-type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.educationSubmission)",

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET education/classes('<guid>')/microsoft.graph.getRecentlyModifiedSubmissions?$select=excusedBy,excusedDateTime",

+ "value": [

+ {

+ "status": "returned",

+ "submittedDateTime": null,

+ "unsubmittedDateTime": "2024-08-14T05:48:30.9345815Z",

+ "returnedDateTime": "2024-08-14T05:47:41.4128921Z",

+ "reassignedDateTime": "2024-08-14T05:47:18.3007671Z",

+ "excusedDateTime": "2024-08-14T05:47:41.4128921Z",

+ "lastModifiedDateTime": "2024-08-14T06:37:17.9779374Z",

+ "resourcesFolderUrl": null,

+ "webUrl": "https://teams.microsoft.com/l/entity/66aeee93-507d-479a-a3ef-8f494af43945/classroom?context=%7B%22subEntityId%22%3A%22%7B%5C%22version%5C%22%3A%5C%221.0%5C%22,%5C%22config%5C%22%3A%7B%5C%22classes%5C%22%3A%5B%7B%5C%22id%5C%22%3A%5C%22bf1f1963-05f6-4cba-903c-5892b4ce3bd7%5C%22,%5C%22assignmentIds%5C%22%3A%5B%5C%22db8e6b0b-dba4-4c69-81b2-9ba7313c0b7a%5C%22%5D,%5C%22submissionId%5C%22%3A%5C%224bca096a-7de3-8675-5e86-2fa149923860%5C%22%7D%5D%7D,%5C%22action%5C%22%3A%5C%22navigate%5C%22,%5C%22view%5C%22%3A%5C%22speed-grader%5C%22,%5C%22appId%5C%22%3A%5C%22de8bc8b5-d9f9-48b1-a8ad-b748da725064%5C%22%7D%22,%22channelId%22%3Anull%7D",

+ "id": "4bca096a-7de3-8675-5e86-2fa149923860",

+ "recipient": {

+ "@odata.type": "#microsoft.graph.educationSubmissionIndividualRecipient",

+ "userId": "61243ddb-6f39-499d-b232-9fa8cef26b3a"

+ },

+ "submittedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "61243ddb-6f39-499d-b232-9fa8cef26b3a",

+ "displayName": null

+ }

+ },

+ "unsubmittedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "displayName": null

+ }

+ },

+ "returnedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "displayName": null

+ }

+ },

+ "reassignedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "displayName": null

+ }

+ },

+ "excusedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "displayName": null

+ }

+ },

+ "lastModifiedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "displayName": null

+ }

+ }

+ }

+ ]

+}

+```

+### Example 2: Get recently modified submissions with `$select` and `$filter` options on assignmentId property

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "get_educationclass_getrecentlymodifiedsubmissions_filter_select_assignmentId"

+}-->

+```msgraph-interactive

+GET https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/getrecentlymodifiedsubmissions?$filter=assignmentId eq 'b20d6737-f88e-4892-8174-73aa26d18784'&$select=LastModifiedDateTime,status

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.educationSubmission)"

+} -->

+```http

+HTTP/1.1 200 OK

+Content-type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.educationSubmission)",

+ "value": [

+ {

+ "status": "submitted",

+ "lastModifiedDateTime": "2024-09-09T10:18:33.4052415Z"

+ },

+ {

+ "status": "working",

+ "lastModifiedDateTime": "2024-09-09T10:18:07.6464644Z"

+ },

+ {

+ "status": "working",

+ "lastModifiedDateTime": "2024-09-09T10:18:07.588738Z"

+ },

+ {

+ "status": "working",

+ "lastModifiedDateTime": "2024-09-09T10:18:07.5295878Z"

+ },

+ {

+ "status": "working",

+ "lastModifiedDateTime": "2024-09-09T10:18:07.4718648Z"

+ },

+ {

+ "status": "working",

+ "lastModifiedDateTime": "2024-09-09T10:18:07.3513158Z"

+ },

+ {

+ "status": "working",

+ "lastModifiedDateTime": "2024-09-09T10:18:07.2866527Z"

+ },

+ {

+ "status": "working",

+ "lastModifiedDateTime": "2024-09-09T10:18:07.2219998Z"

+ },

+ {

+ "status": "working",

+ "lastModifiedDateTime": "2024-09-09T10:18:07.1602788Z"

+ },

+ {

+ "status": "working",

+ "lastModifiedDateTime": "2024-09-09T10:18:07.0884058Z"

+ }

+ ]

+}

+```

+### Example 3: Get recently modified submissions with `$expand` option

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "get_educationclass_getrecentlymodifiedsubmissions_expand"

+}-->

+```msgraph-interactive

+GET https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/getRecentlyModifiedSubmissions?$expand=outcomes

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.educationSubmission)"

+} -->

+```http

+HTTP/1.1 200 OK

+Content-type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.educationSubmission)",

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET education/classes('<guid>')/microsoft.graph.getRecentlyModifiedSubmissions?$select=excusedBy,excusedDateTime",

+ "value": [

+ {

+ "status": "working",

+ "submittedDateTime": null,

+ "unsubmittedDateTime": null,

+ "returnedDateTime": null,

+ "reassignedDateTime": null,

+ "excusedDateTime": null,

+ "lastModifiedDateTime": "2024-08-26T20:45:51.3485047Z",

+ "resourcesFolderUrl": null,

+ "webUrl": "https://teams.microsoft.com/l/entity/66aeee93-507d-479a-a3ef-8f494af43945/classroom?context=%7B%22subEntityId%22%3A%22%7B%5C%22version%5C%22%3A%5C%221.0%5C%22,%5C%22config%5C%22%3A%7B%5C%22classes%5C%22%3A%5B%7B%5C%22id%5C%22%3A%5C%2237d99af7-cfc5-4e3b-8566-f7d40e4a2070%5C%22,%5C%22assignmentIds%5C%22%3A%5B%5C%2273b252e5-5f2c-42d6-8896-bfe924ce5fe9%5C%22%5D,%5C%22submissionId%5C%22%3A%5C%225af42a11-37cc-c144-fa4c-7db855942011%5C%22%7D%5D%7D,%5C%22action%5C%22%3A%5C%22navigate%5C%22,%5C%22view%5C%22%3A%5C%22speed-grader%5C%22,%5C%22appId%5C%22%3A%5C%22de8bc8b5-d9f9-48b1-a8ad-b748da725064%5C%22%7D%22,%22channelId%22%3Anull%7D",

+ "id": "5af42a11-37cc-c144-fa4c-7db855942011",

+ "recipient": {

+ "@odata.type": "#microsoft.graph.educationSubmissionIndividualRecipient",

+ "userId": "e5c17181-ad7e-4a66-86bf-b560ce0c8b29"

+ },

+ "submittedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "e5c17181-ad7e-4a66-86bf-b560ce0c8b29",

+ "displayName": null

+ }

+ },

+ "unsubmittedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "returnedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "reassignedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "excusedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "lastModifiedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "7254e396-868c-4bf7-96b2-6fe763590b5a",

+ "displayName": null

+ }

+ },

+ "outcomes": [

+ {

+ "@odata.type": "#microsoft.graph.educationFeedbackOutcome",

+ "lastModifiedDateTime": null,

+ "id": "ca05367a-b292-42d5-aff7-5d279feeace8",

+ "lastModifiedBy": null,

+ "feedback": null,

+ "publishedFeedback": null

+ },

+ {

+ "@odata.type": "#microsoft.graph.educationPointsOutcome",

+ "lastModifiedDateTime": null,

+ "id": "ea1351f6-ba33-4940-b2cb-6a7254af2dc8",

+ "lastModifiedBy": null,

+ "points": null,

+ "publishedPoints": null

+ }

+ ]

+ }

+ ]

+}

+```

+### Example 4: Get recently modified submissions with `$filter` option

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "get_educationclass_getrecentlymodifiedsubmissions_filter"

+}-->

+```msgraph-interactive

+GET https://graph.microsoft.com/beta/education/classes/bf1f1963-05f6-4cba-903c-5892b4ce3bd7/getRecentlyModifiedSubmissions?$filter=status eq 'working'

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.educationSubmission)"

+} -->

+```http

+HTTP/1.1 200 OK

+Content-type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.educationSubmission)",

+ "@odata.nextLink": "https://graph.microsoft.com/beta/education/classes/37d99af7-cfc5-4e3b-8566-f7d40e4a2070/getRecentlyModifiedSubmissions?$filter=status+eq+%27working%27&$skiptoken=eyJJbm5lclNraXBUb2tlbiI6Ik15WlJWa1pDVVZWR1FsRlZSa1phTVd4Q1VWVkdRbEZWUmtKU1JXeENVVlZHUWxWWFZscE9SM040U3pCc1RGWlRjM2RTTUhkNlZGVlJlRlJzUW1oa2VqQTUifQ%3d%3d",

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET education/classes('<guid>')/microsoft.graph.getRecentlyModifiedSubmissions?$select=excusedBy,excusedDateTime",

+ "value": [

+ {

+ "status": "working",

+ "submittedDateTime": null,

+ "unsubmittedDateTime": null,

+ "returnedDateTime": null,

+ "reassignedDateTime": null,

+ "excusedDateTime": null,

+ "lastModifiedDateTime": "2024-08-26T15:57:23.5476513Z",

+ "resourcesFolderUrl": null,

+ "webUrl": "https://teams.microsoft.com/l/entity/66aeee93-507d-479a-a3ef-8f494af43945/classroom?context=%7B%22subEntityId%22%3A%22%7B%5C%22version%5C%22%3A%5C%221.0%5C%22,%5C%22config%5C%22%3A%7B%5C%22classes%5C%22%3A%5B%7B%5C%22id%5C%22%3A%5C%2237d99af7-cfc5-4e3b-8566-f7d40e4a2070%5C%22,%5C%22assignmentIds%5C%22%3A%5B%5C%223d2fcfd4-cb6a-4e31-aa63-16ca865e9014%5C%22%5D,%5C%22submissionId%5C%22%3A%5C%227e2e0656-2bf4-1f95-b4b0-967f516340cd%5C%22%7D%5D%7D,%5C%22action%5C%22%3A%5C%22navigate%5C%22,%5C%22view%5C%22%3A%5C%22speed-grader%5C%22,%5C%22appId%5C%22%3A%5C%22de8bc8b5-d9f9-48b1-a8ad-b748da725064%5C%22%7D%22,%22channelId%22%3Anull%7D",

+ "id": "7e2e0656-2bf4-1f95-b4b0-967f516340cd",

+ "recipient": {

+ "@odata.type": "#microsoft.graph.educationSubmissionIndividualRecipient",

+ "userId": "80cefd93-8d88-40e2-b5d3-67898383e226"

+ },

+ "submittedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "80cefd93-8d88-40e2-b5d3-67898383e226",

+ "displayName": null

+ }

+ },

+ "unsubmittedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "returnedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "reassignedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "excusedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "lastModifiedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "5e3ce6c0-2b1f-4285-8d4b-75ee78787346",

+ "displayName": null

+ }

+ }

+ }

+ ]

+}

+```

+### Example 5: Get recently modified submissions with `$orderby` and `$top` options

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "get_educationclass_getrecentlymodifiedsubmissions_orderby_top"

+}-->

+```msgraph-interactive

+GET https://graph.microsoft.com/beta/education/classes/bf1f1963-05f6-4cba-903c-5892b4ce3bd7/getRecentlyModifiedSubmissions?$orderby=lastModifiedDateTime&$top=1

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.educationSubmission)"

+} -->

+```http

+HTTP/1.1 200 OK

+Content-type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.educationSubmission)",

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET education/classes('<guid>')/microsoft.graph.getRecentlyModifiedSubmissions?$select=excusedBy,excusedDateTime",

+ "value": [

+ {

+ "status": "working",

+ "submittedDateTime": null,

+ "unsubmittedDateTime": null,

+ "returnedDateTime": null,

+ "reassignedDateTime": null,

+ "excusedDateTime": null,

+ "lastModifiedDateTime": "2024-08-26T15:57:23.2992323Z",

+ "resourcesFolderUrl": null,

+ "webUrl": "https://teams.microsoft.com/l/entity/66aeee93-507d-479a-a3ef-8f494af43945/classroom?context=%7B%22subEntityId%22%3A%22%7B%5C%22version%5C%22%3A%5C%221.0%5C%22,%5C%22config%5C%22%3A%7B%5C%22classes%5C%22%3A%5B%7B%5C%22id%5C%22%3A%5C%2237d99af7-cfc5-4e3b-8566-f7d40e4a2070%5C%22,%5C%22assignmentIds%5C%22%3A%5B%5C%223d2fcfd4-cb6a-4e31-aa63-16ca865e9014%5C%22%5D,%5C%22submissionId%5C%22%3A%5C%223b03a85c-6021-8e5c-fc07-c4ac6d3506d3%5C%22%7D%5D%7D,%5C%22action%5C%22%3A%5C%22navigate%5C%22,%5C%22view%5C%22%3A%5C%22speed-grader%5C%22,%5C%22appId%5C%22%3A%5C%22de8bc8b5-d9f9-48b1-a8ad-b748da725064%5C%22%7D%22,%22channelId%22%3Anull%7D",

+ "id": "3b03a85c-6021-8e5c-fc07-c4ac6d3506d3",

+ "recipient": {

+ "@odata.type": "#microsoft.graph.educationSubmissionIndividualRecipient",

+ "userId": "2d20b7fc-43bd-459c-81e0-5eb4aa20d5b5"

+ },

+ "submittedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "2d20b7fc-43bd-459c-81e0-5eb4aa20d5b5",

+ "displayName": null

+ }

+ },

+ "unsubmittedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "returnedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "reassignedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "excusedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "lastModifiedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "5e3ce6c0-2b1f-4285-8d4b-75ee78787346",

+ "displayName": null

+ }

+ }

+ }

+ ]

+}

+```

+### Example 6: Get recently modified submissions with `$select` option

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "get_educationclass_getrecentlymodifiedsubmissions_select"

+}-->

+```msgraph-interactive

+GET https://graph.microsoft.com/beta/education/classes/bf1f1963-05f6-4cba-903c-5892b4ce3bd7/getRecentlyModifiedSubmissions?$select=excusedDateTime

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.educationSubmission)"

+} -->

+```http

+HTTP/1.1 200 OK

+Content-type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.educationSubmission)",

+ "value": [

+ {

+ "excusedDateTime": "2024-08-26T16:00:17.535348Z"

+ },

+ {

+ "excusedDateTime": "2024-08-26T16:00:17.4698345Z"

+ },

+ {

+ "excusedDateTime": null

+ }

+ ]

+}

+```

+### Example 7: Get recently modified submissions with `$filter` option for a range on lastModifiedDateTime property

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "get_educationclass_getrecentlymodifiedsubmissions_filter_range"

+}-->

+```msgraph-interactive

+GET https://graph.microsoft.com/beta/education/classes/bf1f1963-05f6-4cba-903c-5892b4ce3bd7/getRecentlyModifiedSubmissions?$filter=lastModifiedDateTime gt 2024-08-25T20:45:51.3485047Z and lastModifiedDateTime lt 2024-08-28T20:45:51.3485047Z

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+>**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.educationSubmission)"

+} -->

+```http

+HTTP/1.1 200 OK

+Content-type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.educationSubmission)",

+ "@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET education/classes('<guid>')/microsoft.graph.getRecentlyModifiedSubmissions?$select=excusedBy,excusedDateTime",

+ "value": [

+ {

+ "status": "working",

+ "submittedDateTime": null,

+ "unsubmittedDateTime": null,

+ "returnedDateTime": null,

+ "reassignedDateTime": null,

+ "excusedDateTime": null,

+ "lastModifiedDateTime": "2024-08-26T20:45:51.3485047Z",

+ "resourcesFolderUrl": null,

+ "webUrl": "https://teams.microsoft.com/l/entity/66aeee93-507d-479a-a3ef-8f494af43945/classroom?context=%7B%22subEntityId%22%3A%22%7B%5C%22version%5C%22%3A%5C%221.0%5C%22,%5C%22config%5C%22%3A%7B%5C%22classes%5C%22%3A%5B%7B%5C%22id%5C%22%3A%5C%2237d99af7-cfc5-4e3b-8566-f7d40e4a2070%5C%22,%5C%22assignmentIds%5C%22%3A%5B%5C%2273b252e5-5f2c-42d6-8896-bfe924ce5fe9%5C%22%5D,%5C%22submissionId%5C%22%3A%5C%225af42a11-37cc-c144-fa4c-7db855942011%5C%22%7D%5D%7D,%5C%22action%5C%22%3A%5C%22navigate%5C%22,%5C%22view%5C%22%3A%5C%22speed-grader%5C%22,%5C%22appId%5C%22%3A%5C%22de8bc8b5-d9f9-48b1-a8ad-b748da725064%5C%22%7D%22,%22channelId%22%3Anull%7D",

+ "id": "5af42a11-37cc-c144-fa4c-7db855942011",

+ "recipient": {

+ "@odata.type": "#microsoft.graph.educationSubmissionIndividualRecipient",

+ "userId": "e5c17181-ad7e-4a66-86bf-b560ce0c8b29"

+ },

+ "submittedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "e5c17181-ad7e-4a66-86bf-b560ce0c8b29",

+ "displayName": null

+ }

+ },

+ "unsubmittedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "returnedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "reassignedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "excusedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ }

+ },

+ "lastModifiedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": "7254e396-868c-4bf7-96b2-6fe763590b5a",

+ "displayName": null

+ }

+ }

+ }

+ ]

+}

+```

+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79

+2024-08-18 14:57:30 UTC -->

+<!--

+{

+ "type": "#page.annotation",

+ "description": "Get educationSubmission recentlymodifiedsubmission",

+ "keywords": "",

+ "section": "documentation",

+ "tocPath": "",

+ "suppressions": []

+}

+-->

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('37d99af7-cfc5-4e3b-8566-f7d40e4a2070')/assignments('a3cce0ba-2008-4c4d-bf62-079408562d96')/submissions('2185e6d7-2924-4ed1-dde1-269f89e29184')/outcomes/$entity",

+ "lastModifiedDateTime": "2024-08-14T06:50:11.6979503Z",

+ "id": "b7e92489-91b6-4734-ab5c-b1370862e4a2",

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "createdDateTime": "2024-08-14T06:50:11.6979432Z",

+ "lastModifiedDateTime": "2024-08-14T06:50:11.6979503Z",

+ "fileUrl": "https://graph.microsoft.com/v1.0/drives/b!-Ik2sRPLDEWy_bR8l75jfeDcpXQcRKVOmcml10NQLQ1F8CNZWU38SarWxPyWM7jx/items/01VANVJQZ6GPYK2SPEXRDKILMSBSL5KNKM",

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+PATCH https://graph.microsoft.com/beta/education/classes/bf1f1963-05f6-4cba-903c-5892b4ce3bd7/assignments/db8e6b0b-dba4-4c69-81b2-9ba7313c0b7a/submissions/4bca096a-7de3-8675-5e86-2fa149923860/outcomes/ca05367a-b292-42d5-aff7-5d279feeace8

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('bf1f1963-05f6-4cba-903c-5892b4ce3bd7')/assignments('db8e6b0b-dba4-4c69-81b2-9ba7313c0b7a')/submissions('4bca096a-7de3-8675-5e86-2fa149923860')/outcomes/$entity",

+ "lastModifiedDateTime": "2024-08-14T06:37:17.7703021Z",

+ "publishedFeedback": null,

+ "application": null,

+ "device": null,

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "displayName": null

+ "feedbackDateTime": "2024-08-14T06:37:17.7703021Z",

+ "application": null,

+ "device": null,

+ "id": "fffafb29-e8bc-4de3-8106-be76ed2ad499",

+ "displayName": null

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+This method supports the `$select` and `$orderby` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).

+You can use `$orderby` with the following properties of the [educationSubmission](../resources/educationsubmission.md) resource: **excusedDateTime**, **reassignedDateTime**, **returnedDateTime**, **status**, **submittedDateTime**, and **unsubmittedDateTime**.

+GET https://graph.microsoft.com/beta/education/classes/bf1f1963-05f6-4cba-903c-5892b4ce3bd7/assignments/db8e6b0b-dba4-4c69-81b2-9ba7313c0b7a/submissions/4bca096a-7de3-8675-5e86-2fa149923860/outcomes

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#education/classes('bf1f1963-05f6-4cba-903c-5892b4ce3bd7')/assignments('db8e6b0b-dba4-4c69-81b2-9ba7313c0b7a')/submissions('4bca096a-7de3-8675-5e86-2fa149923860')/outcomes",

+ "lastModifiedDateTime": null,

+ "lastModifiedBy": null,

+ "feedback": null,

+ "publishedFeedback": null

+ },

+ {

+ "@odata.type": "#microsoft.graph.educationPointsOutcome",

+ "lastModifiedDateTime": null,

+ "id": "ea1351f6-ba33-4940-b2cb-6a7254af2dc8",

+ "lastModifiedBy": null,

+ "points": null,

+ "publishedPoints": null

+ },

+ {

+ "@odata.type": "#microsoft.graph.educationRubricOutcome",

+ "lastModifiedDateTime": "2024-08-14T05:47:41.8399565Z",

+ "id": "65a46d78-1a2b-4a7e-bcf8-78a22ac2611b",

+ "lastModifiedBy": {

+ "application": null,

+ "device": null,

+ "user": {

+ "id": null,

+ "displayName": null

+ "rubricQualityFeedback": [

+ {

+ "qualityId": "6b9eccdd-ae31-474d-9ab5-33ba885873f9",

+ "feedback": null

+ {

+ "qualityId": "0fdf030a-2e52-4ea4-b321-74091cef90b0",

+ "feedback": null

+ },

+ {

+ "qualityId": "8fdacfb6-0e28-4bce-9153-3196fbcc0eaa",

+ "feedback": null

+ ],

+ "rubricQualitySelectedLevels": [

+ {

+ "qualityId": "6b9eccdd-ae31-474d-9ab5-33ba885873f9",

+ "columnId": null

+ },

+ {

+ "qualityId": "0fdf030a-2e52-4ea4-b321-74091cef90b0",

+ "columnId": null

+ },

+ {

+ "qualityId": "8fdacfb6-0e28-4bce-9153-3196fbcc0eaa",

+ "columnId": null

+ }

+ ],

+ "publishedRubricQualityFeedback": [

+ {

+ "qualityId": "6b9eccdd-ae31-474d-9ab5-33ba885873f9",

+ "feedback": null

+ },

+ {

+ "qualityId": "0fdf030a-2e52-4ea4-b321-74091cef90b0",

+ "feedback": null

+ },

+ {

+ "qualityId": "8fdacfb6-0e28-4bce-9153-3196fbcc0eaa",

+ "feedback": null

+ }

+ ],

+ "publishedRubricQualitySelectedLevels": [

+ {

+ "qualityId": "6b9eccdd-ae31-474d-9ab5-33ba885873f9",

+ "columnId": null

+ },

+ {

+ "qualityId": "0fdf030a-2e52-4ea4-b321-74091cef90b0",

+ "columnId": null

+ },

+ {

+ "qualityId": "8fdacfb6-0e28-4bce-9153-3196fbcc0eaa",

+ "columnId": null

+ }

+ ]

+ "lastModifiedDateTime": "2022-05-06T00:52:17.3180275Z",

+ "id": "0710aeea-590d-46b4-9eb8-1c08b6549677",

+ "displayName": "Document3.docx",

+ "createdDateTime": "2022-05-06T00:52:17.3180176Z",

+ "lastModifiedDateTime": "2022-05-06T00:52:17.3180275Z",

+ "fileUrl": "https://graph.microsoft.com/v1.0/drives/b!-Ik2sRPLDEWy_bR8l75jfeDcpXQcRKVOmcml10NQLQ1F8CNZWU38SarWxPyWM7jx/items/01VANVJQ563EMEMHRTBBH2SOZ4GDSNEUZK",

+ "truncated": true,

+ "blockType": "response",

+ "truncated": true,

+| Authorization | Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+All [properties](../resources/educationassignment.md#properties) are supported by the `$filter` query parameter.

+You can use `$orderby` with the following properties of the [educationAssignment](../resources/educationassignment.md) resource: **assignDateTime**, **assignedDateTime**, **closeDateTime**, **createdDateTime**, **displayName**, **dueDateTime**, **lastModifiedDateTime**, and **status**.

+description: "Create a new accessPackageCatalog object."

+In [Microsoft Entra Entitlement Management](../resources/entitlementmanagement-overview.md), create a new [accessPackageAssignmentRequest](../resources/accesspackageassignmentrequest.md) object. This operation is used to assign a user to an access package, update the assignment, or to remove an access package assignment.

+If the request type is `adminAdd` for this request, then an [accessPackageAssignment](../resources/accesspackageassignment.md) and, if needed, an [accessPackageSubject](../resources/accesspackagesubject.md) are also created. You can locate those objects using the query parameters when [listing accessPackageAssignments](entitlementmanagement-list-accesspackageassignments.md).

+### Example 5: Request a package on behalf of a direct employee

+The following example shows how a manager can request an access package assignment on behalf of their direct employee.

+> [!NOTE]

+> The requestor (manager) is extracted from the token, and the target object is determined by the `id` of the direct employee who is receiving access.

+#### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "update_accesspackageassignmentrequest_request_behalf"

+}-->

+```http

+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/assignmentRequests

+Content-type: application/json

+{

+ "assignment": {

+ "accessPackageId": "5b98f958-0dea-4a5b-836e-109dccbd530c",

+ "schedule": {

+ "startDateTime": null,

+ "stopDateTime": null

+ },

+ "assignmentPolicyId": "c5f7847f-83a8-4315-a754-d94a6f39b875",

+ "target": {

+ "displayName": "Idris Ibrahim",

+ "email": "IdrisIbrahim@woodgrovebank.com",

+ "objectId": "21aceaba-fe13-4e3b-aa8c-4c588d5e7387",

+ "subjectType": "user"

+ }

+ },

+ "justification": "Access for direct employee",

+ "requestType": "UserAdd",

+ "answers": []

+}

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+#### Response

+The following example shows the response.

+> **Note:** The response object shown here might be shortened for readability. All the properties are returned from an actual call.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequest"

+} -->

+```http

+HTTP/1.1 201 Created

+Content-type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#identityGovernance/entitlementManagement/assignmentRequests/$entity",

+ "id": "445a3118-6bf2-4a19-94ad-5660295963fd",

+ "requestType": "userAdd",

+ "state": "submitted",

+ "status": "Accepted",

+ "createdDateTime": null,

+ "completedDateTime": null,

+ "schedule": {

+ "startDateTime": null,

+ "recurrence": null,

+ "expiration": {

+ "endDateTime": null,

+ "duration": null,

+ "type": "notSpecified"

+ }

+ },

+ "answers": [],

+ "customExtensionCalloutInstances": []

+}

+```

+### Example 6: Admin requests a direct assignment for a user not yet in the directory

+### Example 7: Request an update to answers for an assignment

+### Example 8: Update the expiration date for an access package assignment

+### Example 1: Create a connected organization

+### Example 2: Create a connected organization with an identitySource based on a tenant ID

+This example shows creating a connected organization with an identity source based on a tenant ID. The tenant ID can be found, by the domain name, using the [tenantRelationship: findTenantInformationByDomainName](../api/tenantrelationship-findtenantinformationbydomainname.md) call.

+### Request

+<!-- {

+ "blockType": "request",

+ "name": "create_connectedorganization_from_connectedorganizations_based_on_tenantID"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/connectedOrganizations/

+Content-Type: application/json

+{

+ "displayName":"Connected organization name",

+ "description":"Connected organization description",

+ "identitySources": [

+ {

+ "@odata.type": "#microsoft.graph.azureActiveDirectoryTenant",

+ "displayName": "Contoso",

+ "tenantId": "aaaabbbb-0000-cccc-1111-dddd2222eeee"

+ }

+ ],

+ "state":"proposed"

+}

+```

+### Response

+**Note:** The response object shown here might be shortened for readability.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "microsoft.graph.connectedOrganization"

+}

+-->

+``` http

+HTTP/1.1 201 Created

+Content-type: application/json

+{

+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/entitlementManagement/connectedOrganizations/$entity",

+ "id": "922c86cf-65b8-4d94-b6a6-477dde331c7b",

+ "displayName": "Connected organization name",

+ "description": "Connected organization description",

+ "createdDateTime": "2024-10-29T21:55:39.6051923Z",

+ "modifiedDateTime": "2024-10-29T21:55:39.6051923Z",

+ "state": "proposed",

+ "identitySources": []

+}

+```

+ Title: "event: permanentDelete"

+description: "Permanently delete an event and place it in the Purges folder in the dumpster in the user's mailbox."

+ms.localizationpriority: high

+# event: permanentDelete

+Namespace: microsoft.graph

+Permanently delete an event and place it in the Purges folder in the dumpster in the user's mailbox. Email clients such as Outlook or the Outlook on the web can't access permanently deleted items. Unless there's a hold set on the mailbox, the items are permanently deleted after a set period of time.

+For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+>**Note:** Folders aren't placed in the Purges folder when they are permanently deleted. Permanently deleted folders are removed from the mailbox.

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "event_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /users/{usersId}/events/{eventId}/permanentDelete

+POST /groups/{groupsId}/events/{eventId}/permanentDelete

+POST /users/{usersId}/calendarView/{eventId}/permanentDelete

+POST /groups/{groupsId}/calendarView/{eventId}/permanentDelete

+POST /users/{usersId}/messages/{messageId}/event/permanentDelete

+POST /users/{usersId}/messages/{messageId}/event/instances/{eventId}/permanentDelete

+POST /users/{usersId}/messages/{messageId}/event/calendar/events/{eventId}/permanentDelete

+POST /users/{usersId}/messages/{messageId}/event/exceptionOccurrences/{eventId}/permanentDelete

+POST /users/{usersId}/messages/{messageId}/event/calendar/calendarView/{eventId}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "eventthis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/users/{usersId}/events/{eventId}/permanentDelete

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+ Title: "eventMessage: permanentDelete"

+description: "Permanently delete an event message and place it in the Purges folder in the user's mailbox."

+ms.localizationpriority: high

+# eventMessage: permanentDelete

+Namespace: microsoft.graph

+Permanently delete an event message and place it in the Purges folder in the user's mailbox. Email clients such as Outlook or the Outlook on the web can't access permanently deleted items. Unless there's a hold set on the mailbox, the items are permanently deleted after a set period of time.

+For more information about item retention, see [Configure Deleted Item retention and Recoverable Items quotas](/exchange/configure-deleted-item-retention-and-recoverable-items-quotas-exchange-2013-help).

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "eventmessage_permanentdelete" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+POST /me/messages/{id}/permanentDelete

+POST /users/{id | userPrincipalName}/messages/{id}/permanentDelete

+POST /me/mailFolders/{id}/messages/{id}/permanentDelete

+POST /users/{id | userPrincipalName}/mailFolders/{id}/messages/{id}/permanentDelete

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this action returns a `204 No Content` response code.

+## Examples

+### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "eventmessagethis.permanentdelete"

+}

+-->

+``` http

+POST https://graph.microsoft.com/beta/me/messages/{id}/permanentDelete

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [PowerShell](#tab/powershell)

+# [Python](#tab/python)

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true

+}

+-->

+``` http

+HTTP/1.1 204 No Content

+```

+ Title: "List mailboxProtectionUnitsBulkAdditionJobs"

+description: "List mailboxProtectionUnitsBulkAdditionJobs in an Exchange protection policy."

+ms.localizationpriority: medium

+# List mailboxProtectionUnitsBulkAdditionJobs

+Namespace: microsoft.graph

+Get a list of [mailboxProtectionUnitsBulkAdditionJobs](../resources/mailboxprotectionunitsbulkadditionjob.md) objects associated with an [exchangeProtectionPolicy](../resources/exchangeprotectionpolicy.md).

+## Permissions

+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

+<!-- { "blockType": "permissions", "name": "exchangeprotectionpolicy_list_mailboxprotectionunitsbulkadditionjobs" } -->

+## HTTP request

+<!-- {

+ "blockType": "ignored"

+}

+-->

+``` http

+GET /solutions/backupRestore/exchangeProtectionPolicies/{exchangeProtectionPolicyId}/mailboxProtectionUnitsBulkAdditionJobs

+```

+## Request headers

+|Name|Description|

+|:|:|

+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|

+## Request body

+Don't supply a request body for this method.

+## Response

+If successful, this method returns a `200 OK` response code and a list of [mailboxProtectionUnitsBulkAdditionJob](../resources/mailboxprotectionunitsbulkadditionjob.md) objects in the response body.

+The `mailboxes` and `directoryObjectIds` fields are omitted from the response body in order to limit the response size.

+## Examples

+### Request

+The following example shows a request.

+# [HTTP](#tab/http)

+<!-- {

+ "blockType": "request",

+ "name": "exchangeprotectionpolicy_list_mailboxprotectionunitsbulkadditionjobs"

+}

+-->

+``` http

+GET https://graph.microsoft.com/beta/solutions/backupRestore/exchangeProtectionPolicies/71633878-8321-4950-bfaf-ed285bdd1461/mailboxProtectionUnitsBulkAdditionJobs

+```

+# [C#](#tab/csharp)

+# [CLI](#tab/cli)

+# [Go](#tab/go)

+# [Java](#tab/java)

+# [JavaScript](#tab/javascript)

+# [PHP](#tab/php)

+# [Python](#tab/python)

+### Response

+The following example shows the response.

+<!-- {

+ "blockType": "response",

+ "truncated": true,

+ "@odata.type": "Collection(microsoft.graph.mailboxProtectionUnitsBulkAdditionJob)"

+}

+-->

+``` http

+HTTP/1.1 200 OK

+Content-Location: https://graph.microsoft.com/beta/solutions/backupRestore/exchangeProtectionPolicies/71633878-8321-4950-bfaf-ed285bdd1461/mailboxProtectionUnitsBulkAdditionJobs

+{

+ "@odata.type": "#collection(microsoft.graph.mailboxProtectionUnitsBulkAdditionJob)",

+ "@odata.context": "/solutions/backupRestore/exchangeProtectionPolicies('71633878-8321-4950-bfaf-ed285bdd1461')/mailboxProtectionUnitsBulkAdditionJobs",

+ "@odata.nextLink": "/solutions/backupRestore/exchangeProtectionPolicies/71633878-8321-4950-bfaf-ed285bdd1461/mailboxProtectionUnitsBulkAdditionJobs?$top=3&$skiptoken=M2UyZDAwMDAwMDMxMzkzYTMyNjQ2MTM0NjMzMjM5NjYzNjY0MzczMDM0MzE2NTYzNjEzNzMwNjIzNjMzMzg2MjM0MzM2NDM0MzUzNDMzMzc0MDc0Njg3MjY1NjE2NDJlNzYzMjAxZThmYjY4M2Y3ODAxMDAwMDg4NjA5ODdhNzgwMTAwMDB8MTYxNjk2NDUwOTgzMg%3d%3d",

+ "value":

+ [

+ {

+ "@odata.type": "#microsoft.graph.mailboxProtectionUnitsBulkAdditionJob",

+ "displayName" : "Mailbox-I",

+ "id":"61633878-8321-4950-bfaf-ed285bdd1461",

+ "status" : "Completed",

+ "createdBy":{

+ "application":{

+ "id":"1fec8e78-bce4-4aaf-ab1b-5451cc387264"

+ },

+ "user":{

+ "id":"845457dc-4bb2-4815-bef3-8628ebd1952e"

+ }

+ },

+ "createdDateTime":"2015-06-19T12-01-03.45Z",

+ "lastModifiedBy":{

+ "application":{

+ "id":"1fec8e78-bce4-4aaf-ab1b-5451cc387264"

+ },

+ "user":{

+ "id":"845457dc-4bb2-4815-bef3-8628ebd1952e"

+ }

+ },

+ "lastModifiedDateTime":"2015-06-19T12-01-03.45Z"

+ },

+ {

+ "@odata.type": "#microsoft.graph.mailboxProtectionUnitsBulkAdditionJob",

+ "id":"61633878-8321-4950-bfaf-ed285bdd1461",

+ "displayName" : "Mailbox-II",

+ "status" : "CompletedWithErrors",

+ "createdBy":{

+ "application":{

+ "id":"1fec8e78-bce4-4aaf-ab1b-5451cc387264"

+ },

+ "user":{

+ "id":"845457dc-4bb2-4815-bef3-8628ebd1952e"

+ }

+ },

+ "createdDateTime":"2015-06-19T12-01-03.45Z",

+ "lastModifiedBy":{

+ "application":{

+ "id":"1fec8e78-bce4-4aaf-ab1b-5451cc387264"

+ },

+ "user":{

+ "id":"845457dc-4bb2-4815-bef3-8628ebd1952e"

+ }

+ },

+ "lastModifiedDateTime":"2015-06-19T12-01-03.45Z",

+ "error":{

+ "code" : "ProtectionResourcesNotFound",

+ "message": "Errors while resolving protection resources",

+ "details":

+ [

+ {

+ "code": "EmailNotFound",

+ "message": "Email address 'test1@microsoft.com' not found in directory",

+ "target" : "test1@microsoft.com"

+ },

+ {

+ "code": "EmailNotFound",

+ "message": "Email address 'test2@microsoft.com' not found in directory",

+ "target" : "test2@microsoft.com"

+ },

+ {

+ "code": "EmailNotFound",

+ "message": "Email address 'test3@microsoft.com' not found in directory",

+ "target" : "test3@microsoft.com"

+ }

+ ]

+ }

+ }

+ ]

+}

+```