Updates from: 03/15/2022 02:25:56
Service Microsoft Docs article Related commit history on GitHub Change details
v1.0 Accesspackageassignmentpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentpolicy-get.md
If successful, this method returns a `200 OK` response code and the requested [a
## Examples
-### Request
+### Example 1: Retrieve a policy
+
+#### Request
The following is an example of the request.
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies/{id}
+GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies/b2eba9a1-b357-42ee-83a8-336522ed6cbf
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/get-accesspackageassignmentpolicy-csharp-snippets.md)]
GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/ac
-### Response
+#### Response
The following is an example of the response.
Content-type: application/json
} ```
+### Example 2: Retrieve the custom extension handlers for a policy
+
+#### Request
+
+The following is an example of a request to retrieve the collection of custom extension handlers that are defined for a policy and their associated custom workflow extension.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_accesspackageassignmentpolicy_expand_customextensionhandlers"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies/4540a08f-8ab5-43f6-a923-015275799197?$expand=customExtensionHandlers($expand=customExtension)
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++
+#### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentPolicy"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "id": "4540a08f-8ab5-43f6-a923-015275799197",
+ "displayName": "policy with custom access package workflow extension",
+ "description": "Run specified custom access package workflow extension at different stages.",
+ "canExtend": true,
+ "durationInDays": 0,
+ "expirationDateTime": null,
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "accessReviewSettings": null,
+ "requestorSettings": {
+ "scopeType": "AllExistingDirectorySubjects",
+ "acceptRequests": true,
+ "allowedRequestors": []
+ },
+ "requestApprovalSettings": {
+ "isApprovalRequired": false,
+ "isApprovalRequiredForExtension": false,
+ "isRequestorJustificationRequired": false,
+ "approvalMode": "NoApproval",
+ "approvalStages": []
+ },
+ "customExtensionHandlers": [
+ {
+ "id": "5a38d27a-b702-48d9-ac72-dcf158ba1b0d",
+ "stage": "assignmentRequestCreated",
+ "customExtension": {
+ "id": "219f57b6-7983-45a1-be01-2c228b7a43f8",
+ "displayName": "test_action_1",
+ "description": "Test logic app",
+ "createdDateTime": "2022-01-11T05:19:16.97Z",
+ "lastModifiedDateTime": "2022-01-11T05:19:16.97Z",
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId": "38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName": "resourcegroup",
+ "logicAppWorkflowName": "customextension_test"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "f604bd15-f785-4309-ad7c-6fad18ddb6cb"
+ }
+ }
+ }
+ ]
+}
+```
+ <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98 2019-02-04 14:57:30 UTC --> <!-- {
v1.0 Accesspackageassignmentpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentpolicy-update.md
The following table shows the properties that are required when you update an [a
If successful, this method returns a `200 OK` response code and an updated [accessPackageAssignmentPolicy](../resources/accesspackageassignmentpolicy.md) object in the response body. - ## Examples
-### Request
+### Example 1: Update the details of a policy
+
+#### Request
In this policy update, one of the options for the multiple choice question was removed. Future requestors will no longer have the removed option available to them.
Content-Type: application/json
-### Response
+#### Response
> **Note:** The response object shown here might be shortened for readability. <!-- { "blockType": "response",
Content-Type: application/json
} ``` ++
+### Example 2: Remove the customExtensionHandlers from a policy
+
+To remove the collection of **customExtensionHandlers** and their associated custom workflow extension objects from a policy, assign an empty collection to the **customExtensionHandlers** object.
+
+#### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_accesspackageassignmentpolicy_delete_customExtensionHandlers"
+}
+-->
+
+```http
+PUT https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies/4540a08f-8ab5-43f6-a923-015275799197
+Content-Type: application/json
+
+{
+ "id": "4540a08f-8ab5-43f6-a923-015275799197",
+ "displayName": "policy with custom access package workflow extension",
+ "description": "Run specified custom access package workflow extension at different stages.",
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "expiration": {
+ "type": "afterDuration",
+ "duration": "P365D"
+ },
+ "requestApprovalSettings": null,
+ "requestorSettings": {
+ "acceptRequests": true,
+ "scopeType": "AllExistingDirectorySubjects",
+ "allowedRequestors": []
+ },
+ "accessReviewSettings": null,
+ "customExtensionHandlers": []
+}
+```
+# [JavaScript](#tab/javascript)
++++++
+#### Response
+> **Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentPolicy"
+}
+-->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "id": "4540a08f-8ab5-43f6-a923-015275799197",
+ "displayName": "policy with custom access package workflow extension",
+ "description": "Run specified custom access package workflow extension at different stages.",
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "expiration": {
+ "type": "afterDuration",
+ "duration": "P365D"
+ },
+ "requestApprovalSettings": null,
+ "requestorSettings": {
+ "acceptRequests": true,
+ "scopeType": "AllExistingDirectorySubjects",
+ "allowedRequestors": []
+ },
+ "accessReviewSettings": null
+}
+```
+ <!-- { "type": "#page.annotation",
v1.0 Accesspackageassignmentrequest Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentrequest-get.md
HTTP/1.1 200 OK
Content-type: application/json {
- "id": "433dafca-5047-4614-95f7-a03510b1ded3",
- "requestType": "AdminAdd",
- "requestState": "Delivered",
- "requestStatus": "Fulfilled",
- "isValidationOnly": false,
- "createdDateTime": "2019-10-25T22:55:11.623Z"
+ "id": "c0cfd117-f90e-4f48-8226-e282a2ae752c",
+ "requestType": "UserAdd",
+ "requestState": "delivered",
+ "requestStatus": "Delivered",
+ "createdDateTime": "2022-01-07T00:51:12.817Z",
+ "completedDate": "2022-01-07T00:53:15.127Z",
+ "schedule": {
+ "startDateTime": null,
+ "recurrence": null,
+ "expiration": {
+ "endDateTime": null,
+ "duration": null,
+ "type": "notSpecified"
+ }
+ },
+ "customExtensionHandlerInstances": [
+ {
+ "status": "requestReceived",
+ "externalCorrelationId": "08585600902100964604743022906CU13",
+ "customExtensionId": "e59ef33d-7bc4-4b15-8d3c-01153de8a498",
+ "stage": "assignmentRequestCreated"
+ }
+ ]
} ```
v1.0 Accesspackagecatalog List Customaccesspackageworkflowextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-list-customaccesspackageworkflowextensions.md
+
+ Title: "List customAccessPackageWorkflowExtensions"
+description: "Get a list of the customAccessPackageWorkflowExtension objects and their properties."
+
+ms.localizationpriority: medium
++
+# List customAccessPackageWorkflowExtensions
+Namespace: microsoft.graph
++
+Get a list of the [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) objects and their properties. The resulting list includes all the **customAccessPackageWorkflowExtension** objects for the catalog that the caller has access to read.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.Read.All EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions
+```
+
+## Optional query parameters
+This method supports the `$select` and `$filter` OData query parameters to help customize the response. For example, to search for access packages with a particular name, include a filter such as `$filter=contains(tolower(displayName),'team')` in the query. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) objects in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_customaccesspackageworkflowextension"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/customAccessPackageWorkflowExtensions
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.customAccessPackageWorkflowExtension)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/customAccessPackageWorkflowExtensions",
+ "value": [
+ {
+ "id": "98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName": "test_action_0124",
+ "description": "this is for graph testing only",
+ "createdDateTime": "2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime": "2022-01-24T21:55:44.953Z",
+ "clientConfiguration": null,
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId": "38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName": "test",
+ "logicAppWorkflowName": "elm-extension-email"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "eed6dee9-7ff7-44a5-8980-c11e8886cea2"
+ }
+ }
+ ]
+}
+```
v1.0 Accesspackagecatalog Post Customaccesspackageworkflowextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-post-customaccesspackageworkflowextensions.md
+
+ Title: "Create customAccessPackageWorkflowExtensions"
+description: "Create a new customAccessPackageWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Create customAccessPackageWorkflowExtensions
+Namespace: microsoft.graph
++
+Create a new [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object and add it to an existing [accessPackageCatalog](../resources/accesspackagecatalog.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.
+
+You can specify the following properties when creating a **customAccessPackageWorkflowExtension**.
+
+|Property|Type|Description|
+|:|:|:|
+|description|String|Description for the customAccessPackageWorkflowExtension object.|
+|displayName|String|Display name for the customAccessPackageWorkflowExtension.|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow.|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow.|
+++
+## Response
+
+If successful, this method returns a `201 Created` response code and a [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_customaccesspackageworkflowextension_from_"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/customAccessPackageWorkflowExtensions
+Content-Type: application/json
+
+{
+ "displayName": "test_action_0124",
+ "description": "this is for graph testing only",
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId": "38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName": "EMLogicApp",
+ "logicAppWorkflowName": "customextension_test"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "f604bd15-f785-4309-ad7c-6fad18ddb6cb"
+ }
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.customAccessPackageWorkflowExtension"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "id": "98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName": "test_action_0124",
+ "description": "this is for graph testing only",
+ "createdDateTime": "2022-01-24T21:48:57.1483656Z",
+ "lastModifiedDateTime": "2022-01-24T21:48:57.1483656Z",
+ "clientConfiguration": null,
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId": "38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName": "EMLogicApp",
+ "logicAppWorkflowName": "customextension_test"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "f604bd15-f785-4309-ad7c-6fad18ddb6cb"
+ }
+}
+```
+
v1.0 Accessreviewhistorydefinition List Instances https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewhistorydefinition-list-instances.md
Content-Type: application/json
"value": [ { "id": "61a617dd-238f-4037-8fa5-d800e515f5bc",
- "status": "Done",
+ "status": "done",
"reviewHistoryPeriodStartDate": "2021-02-01T00:00:00Z", "reviewHistoryPeriodEndDate": "2021-03-01T00:00:00Z", "fulfilledDateTime": "2021-03-01T01:38:15.7998393Z",
v1.0 Accessreviewinstance List Decisions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewinstance-list-decisions.md
GET https://graph.microsoft.com/beta/identityGovernance/accessReviews/decisions/
[!INCLUDE [sample-code](../includes/snippets/powershell/list-accessreviewinstancedecisionitem-expand-powershell-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
v1.0 Accessreviewinstance List Stages https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewinstance-list-stages.md
If successful, this method returns a `200 OK` response code and a collection of
## Examples ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_accessreviewstage"
If successful, this method returns a `200 OK` response code and a collection of
``` http GET https://graph.microsoft.com/beta/identityGovernance/accessReviews/definitions/16d424f6-0100-4bf1-9ebc-fe009c5e5006/instances/bb14c722-51b8-4962-9bd2-1d96ba773d80/stages ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response >**Note:** The response object shown here might be shortened for readability.
v1.0 Accessreviewinstancedecisionitem Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewinstancedecisionitem-filterbycurrentuser.md
Content-Type: application/json
#### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "accessreviewinstancedecisionitem_filterbycurrentuser_2"
Content-Type: application/json
``` http GET https://graph.microsoft.com/beta/identityGovernance/accessReviews/definitions/0185aab8-9a7e-44b5-ae36-41b923c3bf87/instances/1234aab8-9a7e-5678-ae36-41b923c3bf87/stages/9458f255-dff2-4d86-9a05-69438f49d7f8/decisions/filterByCurrentUser(on='reviewer') ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response >**Note:** The response object shown here might be shortened for readability.
v1.0 Accessreviewinstancedecisionitem Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewinstancedecisionitem-get.md
Content-Type: application/json
### Example 2: Retrieve a decision from a stage of a multi-stage access review #### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_accessreviewstage_accessreviewinstancedecisionitem"
Content-Type: application/json
``` http GET https://graph.microsoft.com/beta/identityGovernance/accessReviews/definitions/5eac5a70-7cd7-4f20-92b0-f9dba70dd7f0/instances/6444d4fd-ab55-4608-8cf9-c6702d172bcc/stages/9458f255-dff2-4d86-9a05-69438f49d7f8/decisions/e6cafba0-cbf0-4748-8868-0810c7f4cc06 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ #### Response >**Note:** The response object shown here might be shortened for readability.
v1.0 Accessreviewset Post Definitions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewset-post-definitions.md
The following example creates an access review with the following settings:
#### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_accessReviewScheduleDefinition_group_multiStage"
Content-type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ #### Response >**Note:** The response object shown here might be shortened for readability.
v1.0 Accessreviewstage Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewstage-filterbycurrentuser.md
If successful, this function returns a `200 OK` response code and a [accessRevie
## Examples ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "accessreviewstage_filterbycurrentuser"
If successful, this function returns a `200 OK` response code and a [accessRevie
``` http GET https://graph.microsoft.com/beta/identityGovernance/accessReviews/definitions/08531375-eff6-4e21-b1a8-de0eb37ec913/instances/86889534-b102-4226-bfce-0c2aeee845df/stages/filterByCurrentUser(on='reviewer') ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response
v1.0 Accessreviewstage Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewstage-get.md
If successful, this method returns a `200 OK` response code and an [accessReview
## Examples ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_accessreviewstage"
If successful, this method returns a `200 OK` response code and an [accessReview
``` http GET https://graph.microsoft.com/beta/identityGovernance/accessReviews/definitions/6af553ce-104d-4842-ab5f-67d7b556e9dd/instances/9ea56d3c-8746-4cdf-9ccc-c7fe1a267c24/stages/839ecbd4-ba5d-4d32-8249-e734aac47adf ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response
v1.0 Accessreviewstage List Decisions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewstage-list-decisions.md
If successful, this method returns a `200 OK` response code and a collection of
## Examples ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_stage_accessreviewinstancedecisionitem"
If successful, this method returns a `200 OK` response code and a collection of
``` http GET https://graph.microsoft.com/beta/identityGovernance/accessReviews/definitions/16d424f6-0100-4bf1-9ebc-fe009c5e5006/instances/bb14c722-51b8-4962-9bd2-1d96ba773d80/stages/8f0a8999-205b-4c29-a68c-2bee353fd4c5/decisions ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response
v1.0 Accessreviewstage Stop https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewstage-stop.md
If successful, this action returns a `204 No Content` response code.
## Examples ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "accessreviewstage_stop"
If successful, this action returns a `204 No Content` response code.
``` http POST https://graph.microsoft.com/beta/identityGovernance/accessReviews/definitions/2b83cc42-09db-46f6-8c6e-16fec466a82d/instances/61a617dd-238f-4037-8fa5-d800e515f5bc/stages/5d431f4b-56f2-4a50-938b-fb1e4e2c91b9/stop ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response
v1.0 Accessreviewstage Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accessreviewstage-update.md
Attempting to remove existing **fallbackReviewers** returns a `409 Conflict` res
## Examples ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_accessreviewstage"
Content-Type: application/json
] } ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response
v1.0 Administrativeunit Delete Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-delete-members.md
Title: "Remove a member"
-description: "Use this API to remove a member (user or group) from an administrative unit."
+description: "Use this API to remove a member (user, group, or device) from an administrative unit."
ms.localizationpriority: medium ms.prod: "directory-management"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Use this API to remove a member (user or group) from an administrative unit.
+Use this API to remove a member (user, group, or device) from an administrative unit.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Do not supply a request body for this method.
If successful, this method returns `204 No Content` response code. It does not return anything in the response body. ## Example
-##### Request
-Here is an example of the request. In the example below, id1 represents the identifier for the target administrative unit, and id2 represents the unique identifier for the member user or group to be removed from the targetted administrative unit.
+### Request
+The following is an example of the request. In the example below, `{id1}` represents the identifier for the target administrative unit, and `{id2}` represents the unique identifier for the member user, group, or device to be removed from the target administrative unit.
-```http
+```msgraph-interactive
DELETE https://graph.microsoft.com/beta/administrativeUnits/{id1}/members/{id2}/$ref ```
-##### Response
-Here is an example of the response.
+### Response
+The following is an example of the response.
```http HTTP/1.1 204 No Content
v1.0 Administrativeunit Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-delete.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http DELETE /administrativeUnits/{id}- ``` ## Request headers | Name | Description|
Do not supply a request body for this method.
If successful, this method returns `204 No Content` response code. It does not return anything in the response body. ## Example
-##### Request
+### Request
Here is an example of the request. # [HTTP](#tab/http)
DELETE https://graph.microsoft.com/beta/administrativeUnits/{id}
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+Here is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true
v1.0 Administrativeunit Get Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-get-members.md
Title: "Get a member"
-description: "Use this API to get a specific member (user or group) in an administrative unit."
+description: "Use this API to get a specific member (user, group, or device) in an administrative unit."
ms.localizationpriority: medium ms.prod: "directory-management"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Use this API to get a specific member (user or group) in an administrative unit.
+Use this API to get a specific member (user, group, or device) in an administrative unit.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a [user](../resources/user.md) or [group](../resources/group.md) object in the response body.
+If successful, this method returns a `200 OK` response code and a [user](../resources/user.md), [group](../resources/group.md), or [device](../resources/device.md) object in the response body.
## Example
-##### Request
-Here is an example of the request.
+### Request
+The following is an example of the request.
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/administrativeUnits/{id}/members/{id} ```
-##### Response
-Here is an example of the respone. Note: The response object shown here might be shortened for readability.
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
```http HTTP/1.1 200 OK
v1.0 Administrativeunit Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-get.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http GET /administrativeUnits/{id}
+GET /directory/administrativeUnits/{id}
``` ## Optional query parameters This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.
Do not supply a request body for this method.
If successful, this method returns a `200 OK` response code and [administrativeUnit](../resources/administrativeunit.md) object in the response body. ## Example
-##### Request
+### Request
Here is an example of the request. # [HTTP](#tab/http)
Here is an example of the request.
"name": "get_administrativeunit" }--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/administrativeUnits/{id}
+GET https://graph.microsoft.com/beta/administrativeUnits/4d7ea995-bc0f-45c0-8c3e-132e93bf95f8
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/get-administrativeunit-csharp-snippets.md)]
GET https://graph.microsoft.com/beta/administrativeUnits/{id}
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+Here is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
HTTP/1.1 200 OK
Content-type: application/json {
- "displayName": "displayName-value",
- "description": "description-value",
- "visibility": "visibility-value",
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#administrativeUnits/$entity",
+ "id": "4d7ea995-bc0f-45c0-8c3e-132e93bf95f8",
+ "deletedDateTime": null,
+ "displayName": "Seattle District Technical Schools",
+ "description": "Seattle district technical schools administration",
+ "isMemberManagementRestricted": null,
+ "visibility": "HiddenMembership",
+ "membershipRule": null,
+ "membershipType": null,
+ "membershipRuleProcessingState": null
} ```
v1.0 Administrativeunit List Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-list-members.md
Title: "List members"
-description: "Use this API to get the members list (user and group) in an administrative unit."
+description: "Use this API to get the members list (users, groups, and devices) in an administrative unit."
ms.localizationpriority: medium ms.prod: "directory-management"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Use this API to get the members list (user and group) in an administrative unit.
+Use this API to get the members list (users, groups, and devices) in an administrative unit.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
One of the following permissions is required to call this API. To learn more, in
GET /administrativeUnits/{id}/members GET /administrativeUnits/{id}/members/$ref ```
+## Optional query parameters
+This method (when used without `$ref`) supports the [OData query parameters](/graph/query-parameters) to help customize the response, including `$search`, `$count`, and `$filter`. OData cast is also enabled, for example, you can cast to get just the users that are a member of the administrative unit.
+
+`$search` is supported on the **displayName** and **description** properties only. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries).
+ ## Request headers
-| Name |Description|
+| Header |Value|
|:-|:-| | Authorization | Bearer {token}. Required. |
+| ConsistencyLevel | eventual. This header and `$count` are required when using `$search`, or in specific usage of `$filter`. For more information about the use of **ConsistencyLevel** and `$count`, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries). |
## Request body Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and a collection of [user](../resources/user.md) and/or [group](../resources/group.md) objects in the response body. Instead, if you put `$ref` at the end of the request, the response will contain a collection of `@odata.id` links/URLs to the members.
+If successful, this method returns a `200 OK` response code and a collection of [user](../resources/user.md), [group](../resources/group.md), or [device](../resources/device.md) objects in the response body. Adding `$ref` at the end of the request returns a collection of only `@odata.id` URLs of the members.
## Examples
-##### List member objects
+### Example 1: List member objects
+
+#### Request
The following request will list the members of the administrative unit, returning a collection of users and/or groups. ```http GET https://graph.microsoft.com/beta/administrativeUnits/{id}/members ```
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+#### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
```http HTTP/1.1 200 OK
Content-type: application/json
} ```
-##### List member references
+### Example 2: List member references
+
+#### Request
+ The following request will list the member references of the administrative unit, returning a collection of `@odata.id` references to the members.+ ``` GET https://graph.microsoft.com/beta/administrativeUnits/{id}/members/$ref ```
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+
+#### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
```http HTTP/1.1 200 OK
v1.0 Administrativeunit List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-list.md
- Title: "List administrativeUnits"
-description: "Retrieve a list of administrativeUnit objects."
-
-doc_type: apiPageType
--
-# List administrativeUnits
-
-Namespace: microsoft.graph
--
-Retrieve a list of [administrativeUnit](../resources/administrativeunit.md) objects.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | AdministrativeUnit.Read.All, Directory.Read.All, AdministrativeUnit.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | AdministrativeUnit.Read.All, Directory.Read.All, AdministrativeUnit.ReadWrite.All, Directory.ReadWrite.All |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /administrativeUnits
-```
-## Optional query parameters
-This method supports the `$count`, `$select`, `$search`, `$filter`, and `$expand` [OData query parameters](/graph/query-parameters) to help customize the response.
--
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required.|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and collection of [administrativeUnit](../resources/administrativeunit.md) objects in the response body.
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_administrativeunits"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/administrativeUnits
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.administrativeUnit",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "displayName": "displayName-value",
- "description": "description-value",
- "visibility": "visibility-value",
- "id": "id-value"
- }
- ]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "List administrativeUnits",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Administrativeunit Post Administrativeunits https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-post-administrativeunits.md
- Title: "Create administrativeUnit"
-description: "Use this API to create a new administrativeUnit."
-
-doc_type: apiPageType
--
-# Create administrativeUnit
-
-Namespace: microsoft.graph
--
-Use this API to create a new [administrativeUnit](../resources/administrativeunit.md).
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | AdministrativeUnit.ReadWrite.All, Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | AdministrativeUnit.ReadWrite.All |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /administrativeUnits
-
-```
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-| Content-type | application/json. Required. |
-
-## Request body
-In the request body, supply a JSON representation of an [administrativeUnit](../resources/administrativeunit.md) object.
-
-Because the **administrativeUnit** resource supports [extensions](/graph/extensibility-overview), you can use the `POST` operation and add custom properties with your own data to the administrative unit while creating it.
-
-## Response
-
-If successful, this method returns a `201 Created` response code and an [administrativeUnit](../resources/administrativeunit.md) object in the response body.
-
-## Example
-
-### Request
-
-The following is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "create_administrativeunit_from_administrativeunits"
-}-->
-```http
-POST https://graph.microsoft.com/beta/administrativeUnits
-Content-type: application/json
-
-{
- "displayName": "Seattle District Technical Schools",
- "description": "Seattle district technical schools administration",
- "visibility": "HiddenMembership"
-}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
---
-In the request body, supply a JSON representation of an [administrativeUnit](../resources/administrativeunit.md) object.
-
-### Response
-
-The following is an example of the response.
-> Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.administrativeUnit"
-} -->
-```http
-HTTP/1.1 201 Created
-Content-type: application/json
-
-{
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#administrativeUnits/$entity",
- "id": "7a3dc8f3-b3a0-4164-9a99-ed36f3af039f",
- "deletedDateTime": null,
- "displayName": "Seattle District Technical Schools",
- "description": "Seattle district technical schools administration",
- "visibility": "HiddenMembership"
-}
-```
-
-## See also
--- [Add custom data to resources using extensions](/graph/extensibility-overview)-- [Add custom data to users using open extensions (preview)](/graph/extensibility-open-users)
-<!--
-- [Add custom data to groups using schema extensions (preview)](/graph/extensibility-schema-groups)>--
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Create administrativeUnit",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Administrativeunit Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-post-members.md
Title: "Add a member"
-description: "Use this API to add a member (user or group) to an administrative unit."
+description: "Use this API to add a member (user, group, or device) to an administrative unit."
ms.localizationpriority: medium ms.prod: "directory-management"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Use this API to add a member (user or group) to an administrative unit or to create a new group within an administrative unit. All [group types](/graph/api/resources/groups-overview) can be created within an administrative unit.
+Use this API to add a member (user, group, or device) to an administrative unit or to create a new group within an administrative unit. All [group types](/graph/api/resources/groups-overview) can be created within an administrative unit.
-**NOTE:** Currently it's only possible to add one member at a time to an administrative unit.`
+**Note:** Currently, it's only possible to add one member at a time to an administrative unit.`
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
POST /administrativeUnits/{id}/members
| Authorization | Bearer {token}. Required. | | Content-type | application/json. Required. |
-## Request body
### Adding an existing user or group
-In the request body, provide the `id` of a [user](../resources/user.md), [group](../resources/group.md), or [directoryObject](../resources/directoryobject.md) to be added.
+In the request body, provide the `id` of a [user](../resources/user.md), [group](../resources/group.md), [device](../resources/device.md), or [directoryObject](../resources/directoryobject.md) to be added.
### Creating a new group The following table shows the properties of the [group](../resources/group.md) resource to specify when you create a group in the administrative unit.
Content-type: application/json
-In the request body, provide the `id` of the [user](../resources/user.md) or [group](../resources/group.md) object you want to add.
+In the request body, provide the `id` of the [user](../resources/user.md), [group](../resources/group.md), or [device](../resources/device.md) object you want to add.
#### Response+ The following is an example of the response. <!-- {
v1.0 Administrativeunit Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/administrativeunit-update.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http PATCH /administrativeUnits/{id}
+PATCH /directory/administrativeUnits/{id}
``` ## Request headers
In the request body, supply the values for relevant fields that should be update
| Property | Type |Description| |:|:--|:-|
-|description|string|Description for the administrative unit.|
-|displayName|string|Display name for the administrative unit.|
-|visibility|string|Visibility for the administrative unit. If not set then the default is "public". Can be set to "HiddenMembership", which hides the membership from non-members.|
+|description|String|Description for the administrative unit.|
+|displayName|String|Display name for the administrative unit.|
-Since the **administrativeUnit** resource supports [extensions](/graph/extensibility-overview), you can use the `PATCH` operation to
-add, update, or delete your own app-specific data in custom properties of an extension in an existing **administrativeUnit** instance.
+Since the **administrativeUnit** resource supports [extensions](/graph/extensibility-overview), you can use the `PATCH` operation to add, update, or delete your own app-specific data in custom properties of an extension in an existing **administrativeUnit** instance.
## Response
If successful, this method returns a `204 No Content` response code.
## Example
-##### Request
+### Request
# [HTTP](#tab/http)
If successful, this method returns a `204 No Content` response code.
"name": "update_administrativeunit" }--> ```http
-PATCH https://graph.microsoft.com/beta/administrativeUnits/{id}
+PATCH https://graph.microsoft.com/beta/administrativeUnits/4d7ea995-bc0f-45c0-8c3e-132e93bf95f8
Content-type: application/json {
- "displayName": "displayName-value",
- "description": "description-value",
- "visibility": "visibility-value"
+ "displayName": "Greater Seattle District Technical Schools"
} ``` # [C#](#tab/csharp)
Content-type: application/json
-##### Response
+### Response
<!-- { "blockType": "response"
v1.0 Agreement Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/agreement-delete.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `204, No Content` response code. It does not return anything in the response body.
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
## Example
-##### Request
+### Request
# [HTTP](#tab/http)
If successful, this method returns a `204, No Content` response code. It does no
"name": "delete_agreement" }--> ```http
-DELETE https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements/{id}
+DELETE https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements/0ec9f6a6-159d-4dd8-a563-1f0b5935e80b
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/delete-agreement-csharp-snippets.md)]
DELETE https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements
[!INCLUDE [sample-code](../includes/snippets/go/delete-agreement-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
-##### Response
->**Note:** The response object shown here might be shortened for readability.
+### Response
<!-- { "blockType": "response", "truncated": true
v1.0 Agreement Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/agreement-get.md
When calling on behalf of a user, the user needs to belong to one of the followi
```http GET /identityGovernance/termsOfUse/agreements/{id} ```
-<!--
+ ## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
>
+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.
## Request headers | Name | Type | Description |
This method supports the [OData Query Parameters](/graph/query-parameters) to he
Do not supply a request body for this method. ## Response If successful, this method returns a `200 OK` response code and [agreement](../resources/agreement.md) object in the response body.
-## Example
-##### Request
+## Examples
-# [HTTP](#tab/http)
+### Example 1: Retrieve an agreement
+
+#### Request
<!-- { "blockType": "request", "name": "get_agreement" }--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements/{id}?$expand=files
+GET https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements/0ec9f6a6-159d-4dd8-a563-1f0b5935e80b
```
-# [C#](#tab/csharp)
-# [JavaScript](#tab/javascript)
+#### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.agreement"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#agreements/$entity",
+ "id": "0ec9f6a6-159d-4dd8-a563-1f0b5935e80b",
+ "displayName": "All users terms of use",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": "P90D",
+ "isViewingBeforeAcceptanceRequired": false,
+ "isPerDeviceAcceptanceRequired": false
+}
+```
-# [Objective-C](#tab/objc)
-# [Java](#tab/java)
+### Example 2: Retrieve an agreement and its related files
-# [Go](#tab/go)
+#### Request
-
+<!-- {
+ "blockType": "request",
+ "name": "get_agreement_files"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements/093b947f-8363-4979-a47d-4c52b33ee1be?$expand=files
+```
-##### Response
+#### Response
>**Note:** The response object shown here might be shortened for readability. <!-- { "blockType": "response",
HTTP/1.1 200 OK
Content-type: application/json {
- "displayName": "MSGraph Sample",
- "isViewingBeforeAcceptanceRequired": true,
- "id": "id-value",
- "files": [
- {
- "id": "id-value",
- "language": "en",
- "fileName": "TOU.pdf",
- "isDefault": true
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#agreements(files())/$entity",
+ "id": "0ec9f6a6-159d-4dd8-a563-1f0b5935e80b",
+ "displayName": "All users terms of use",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": "P90D",
+ "isViewingBeforeAcceptanceRequired": false,
+ "isPerDeviceAcceptanceRequired": false,
+ "files@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/termsOfUse/agreements('0ec9f6a6-159d-4dd8-a563-1f0b5935e80b')/files",
+ "files": [
+ {
+ "id": "681b73a7-e9ae-4f2d-aca5-9e857599cd15",
+ "fileName": "ToU.pdf",
+ "displayName": "Contoso Terms of Use",
+ "language": "en-GB",
+ "isDefault": true,
+ "isMajorVersion": false,
+ "createdDateTime": "2022-03-02T14:11:32.885186Z",
+ "fileData": null
+ }
+ ]
} ```
v1.0 Agreement List Acceptances https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/agreement-list-acceptances.md
+
+ Title: "List acceptances"
+description: "Get the details about the acceptance records for a specific agreement."
+
+ms.localizationpriority: medium
++
+# List acceptances
+Namespace: microsoft.graph
++
+Get the details about the acceptance records for a specific agreement.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | AgreementAcceptance.Read, AgreementAcceptance.Read.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Not supported. |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/termsOfUse/agreements/{agreementsId}/acceptances
+```
+
+## Optional query parameters
+This method the `$select` and `$filter` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [agreementAcceptance](../resources/agreementacceptance.md) objects in the response body.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "request",
+ "name": "list_agreementacceptance"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements/94410bbf-3d3e-4683-8149-f034e55c39dd/acceptances
+```
++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.agreementAcceptance)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#agreementAcceptances",
+ "value": [
+ {
+ "id": "94410bbf-3d3e-4683-8149-f034e55c39dd_d4bb5206-77bf-4d5c-96b4-cf7b0ed3be98",
+ "agreementId": "94410bbf-3d3e-4683-8149-f034e55c39dd",
+ "userId": "d4bb5206-77bf-4d5c-96b4-cf7b0ed3be98",
+ "deviceId": "00000000-0000-0000-0000-000000000000",
+ "deviceDisplayName": null,
+ "deviceOSType": null,
+ "deviceOSVersion": null,
+ "agreementFileId": "08033369-8972-42a3-8533-90bbd2757a01",
+ "userDisplayName": "Megan Bowen",
+ "userPrincipalName": "MeganB@Contoso.com",
+ "userEmail": "MeganB@Contoso.com",
+ "recordedDateTime": "2022-03-04T14:11:22.6658376Z",
+ "expirationDateTime": null,
+ "state": "accepted"
+ }
+ ]
+}
+```
+
v1.0 Agreement List Files https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/agreement-list-files.md
+
+ Title: "List files (localized agreement files)"
+description: "Retrieve all localized files related to an agreement."
+ms.localizationpriority: medium
+++
+# List files (localized agreement files)
+Namespace: microsoft.graph
++
+Retrieve all localized files related to an agreement.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Agreement.Read.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Not supported. |
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /agreements/{agreementsId}?$expand=files
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [agreementFileLocalization](../resources/agreementfilelocalization.md) objects in the response body.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "request",
+ "name": "list_agreementfilelocalization"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements/94410bbf-3d3e-4683-8149-f034e55c39dd?$expand=files
+```
++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.agreementFileLocalization"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#agreements(files())/$entity",
+ "id": "94410bbf-3d3e-4683-8149-f034e55c39dd",
+ "displayName": "Contoso ToU for guest users",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": null,
+ "isViewingBeforeAcceptanceRequired": true,
+ "isPerDeviceAcceptanceRequired": false,
+ "files@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/termsOfUse/agreements('94410bbf-3d3e-4683-8149-f034e55c39dd')/files",
+ "files": [
+ {
+ "id": "08033369-8972-42a3-8533-90bbd2757a01",
+ "fileName": "TOU.pdf",
+ "displayName": "Contoso ToU for guest users",
+ "language": "en",
+ "isDefault": true,
+ "isMajorVersion": false,
+ "createdDateTime": "2022-03-04T13:14:13.9361722Z",
+ "fileData": null
+ },
+ {
+ "id": "90d1723c-52c1-40e3-a51a-da99a82c0327",
+ "fileName": "Contoso ToU for guest users (French)",
+ "displayName": "Contoso ToU for guest users (French)",
+ "language": "fr-FR",
+ "isDefault": false,
+ "isMajorVersion": false,
+ "createdDateTime": "2022-03-04T14:38:22.8292386Z",
+ "fileData": null
+ }
+ ]
+}
+```
+
v1.0 Agreement Post Files https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/agreement-post-files.md
+
+ Title: "Create agreementFileLocalization"
+description: "Create a new localized agreement file."
+
+ms.localizationpriority: medium
++
+# Create agreementFileLocalization
+Namespace: microsoft.graph
++
+Create a new localized agreement file.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Agreement.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Not supported. |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /agreements/{agreementsId}/files
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [agreementFileLocalization](../resources/agreementfilelocalization.md) object.
+
+You can specify the following properties when creating an **agreementFileLocalization**.
+
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|Localized display name of the policy file of an agreement. The localized display name is shown to end users who view the agreement.|
+|fileData|[agreementFileData](../resources/agreementfiledata.md)|Data that represents the terms of use PDF document.|
+|fileName|String|Name of the agreement file (for example, TOU.pdf). |
+|isDefault|Boolean|If none of the languages matches the client preference, indicates whether this is the default agreement file . If none of the files are marked as default, the first one is treated as the default. Read-only.|
+|isMajorVersion|Boolean|Indicates whether the agreement file is a major version update. Major version updates invalidate the agreement's acceptances on the corresponding language.|
+|language|String|The language of the agreement file in the format "languagecode2-country/regioncode2". "languagecode2" is a lowercase two-letter code derived from ISO 639-1, while "country/regioncode2" is derived from ISO 3166 and usually consists of two uppercase letters, or a BCP-47 language tag. For example, U.S. English is `en-US`.|
+++
+## Response
+
+If successful, this method returns a `200 OK` response code and an [agreementFileLocalization](../resources/agreementfilelocalization.md) object in the response body.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "ignored",
+ "name": "create_agreementfilelocalization_from_"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements/94410bbf-3d3e-4683-8149-f034e55c39dd/files
+Content-Type: application/json
+
+{
+ "fileName": "Contoso ToU for guest users (French)",
+ "language": "fr-FR",
+ "isDefault": false,
+ "isMajorVersion": false,
+ "displayName": "Contoso ToU for guest users (French)",
+ "fileData": {
+ "data": "JVBERi0xLjUKJb/3ov4KNCAwIG9iago8PCAvTGluZWFyaX//truncated-binary-data"
+ }
+}
+```
++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.agreementFileLocalization"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/termsOfUse/agreements('94410bbf-3d3e-4683-8149-f034e55c39dd')/files/$entity",
+ "id": "90d1723c-52c1-40e3-a51a-da99a82c0327",
+ "fileName": "Contoso ToU for guest users (French)",
+ "displayName": "Contoso ToU for guest users (French)",
+ "language": "fr-FR",
+ "isDefault": false,
+ "isMajorVersion": false,
+ "createdDateTime": "2022-03-04T14:38:22.8292386Z",
+ "fileData": {
+ "data": "JVBERi0xLjUKJb/"
+ }
+}
+```
+
v1.0 Agreement Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/agreement-update.md
In the request body, supply the values for relevant fields that should be update
|isViewingBeforeAcceptanceRequired|Boolean|Whether the user has to expand and view the agreement before accepting.| ## Response
-If successful, this method returns a `200 OK` response code and an updated [agreement](../resources/agreement.md) object in the response body.
+If successful, this method returns a `204 No Content` response code.
## Example ##### Request
If successful, this method returns a `200 OK` response code and an updated [agre
"blockType": "request", "name": "update_agreement" }-->
-```http
-PATCH https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements/{id}
+```msgraph-interactive
+PATCH https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements/0ec9f6a6-159d-4dd8-a563-1f0b5935e80b
Content-type: application/json {
- "displayName": "displayName-value",
- "isViewingBeforeAcceptanceRequired": true
+ "displayName": "All Contoso volunteers - Terms of use",
+ "isViewingBeforeAcceptanceRequired": true
} ``` # [C#](#tab/csharp)
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/update-agreement-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ##### Response
->**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.agreement"
+ "truncated": true
} --> ```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "displayName": "displayName-value",
- "isViewingBeforeAcceptanceRequired": true,
- "id": "id-value"
-}
+HTTP/1.1 204 No Content
``` <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
v1.0 Agreementfile Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/agreementfile-get.md
+
+ Title: "Get agreementFile"
+description: "Retrieve the details of the default file for an agreement, including the language and version information. "
+
+ms.localizationpriority: medium
++
+# Get agreementFile
+Namespace: microsoft.graph
++
+Retrieve the details of the default file for an agreement, including the language and version information. The file information is specified through the [agreementFile](../resources/agreementfile.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Agreement.Read.All, Agreement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Not supported.|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /agreements/{agreementsId}/file
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [agreementFile](../resources/agreementfile.md) objects in the response body.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "request",
+ "name": "get_agreementfile"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements/94410bbf-3d3e-4683-8149-f034e55c39dd/file
+```
++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.agreementFile"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/termsOfUse/agreements('94410bbf-3d3e-4683-8149-f034e55c39dd')/file/$entity",
+ "@odata.type": "#microsoft.graph.agreementFileLocalization",
+ "id": "08033369-8972-42a3-8533-90bbd2757a01",
+ "fileName": "TOU.pdf",
+ "displayName": "Contoso ToU for guest users",
+ "language": "en",
+ "isDefault": true,
+ "isMajorVersion": false,
+ "createdDateTime": "2022-03-04T13:14:13.9361722Z",
+ "fileData": null
+}
+```
+
v1.0 Application Delete Extensionproperty https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-delete-extensionproperty.md
- Title: "Delete extensionProperty"
-description: "Delete an extensionProperty."
-
-doc_type: "apiPageType"
--
-# Delete extensionProperty
-
-Namespace: microsoft.graph
--
-Delete an [extensionProperty](../resources/extensionproperty.md).
-
-## Permissions
-
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Application.ReadWrite.All |
-|Application | Application.ReadWrite.OwnedBy, Application.ReadWrite.All, Directory.ReadWrite.All |
-
-## HTTP request
-
-<!-- { "blockType": "ignored" } -->
-
-```http
-DELETE /applications/{id}/extensionProperties/{id}
-```
-
-## Request headers
-
-| Name | Description|
-|:--|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
-
-## Examples
-
-### Request
-
-The following is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "delete_extensionproperty"
-}-->
-
-```http
-DELETE https://graph.microsoft.com/beta/applications/{id}/extensionProperties/{id}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
----
-### Response
-
-The following is an example of the response.
-
-<!-- {
- "blockType": "response",
- "truncated": true
-} -->
-
-```http
-HTTP/1.1 204 No Content
-```
-
-<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
-2019-02-04 14:57:30 UTC -->
-<!-- {
- "type": "#page.annotation",
- "description": "Delete extensionProperty",
- "keywords": "",
- "section": "documentation",
- "tocPath": ""
-}-->
---
v1.0 Application Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-get.md
Content-type: application/json
"enableIdTokenIssuance": false, "enableAccessTokenIssuance": false }
- }
+ },
+ "windows": null
} ```
v1.0 Application List Extensionproperty https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-list-extensionproperty.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | Application.Read.All, Directory.Read.All, Application.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (work or school account) | Application.Read.All, Directory.Read.All, Application.ReadWrite.All, Directory.ReadWrite.All|
|Delegated (personal Microsoft account) | Application.Read.All, Application.ReadWrite.All | |Application | Application.Read.All, Application.ReadWrite.OwnedBy, Application.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All |
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/applications/{id}/extensionProperties
+GET https://graph.microsoft.com/beta/applications/fd918e4b-c821-4efb-b50a-5eddd23afc6f/extensionProperties
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/get-extensionproperties-csharp-snippets.md)]
HTTP/1.1 200 OK
Content-type: application/json {
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#applications('fd918e4b-c821-4efb-b50a-5eddd23afc6f')/extensionProperties",
"value": [ {
- "id": "a2c459db-f5dc-4328-ae9b-118e88d04d19",
+ "id": "da38c7b1-133e-4a79-abcd-e2fd586ce621",
"deletedDateTime": null,
- "appDisplayName": "Display name",
- "name": "extension_b3efaf8f68a44275abcff28ef86b2ee3_extensionName",
+ "appDisplayName": "",
+ "name": "extension_25883231668a43a780b25685c3f874bc_jobGroup",
"dataType": "String", "isSyncedFromOnPremises": false, "targetObjects": [
- "Application"
+ "User"
+ ]
+ },
+ {
+ "id": "1f0f15e3-925d-40f0-8fc8-9d3ad135bce0",
+ "deletedDateTime": null,
+ "appDisplayName": "",
+ "name": "extension_25883231668a43a780b25685c3f874bc_cpiminternal_useAccountEnabledForPhone",
+ "dataType": "String",
+ "isSyncedFromOnPremises": false,
+ "targetObjects": [
+ "User"
] } ]
v1.0 Application Post Applications https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-post-applications.md
Content-type: application/json
"enableIdTokenIssuance": false, "enableAccessTokenIssuance": false }
- }
+ },
+ "windows" : null
} ```
v1.0 Application Post Extensionproperty https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-post-extensionproperty.md
The following is an example of the request.
}--> ```http
-POST https://graph.microsoft.com/beta/applications/{id}/extensionProperties
+POST https://graph.microsoft.com/beta/applications/fd918e4b-c821-4efb-b50a-5eddd23afc6f/extensionProperties
Content-type: application/json {
- "name": "extensionName",
- "dataType": "string",
+ "name": "jobGroup",
+ "dataType": "String",
"targetObjects": [
- "Application"
+ "User"
] } ```
HTTP/1.1 201 Created
Content-type: application/json {
- "id": "a2c459db-f5dc-4328-ae9b-118e88d04d19",
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#applications('fd918e4b-c821-4efb-b50a-5eddd23afc6f')/extensionProperties/$entity",
+ "id": "da38c7b1-133e-4a79-abcd-e2fd586ce621",
"deletedDateTime": null,
- "appDisplayName": "Display name",
- "name": "extension_b3efaf8f68a44275abcff28ef86b2ee3_extensionName",
+ "appDisplayName": "b2c-extensions-app. Do not modify. Used by AADB2C for storing user data.",
"dataType": "String", "isSyncedFromOnPremises": false,
+ "name": "extension_25883231668a43a780b25685c3f874bc_jobGroup",
"targetObjects": [
- "Application"
+ "User"
] } ```
v1.0 Application Removekey https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-removekey.md
In the request body, provide the following required properties.
| Property | Type | Description| |:-|:--|:--|
-| keyId | GUID | The unique identifier for the password.|
+| keyId | Guid | The unique identifier for the password.|
| proof | String | A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed using the private key of one of the application's existing valid certificates. The token should contain the following claims:<ul><li>`aud` - Audience needs to be `00000002-0000-0000-c000-000000000000`.</li><li>`iss` - Issuer needs to be the __id__ of the application that is making the call.</li><li>`nbf` - Not before time.</li><li>`exp` - Expiration time should be `nbf` + 10 mins.</li></ul><br>For steps to generate this proof of possession token, see [Generating proof of possession tokens for rolling keys](/graph/application-rollkey-prooftoken).| ## Response
v1.0 Application Removepassword https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-removepassword.md
POST /applications/{id}/removePassword
| Property | Type | Description| |:-|:--|:--|
-| keyId | GUID | The unique identifier for the password. Required. |
+| keyId | Guid | The unique identifier for the password. Required. |
## Response
v1.0 Application Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-update.md
In the request body, supply the values for relevant fields that should be update
| uniqueName | String | The unique identifier that can be assigned to an application as an alternative identifier. Immutable. Read-only. | | web | [webApplication](../resources/webapplication.md) | Specifies settings for a web application. | | spa | [spaApplication](../resources/spaapplication.md) | Specifies settings for a single-page application, including sign out URLs and redirect URIs for authorization codes and access tokens. |
+| windows | [windowsApplication](../resources/windowsapplication.md) | Specifies settings for apps running Microsoft Windows and published in the Microsoft Store or Xbox games store. Includes package SID and redirect URIs for authorization codes and access tokens. |
## Response
v1.0 Basetask Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/basetask-get.md
Content-Type: application/json
"createdDateTime": "2021-11-15T13:16:53.0831814Z", "lastModifiedDateTime": "2021-11-15T13:17:24.9876101Z", "id": "AAkALgAAAAAAHYQDEapmEc2byACqAC-EWg0AkOO4xOT--0qFRAqk3TNe0QAAAy35RwAA",
- "body": {
- "content": "",
- "contentType": "text"
- },
+ "textBody": "",
"parentList@odata.context": "https://graph.microsoft.com/betIAAA%3D')/tasks('AAkALgAAAAAAHYQDEapmEc2byACqAC-EWg0AkOO4xOT--0qFRAqk3TNe0QAAAy35RwAA')/microsoft.graph.task/parentList/$entity", "parentList": { "id": "AAMkAGVjMzJmMWZjLTgyYjgtNGIyNi1hOGQ0LWRjMjNmMGRmOWNiYQAuAAAAAAAboFsPFj7gQpLAt-6oC2JgAQCQ47jE5P--SoVECqTdM17RAAAB4mDIAAA="
v1.0 Basetask Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/basetask-update.md
PATCH /users/{userId|userPrincipalName}/tasks/alltasks/{baseTaskId}
|Property|Type|Description| |:|:|:|
-|body|[itemBody](../resources/itembody.md)|The task body that typically contains information about the task.|
+|textBody|String|The task body in text format that typically contains information about the task.|
|createdDateTime|DateTimeOffset|The date in the specified time zone that the task was finished.| |lastModifiedDateTime|DateTimeOffset|The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header.| |bodyLastModifiedDateTime|DateTimeOffset|The date and time when the task body was last modified. By default, it is in UTC. You can provide a custom time zone in the request header.|
PATCH /users/{userId|userPrincipalName}/tasks/alltasks/{baseTaskId}
|recurrence|[patternedRecurrence](../resources/patternedrecurrence.md)|The recurrence pattern for the task.| |displayName|String|A brief description of the task.| |status|taskStatus_v2|Indicates state or progress of the task. The possible values are: `notStarted`, `inProgress`, `completed`, `unknownFutureValue`.|
-|personalProperties|[personalTaskProperties](../resources/personaltaskproperties.md)|Properties that are personal to a user such as reminderDateTime.|
+|viewpoint|[taskViewpoint](../resources/taskviewpoint.md)|Properties that are personal to a user such as reminderDateTime.|
Content-Type: application/json
Content-length: 634 {
- "@odata.type": "#microsoft.graph.baseTask",
- "body": {
- "@odata.type": "microsoft.graph.itemBody"
- },
+ "@odata.type": "#microsoft.graph.task",
+ "textBody": "String",
"bodyLastModifiedDateTime": "String (timestamp)", "completedDateTime": "String (timestamp)", "dueDateTime": {
Content-length: 634
}, "displayName": "String", "status": "String",
- "personalProperties": {
- "@odata.type": "microsoft.graph.personalTaskProperties"
+ "viewpoint": {
+ "@odata.type": "microsoft.graph.taskViewpoint"
} } ```
Content-length: 634
<!-- { "blockType": "response", "truncated": true,
- "@odata.type": "microsoft.graph.baseTask"
+ "@odata.type": "microsoft.graph.task"
} --> ``` http
Content-Type: application/json
"createdDateTime": "2021-11-15T14:38:25.6868632Z", "lastModifiedDateTime": "2021-11-15T15:51:13.3606631Z", "id": "AAkALgAAAAAAHYQDEapmEc2byACqAC-EWg0AkOO4xOT",
- "body": {
- "content": "",
- "contentType": "text"
- },
+ "textBody": "",
"parentList": { "id": "AAMkAGVjMzJmMWZjLTgyYjgtNGIyNi1hOGQ0LWRjMjNmMGRmOWNiYQAuAAAAAAAboFsPFj7gQpLAt" }
v1.0 Basetasklist List Tasks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/basetasklist-list-tasks.md
Content-Type: application/json
"createdDateTime": "2021-11-17T06:58:32.4882235Z", "lastModifiedDateTime": "2021-11-17T07:02:49.1697427Z", "id": "AAkALgAAAAAAHYQDEapmEc2byACqAC",
- "body": {
- "content": "",
- "contentType": "text"
- },
+ "textBody": "",
"parentList": { "id": "AQMkAGVjMzJmMWZjLTgyYjgtNGIyNi1hOGQ0LWRjMjNm" }
v1.0 Basetasklist Post Tasks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/basetasklist-post-tasks.md
You can specify the following properties when creating a **baseTask**.
|Property|Type|Description| |:|:|:|
-|body|[itemBody](../resources/itembody.md)|The task body that typically contains information about the task.|
+|textBody|String|The task body in text format that typically contains information about the task.|
|createdDateTime|DateTimeOffset|The date in the specified time zone that the task was finished.| |lastModifiedDateTime|DateTimeOffset|The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'.| |bodyLastModifiedDateTime|DateTimeOffset|The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'.|
You can specify the following properties when creating a **baseTask**.
|recurrence|[patternedRecurrence](../resources/patternedrecurrence.md)|The recurrence pattern for the task.| |displayName|String|A brief description of the task.| |status|taskStatus_v2|Indicates the state or progress of the task. The possible values are: `notStarted`, `inProgress`, `completed`, `unknownFutureValue`. Required.|
-|personalProperties|[personalTaskProperties](../resources/personaltaskproperties.md)|Properties that are personal to a user such as reminderDateTime.|
+|viewpoint|[taskViewpoint](../resources/taskviewpoint.md)|Properties that are personal to a user such as reminderDateTime.|
Content-Type: application/json
Content-length: 634 {
- "@odata.type": "#microsoft.graph.baseTask",
- "body": {
- "@odata.type": "microsoft.graph.itemBody"
- },
+ "@odata.type": "#microsoft.graph.task",
+ "textBody": "String",
"bodyLastModifiedDateTime": "String (timestamp)", "completedDateTime": "String (timestamp)", "dueDateTime": {
Content-length: 634
}, "displayName": "String", "status": "String",
- "personalProperties": {
- "@odata.type": "microsoft.graph.personalTaskProperties"
+ "viewpoint": {
+ "@odata.type": "microsoft.graph.taskViewpoint"
} } ```
Content-length: 634
<!-- { "blockType": "response", "truncated": true,
- "@odata.type": "microsoft.graph.baseTask"
+ "@odata.type": "microsoft.graph.task"
} --> ``` http
Content-Type: application/json
"createdDateTime": "2021-11-17T10:11:18.0229364Z", "lastModifiedDateTime": "2021-11-17T10:11:18.19789Z", "id": "AAkALgAAAAAAHYQDEapmEc2byACqAC",
- "body": {
- "content": "",
- "contentType": "text"
- },
+ "textBody": "",
"parentList": { "id": "AQMkAGVjMzJmMWZjLTgyYjgtNGIyNi1hOGQ0LWRjMjNmMGRmOWNi" }
v1.0 Bitlocker List Recoverykeys https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/bitlocker-list-recoverykeys.md
The response might also contain an `odata.nextLink`, which you can use to page t
|Name|Description| |:|:| |Authorization|Bearer {token}. Required.|
+|User-Agent|The identifier for the calling application. This value contains information about the operating system and the browser used. Required.|
|ocp-client-name|The name of the client application performing the API call. This header is used for debugging purposes. Optional.| |ocp-client-version|The version of the client application performing the API call. This header is used for debugging purposes. Optional.|
The following is an example of the request.
--> ``` http GET https://graph.microsoft.com/beta/informationProtection/bitlocker/recoveryKeys
+User-Agent: "Dsreg/10.0 (Windows 10.0.19043.1466)"
ocp-client-name: "My Friendly Client" ocp-client-version: "1.2" ```
The following is an example of the request.
--> ``` http GET https://graph.microsoft.com/beta/informationProtection/bitlocker/recoveryKeys?$filter=deviceId eq '1ab40ab2-32a8-4b00-b6b5-ba724e407de9'
+User-Agent: "Dsreg/10.0 (Windows 10.0.19043.1466)"
ocp-client-name: "My Friendly Client" ocp-client-version: "1.2" ```
v1.0 Bitlockerrecoverykey Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/bitlockerrecoverykey-get.md
To get the specified BitLocker key without returning the **key** property:
} --> ``` http
-GET /informationProtection/bitlocker/recoveryKeys/'{bitlockeryRecoveryKeyId}'
+GET /informationProtection/bitlocker/recoveryKeys/{bitlockeryRecoveryKeyId}
``` To get the specified BitLocker key including its **key** property:
To get the specified BitLocker key including its **key** property:
} --> ``` http
-GET /informationProtection/bitlocker/recoveryKeys/'{bitlockeryRecoveryKeyId}'?$select=key
+GET /informationProtection/bitlocker/recoveryKeys/{bitlockeryRecoveryKeyId}?$select=key
``` ## Optional query parameters
This method supports the `$select` OData query parameter to return the **key** p
|Name|Description| |:|:| |Authorization|Bearer {token}. Required.|
+|User-Agent|The identifier for the calling application. This value contains information about the operating system and the browser used. Required.|
|ocp-client-name|The name of the client application performing the API call. This header is used for debugging purposes. Optional.| |ocp-client-version|The version of the client application performing the API call. This header is used for debugging purposes. Optional.| + ## Request body Do not supply a request body for this method.
The following is an example of the request.
--> ``` http GET https://graph.microsoft.com/beta/informationProtection/bitlocker/recoveryKeys/b465e4e8-e4e8-b465-e8e4-65b4e8e465b4
+User-Agent: "Dsreg/10.0 (Windows 10.0.19043.1466)"
ocp-client-name: "My Friendly Client" ocp-client-version: "1.2" ```
The following is an example of the request.
--> ``` http GET https://graph.microsoft.com/beta/informationProtection/bitlocker/recoveryKeys/b465e4e8-e4e8-b465-e8e4-65b4e8e465b4?$select=key
+User-Agent: "Dsreg/10.0 (Windows 10.0.19043.1466)"
+ocp-client-name: "My Friendly Client"
+ocp-client-version: "1.2"
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/get-bitlockerrecoverykey-4-csharp-snippets.md)]
v1.0 Bookingappointment Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/bookingappointment-delete.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http DELETE /bookingBusinesses/{id}/appointments/{id}- ``` ## Request headers | Name | Description|
Do not supply a request body for this method.
If successful, this method returns `204, No Content` response code. It does not return anything in the response body. ## Example
-##### Request
-The following is an example of the request.
+### Request
+The following is an example of a request.
# [HTTP](#tab/http) <!-- {
DELETE https://graph.microsoft.com/beta/bookingBusinesses/Contosolunchdelivery@c
-##### Response
-The following is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true
v1.0 Bookingappointment Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/bookingappointment-update.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Update the properties of a [bookingAppointment](../resources/bookingappointment.md) object in the specified [bookingBusiness](../resources/bookingbusiness.md).+ ## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type | Permissions (from least to most privileged) |
One of the following permissions is required to call this API. To learn more, in
```http PATCH /bookingBusinesses/{id}/appointments/{id} ```+ ## Optional request headers+ | Name | Description| |:--|:--| | Authorization | Bearer {code}. Required.| ## Request body
-In the request body, supply the values for relevant fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance, don't include existing values that haven't changed.
+ | Property | Type |Description| |:|:--|:-|
In the request body, supply the values for relevant fields that should be update
|invoiceUrl|String|The URL of the invoice in Microsoft Bookings.| |filledAttendeesCount|Int32|The current number of customers in the appointment. Required.| |isLocationOnline|Boolean|True indicates that the appointment will be held online. Default value is false.|
-|maximumAttendeesCount|Int32|The maximum number of customers allowed in the appointment. Required.|
+|maximumAttendeesCount|Int32|The maximum number of customers allowed in the appointment. Required. |
|optOutOfCustomerEmail|Boolean|True indicates that the [bookingCustomer](../resources/bookingcustomer.md) for this appointment does not wish to receive a confirmation for this appointment.| |postBuffer|Duration|The amount of time to reserve after the appointment ends, for cleaning up, as an example. The value is expressed in [ISO8601](https://www.iso.org/iso-8601-date-and-time-format.html) format. | |preBuffer|Duration|The amount of time to reserve before the appointment begins, for preparation, as an example. The value is expressed in [ISO8601](https://www.iso.org/iso-8601-date-and-time-format.html) format.|
In the request body, supply the values for relevant fields that should be update
|staffMemberIds|String collection|The ID of each [bookingStaffMember](../resources/bookingstaffmember.md) who is scheduled in this appointment.| |start|[dateTimeTimeZone](../resources/datetimetimezone.md)|The date, time, and time zone that the appointment begins.|
+> [!NOTE]
+> If the maximum number of customers (**maximumAttedeesCount**) allowed in the [service](../resources/bookingservice.md) is greater than 1:
+> - Make sure that the customers exist in the Booking Calendar. If they donΓÇÖt, create using the [Create bookingCustomer](bookingbusiness-post-customers.md) operation.
+> - Pass valid customer IDs when you create or update the appointment. If the customer ID is not valid, that customer won't be included in the appointment object.
## Response+ If successful, this method returns a `204, No Content` response code. It does not return anything in the response body.+ ## Example+ ### Request+ The following example changes the date of service by a day and updates the invoice date. # [HTTP](#tab/http)
v1.0 Bookingbusiness Post Appointments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/bookingbusiness-post-appointments.md
One of the following permissions is required to call this API. To learn more, in
POST /bookingBusinesses/{id}/appointments ```+ ## Request headers+ | Name | Description| |:|:-| | Authorization | Bearer {code}. Required.| ## Request body+ In the request body, supply a JSON representation of [bookingAppointment](../resources/bookingappointment.md) object.
+If the maximum number of customers (**maximumAttedeesCount**) allowed in the [service](../resources/bookingservice.md) is greater than 1:
+
+- Make sure that the customers exist in the Booking Calendar. If they donΓÇÖt, create using the [Create bookingCustomer](bookingbusiness-post-customers.md) operation.
+- Pass valid customer IDs when you create or update the appointment. If the customer ID is not valid, that customer won't be included in the appointment object.
## Response+ If successful, this method returns a `201 Created` response code and [bookingAppointment](../resources/bookingappointment.md) object in the response body. ## Example+ ### Request The following is an example of the request. This appointment does not involve booking specific staff members.
v1.0 Bundle Additem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/bundle-additem.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Bundle Removeitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/bundle-removeitem.md
DELETE https://graph.microsoft.com/beta/drive/bundles/{bundle-id}/children/{item
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Certificatebasedauthconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/certificatebasedauthconfiguration-delete.md
DELETE https://graph.microsoft.com/beta/organization/{id}/certificateBasedAuthCo
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Certificatebasedauthconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/certificatebasedauthconfiguration-get.md
GET https://graph.microsoft.com/beta/organization/{id}/certificateBasedAuthConfi
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Channel List Tabs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/channel-list-tabs.md
Namespace: microsoft.graph
Retrieve the list of [tabs](../resources/teamstab.md) in the specified [channel](../resources/channel.md) within a [team](../resources/team.md).
+> **Note**: The Files tab is native to a channel or chat and is not returned by this API.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Chat List Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-list-members.md
Title: "List members of a chat" description: "Retrieve members of a chat."-+ ms.localizationpriority: high ms.prod: "microsoft-teams" doc_type: apiPageType
GET https://graph.microsoft.com/beta/me/chats/19:8b081ef6-4792-4def-b2c9-c363a1b
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Chat Patch https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-patch.md
Title: "Update chat" description: "Update the properties of a chat object."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Chat Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-post-members.md
Title: "Add member to a chat" description: "Add a conversationMember to a chat."-+ doc_type: "apiPageType" ms.localizationpriority: medium ms.prod: "microsoft-teams"
v1.0 Chat Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chat-post.md
The following table lists the properties that are required to create a chat obje
|:|:|:| |topic|(Optional) String|The title of the chat. The chat title can be provided only if the chat is of `group` type.| |chatType|[chatType](../resources/chat.md#chattype-values)| Specifies the type of chat. Possible values are: `group` and `oneOnOne`. |
-|members|[conversationMember](../resources/conversationmember.md) collection|List of conversation members that should be added. Every single user, including the user initiating the create request, who will participate in the chat must be specified in this list.|
+|members|[conversationMember](../resources/conversationmember.md) collection|List of conversation members that should be added. Every user who will participate in the chat, including the user who initiates the create request, must be specified in this list. Each member must be assigned a role of `owner` or `guest`. Guest tenant users must be assigned the `guest` role.|
|installedApps| [teamsApp](../resources/teamsapp.md) collection|List of apps that should be installed in the chat.| > **Note:** Currently, only one app installation is supported. If multiple app installations are listed in the request, the response will be a `Bad Request` error.
Content-Type: application/json
} ```
+### Example 5: Create a group chat with tenant guest user
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_chat_group"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/chats
+Content-Type: application/json
+
+{
+ "chatType": "group",
+ "topic": "Group chat title",
+ "members": [
+ {
+ "@odata.type": "#microsoft.graph.aadUserConversationMember",
+ "roles": ["owner"],
+ "user@odata.bind": "https://graph.microsoft.com/beta/users('8c0a1a67-50ce-4114-bb6c-da9c5dbcf6ca')"
+ },
+ {
+ "@odata.type": "#microsoft.graph.aadUserConversationMember",
+ "roles": ["owner"],
+ "user@odata.bind": "https://graph.microsoft.com/beta/users('82fe7758-5bb3-4f0d-a43f-e555fd399c6f')"
+ },
+ {
+ "@odata.type": "#microsoft.graph.aadUserConversationMember",
+ "roles": ["guest"],
+ "user@odata.bind": "https://graph.microsoft.com/beta/users('8ba98gf6-7fc2-4eb2-c7f2-aef9f21fd98g')"
+ }
+ ]
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++++
+#### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.chat"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#chats/$entity",
+ "id": "19:1c5b01696d2e4a179c292bc9cf04e63b@thread.v2",
+ "topic": "Group chat title",
+ "createdDateTime": "2020-12-04T23:11:16.175Z",
+ "lastUpdatedDateTime": "2020-12-04T23:11:16.175Z",
+ "chatType": "group",
+ "webUrl": "https://teams.microsoft.com/l/chat/19%3A1c5b01696d2e4a179c292bc9cf04e63b@thread.v2/0?tenantId=b33cbe9f-8ebe-4f2a-912b-7e2a427f477f"
+}
+```
+ ## See also - [Get teamsAsyncOperation](teamsasyncoperation-get.md)
v1.0 Chatmessage List Hostedcontents https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/chatmessage-list-hostedcontents.md
GET https://graph.microsoft.com/beta/teams/fbe2bf47-16c8-47cf-b4a5-4b9b187c508b/
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Cloudpcorganizationsettings Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpcorganizationsettings-get.md
If successful, this method returns a `200 OK` response code and a [cloudPcOrgani
## Examples ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_cloudpcorganizationsettings"
If successful, this method returns a `200 OK` response code and a [cloudPcOrgani
``` http GET https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/organizationSettings ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response
v1.0 Cloudpcsnapshot Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpcsnapshot-get.md
+
+ Title: "Get cloudPcSnapshot"
+description: "Read the properties and relationships of a cloudPcSnapshot object."
+
+ms.localizationpriority: medium
++
+# Get cloudPcSnapshot
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [cloudPcSnapshot](../resources/cloudpcsnapshot.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CloudPC.Read.All, CloudPC.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|CloudPC.Read.All, CloudPC.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /deviceManagement/virtualEndpoint/snapshots/{cloudPcSnapshotId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [cloudPcSnapshot](../resources/cloudpcsnapshot.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_cloudpcsnapshot"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/snapshots/A00009UV000_93aff428-61f2-467f-a879-1102af6fd4a8
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.cloudPcSnapshot"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.cloudPcSnapshot",
+ "cloudPcId": "662009bc-7732-4f6f-8726-25883518b33e",
+ "createdDateTime": "2021-08-23T09:28:32.8260335Z",
+ "id": "A00009UV000_93aff428-61f2-467f-a879-1102af6fd4a8",
+ "lastRestoredDateTime": "2021-09-01T09:28:32.8260338Z",
+ "status": "ready"
+ }
+}
+```
+
v1.0 Cloudpcusersetting Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpcusersetting-get.md
Content-Type: application/json
"displayName": "String", "selfServiceEnabled": true, "localAdminEnabled": false,
+ "restorePointSetting": {
+ "frequencyInHours": 16,
+ "userRestoreEnabled": true
+ },
"lastModifiedDateTime": "2021-02-01T10:29:57Z", "createdDateTime": "2021-02-01T10:29:57Z" }
Content-Type: application/json
"displayName": "Display Name value", "selfServiceEnabled": true, "localAdminEnabled": false,
+ "restorePointSetting": {
+ "frequencyInHours": 16,
+ "userRestoreEnabled": true
+ },
"lastModifiedDateTime": "2021-02-01T10:29:57Z", "createdDateTime": "2021-02-01T10:29:57Z", "assignments": [
v1.0 Cloudpcusersetting Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpcusersetting-update.md
The following table shows the properties that are required when you update the [
|displayName|String|The setting name displayed in the user interface.| |localAdminEnabled|Boolean|To turn on the local admin option, change this setting to `True`.ΓÇ» | |selfServiceEnabled|Boolean|To turn on the self-service option, change this setting to `True`.ΓÇ»|
+|restorePointSetting|[cloudPcRestorePointSetting](../resources/cloudpcrestorepointsetting.md)|Defines how frequently a restore point is created (that is, a snapshot is taken) for users' provisioned Cloud PCs (default is 12 hours), and whether the user is allowed to restore their own Cloud PCs to a backup made at a specific point in time.|
|lastModifiedDateTime|DateTimeOffset|The last date and time the setting was modified. The Timestamp type represents the date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this:ΓÇ»'2014-01-01T00:00:00Z'.ΓÇ»|
Content-Type: application/json
"@odata.type": "#microsoft.graph.cloudPcUserSetting", "displayName": "Example", "selfServiceEnabled": true,
+ "restorePointSetting": {
+ "frequencyInHours": "16",
+ "userRestoreEnabled": true
+ },
"localAdminEnabled": false } ```
v1.0 Columndefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/columndefinition-get.md
ms.prod: "sites-and-lists"
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]+ Retrieve the metadata for a [site][], [list][] or [contentType][] [column][columnDefinition]. ## Permissions
-
- One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
- |Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Sites.Read.All, Sites.ReadWrite.All, Sites.Manage.All, Sites.FullControl.All |
GET /sites/{site-id}/lists/{list-id}/contentTypes/{contentType-id}/columns/{colu
## Request body
-
+Do not supply a request body for this method.
-Do not supply a request body with this method.
+## Response
+If successful, this method returns a `200 OK` response code and a [columnDefinition][columnDefinition] object in the response body.
- ## Example
-
- ### Request
-
-
+The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request", "name": "get_column_from_contenttype" } -->
GET /sites/{site-id}/contentTypes/{contentType-id}/columns/{column-id}
-
- ### Response
-
+The following is an example of the response.
<!-- { "blockType": "response", "@type": "microsoft.graph.columnDefinition", "truncated": true } -->
v1.0 Contactmergesuggestions Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/contactmergesuggestions-get.md
+
+ Title: "Get contactMergeSuggestions"
+description: "Read the properties and relationships of a contactMergeSuggestions object."
+
+ms.localizationpriority: medium
++
+# Get contactMergeSuggestions
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [contactMergeSuggestions](../resources/contactmergesuggestions.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|User.Read, User.ReadWrite|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Not supported.|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /me/settings/contactMergeSuggestions
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [contactMergeSuggestions](../resources/contactmergesuggestions.md) object in the response body.
+
+## Examples
+
+The following is an example of the request to get **contactMergeSuggestions** settings for the user.
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_contactmergesuggestions"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/settings/contactMergeSuggestions
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.contactMergeSuggestions",
+ "name": "get_contactmergesuggestions"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "isEnabled": true
+}
+```
+
v1.0 Contactmergesuggestions Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/contactmergesuggestions-update.md
+
+ Title: "Update contactMergeSuggestions"
+description: "Update the properties of a contactMergeSuggestions object."
+
+ms.localizationpriority: medium
++
+# Update contactMergeSuggestions
+Namespace: microsoft.graph
++
+Update the properties of a [contactMergeSuggestions](../resources/contactmergesuggestions.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|User.ReadWrite|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Not supported.|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /me/settings/contactMergeSuggestions
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
++
+|Property|Type|Description|
+|:|:|:|
+|isEnabled|Boolean|`true` if the duplicate contact merge suggestions feature is enabled for user; `false` if the feature is disabled. Default is `true`.|
+++
+## Response
+
+If successful, this method returns a `204 No Content` response code and the value is updated on the backend.
+
+## Examples
+
+The following example updates the **isEnabled** privacy setting to disable the duplicate contacts merge suggestions feature.
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_contactmergesuggestions"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/beta/me/settings/contactMergeSuggestions
+Content-Type: application/json
+
+{
+ "isEnabled": false
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "name": "update_contactmergesuggestions"
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Crosstenantaccesspolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicy-get.md
If successful, this method returns a `200 OK` response code and a [crossTenantAc
### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_crosstenantaccesspolicy"
If successful, this method returns a `200 OK` response code and a [crossTenantAc
``` http GET https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response
v1.0 Crosstenantaccesspolicy List Partners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicy-list-partners.md
If successful, this method returns a `200 OK` response code and a collection of
### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_crosstenantaccesspolicyconfigurationpartner"
If successful, this method returns a `200 OK` response code and a collection of
``` http GET https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partners ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response
v1.0 Crosstenantaccesspolicy Post Partners https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicy-post-partners.md
If successful, this method returns a `201 Created` response code and a [crossTen
### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_crosstenantaccesspolicyconfigurationpartner_from_"
Content-Type: application/json
} } ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response
v1.0 Crosstenantaccesspolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicy-update.md
The [crossTenantAccessPolicy](../resources/crosstenantaccesspolicy.md) object si
### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_crosstenantaccesspolicy"
Content-Type: application/json
"displayName": "CrossTenantAccessPolicy", } ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response
v1.0 Crosstenantaccesspolicyconfigurationdefault Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicyconfigurationdefault-get.md
If successful, this method returns a `200 OK` response code and a [crossTenantAc
### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_crosstenantaccesspolicyconfigurationdefault"
If successful, this method returns a `200 OK` response code and a [crossTenantAc
``` http GET https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/default ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response
v1.0 Crosstenantaccesspolicyconfigurationdefault Resettosystemdefault https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicyconfigurationdefault-resettosystemdefault.md
If successful, this action returns a `204 No Content` response code. To confirm
### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "crosstenantaccesspolicyconfigurationdefault_resettosystemdefault"
If successful, this action returns a `204 No Content` response code. To confirm
``` http POST https://graph.microsoft.com/betefault ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response
v1.0 Crosstenantaccesspolicyconfigurationdefault Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicyconfigurationdefault-update.md
If successful, this method returns a `204 No Content` response code.
### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_crosstenantaccesspolicyconfigurationdefault"
Content-Type: application/json
} } ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response
v1.0 Crosstenantaccesspolicyconfigurationpartner Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicyconfigurationpartner-delete.md
If successful, this method returns a `204 No Content` response code.
### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "delete_crosstenantaccesspolicyconfigurationpartner"
If successful, this method returns a `204 No Content` response code.
``` http DELETE https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partners/9c5d131d-b1c3-4fc4-9e3f-c6557947d551 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response
v1.0 Crosstenantaccesspolicyconfigurationpartner Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicyconfigurationpartner-get.md
If successful, this method returns a `200 OK` response code and a [crossTenantAc
### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_crosstenantaccesspolicyconfigurationpartner"
If successful, this method returns a `200 OK` response code and a [crossTenantAc
``` http GET https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/partners/9c5d131d-b1c3-4fc4-9e3f-c6557947d551 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response
v1.0 Crosstenantaccesspolicyconfigurationpartner Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/crosstenantaccesspolicyconfigurationpartner-update.md
If successful, this method returns a `204 No Content` response code.
### Request +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_crosstenantaccesspolicyconfigurationpartner"
Content-Type: application/json
} } ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ ### Response
v1.0 Customaccesspackageworkflowextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/customaccesspackageworkflowextension-delete.md
+
+ Title: "Delete customAccessPackageWorkflowExtension"
+description: "Delete a customAccessPackageWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Delete customAccessPackageWorkflowExtension
+Namespace: microsoft.graph
++
+Delete a [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object. The custom workflow extension must first be removed from any associated [policies](../resources/accesspackageassignmentpolicy.md) before it can be deleted. Follow these steps to remove the custom workflow extension from any associated policies:
+1. First retrieve the accessPackageCatalogId by calling the [Get accessPackageAssignmentPolicies](accesspackageassignmentpolicy-get.md) operation and appending `?$expand=accessPackage($expand=accessPackageCatalog)` to the query. For example, `https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies?$expand=accessPackage($expand=accessPackageCatalog)`.
+2. Use the access package catalog ID and retrieve the ID of the **customAccessPackageWorkflowExtension** object that you want to delete by running the [LIST customAccessPackageWorkflowExtensions](accesspackagecatalog-list-customaccesspackageworkflowextensions.md) operation.
+3. Call the [Update accessPackageAssignmentPolicy](accesspackageassignmentpolicy-update.md) operation to remove the custom workflow extension object from the policy. For an example, see [Example 2: Remove the customExtensionHandlers from a policy](accesspackageassignmentpolicy-update.md#example-2-remove-the-customextensionhandlers-from-a-policy).
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions/{customAccessPackageWorkflowExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_customaccesspackageworkflowextension"
+}
+-->
+``` http
+DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/customAccessPackageWorkflowExtensions/98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Response
+```
v1.0 Customaccesspackageworkflowextension Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/customaccesspackageworkflowextension-get.md
+
+ Title: "Get customAccessPackageWorkflowExtension"
+description: "Read the properties and relationships of a customAccessPackageWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Get customAccessPackageWorkflowExtension
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object for an [accessPackageCatalog](../resources/accesspackagecatalog.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.Read.All EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.Read.All EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions/{customAccessPackageWorkflowExtensionId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to retrieve specific properties. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_customaccesspackageworkflowextension"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/customAccessPackageWorkflowExtensions/98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.customAccessPackageWorkflowExtension"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/customAccessPackageWorkflowExtensions/98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "id": "98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName": "test_action_0124_email",
+ "description": "this is for graph testing only",
+ "createdDateTime": "2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime": "2022-01-24T21:55:44.953Z",
+ "clientConfiguration": null,
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId": "38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName": "test",
+ "logicAppWorkflowName": "elm-extension-email"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "eed6dee9-7ff7-44a5-8980-c11e8886cea2"
+ }
+}
+```
+
v1.0 Customaccesspackageworkflowextension Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/customaccesspackageworkflowextension-update.md
+
+ Title: "Update customAccessPackageWorkflowExtension"
+description: "Update the properties of a customAccessPackageWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Update customAccessPackageWorkflowExtension
+Namespace: microsoft.graph
++
+Update the properties of an existing [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PUT /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions/{customAccessPackageWorkflowExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
++
+|Property|Type|Description|
+|:|:|:|
+|description|String|Description for the customAccessPackageWorkflowExtension object.|
+|displayName|String|Display name for the customAccessPackageWorkflowExtension.|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow.|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow.|
++
+## Response
+
+If successful, this method returns a `200 OK` response code and an updated [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_customaccesspackageworkflowextension"
+}
+-->
+``` http
+PUT https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/customAccessPackageWorkflowExtensions/98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.customAccessPackageWorkflowExtension",
+ "displayName": "test_action_0124_email",
+ "description": "this is for graph testing only"
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.customAccessPackageWorkflowExtension"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "displayName": "test_action_0124_email",
+ "description": "this is for graph testing only",
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId": "38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName": "EMLogicApp",
+ "logicAppWorkflowName": "elm-extension-email"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "eed6dee9-7ff7-44a5-8980-c11e8886cea2"
+ }
+}
+```
+
v1.0 Device List Memberof https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/device-list-memberof.md
Title: "List device groups"
-description: "Get groups that this device is a direct member of. This operation is not transitive."
+ Title: "List memberOf"
+description: "Get groups or administrative units that this device is a direct member of. This operation is not transitive."
ms.localizationpriority: medium ms.prod: "directory-management" doc_type: apiPageType
-# List device groups
+# List memberOf
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Get groups that this device is a direct member of. This operation is not transitive.
+Get [groups](../resources/group.md) and [administrative units](../resources/administrativeunit.md) that the device is a direct member of. This operation is not transitive.
## Permissions
This method supports the `$search`, `$count`, and `$filter` [OData query paramet
Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries).
-When items are added or updated for this resource, they are specially indexed for use with the `$count` and `$search` query parameters. There can be a slight delay between when an item is added or updated and when it is available in the index.
- ## Request headers | Header | Value | |:|:--|
v1.0 Directory List Administrativeunits https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-list-administrativeunits.md
+
+ Title: "List administrativeUnits"
+description: "Retrieve a list of administrativeUnit objects."
+
+ms.localizationpriority: medium
++
+# List administrativeUnits
+
+Namespace: microsoft.graph
++
+Retrieve a list of [administrativeUnit](../resources/administrativeunit.md) objects.
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
++
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | AdministrativeUnit.Read.All, Directory.Read.All, AdministrativeUnit.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | AdministrativeUnit.Read.All, Directory.Read.All, AdministrativeUnit.ReadWrite.All, Directory.ReadWrite.All |
+
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+```http
+GET /administrativeUnits
+GET /directory/administrativeUnits
+```
+## Optional query parameters
+This method supports the `$count`, `$select`, `$search`, `$filter`, and `$expand` [OData query parameters](/graph/query-parameters) to help customize the response.
++
+## Request headers
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and collection of [administrativeUnit](../resources/administrativeunit.md) objects in the response body.
+## Example
+### Request
+Here is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_administrativeunits"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/administrativeUnits
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+Here is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.administrativeUnit",
+ "isCollection": true
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#administrativeUnits",
+ "value": [
+ {
+ "id": "4d7ea995-bc0f-45c0-8c3e-132e93bf95f8",
+ "deletedDateTime": null,
+ "displayName": "Seattle District Technical Schools",
+ "description": "Seattle district technical schools administration",
+ "isMemberManagementRestricted": null,
+ "visibility": "HiddenMembership",
+ "membershipRule": null,
+ "membershipType": null,
+ "membershipRuleProcessingState": null
+ }
+ ]
+}
+```
+
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!--
+{
+ "type": "#page.annotation",
+ "description": "List administrativeUnits",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}
+-->
v1.0 Directory Post Administrativeunits https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-post-administrativeunits.md
+
+ Title: "Create administrativeUnit"
+description: "Use this API to create a new administrativeUnit."
+
+ms.localizationpriority: medium
++
+# Create administrativeUnit
+
+Namespace: microsoft.graph
++
+Use this API to create a new [administrativeUnit](../resources/administrativeunit.md).
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
++
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | AdministrativeUnit.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | AdministrativeUnit.ReadWrite.All |
+
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+```http
+POST /administrativeUnits
+POST /directory/administrativeUnits
+```
+## Request headers
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer {token}. Required. |
+| Content-type | application/json. Required. |
+
+## Request body
+In the request body, supply a JSON representation of an [administrativeUnit](../resources/administrativeunit.md) object.
+
+Because the **administrativeUnit** resource supports [extensions](/graph/extensibility-overview), you can use the `POST` operation and add custom properties with your own data to the administrative unit while creating it.
+
+## Response
+
+If successful, this method returns a `201 Created` response code and an [administrativeUnit](../resources/administrativeunit.md) object in the response body.
+
+## Example
+
+### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_administrativeunit_from_administrativeunits"
+}-->
+```http
+POST https://graph.microsoft.com/beta/administrativeUnits
+Content-type: application/json
+
+{
+ "displayName": "Seattle District Technical Schools",
+ "description": "Seattle district technical schools administration",
+ "visibility": "HiddenMembership"
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++
+In the request body, supply a JSON representation of an [administrativeUnit](../resources/administrativeunit.md) object.
+
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.administrativeUnit"
+} -->
+```http
+HTTP/1.1 201 Created
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#administrativeUnits/$entity",
+ "id": "7a3dc8f3-b3a0-4164-9a99-ed36f3af039f",
+ "deletedDateTime": null,
+ "displayName": "Seattle District Technical Schools",
+ "description": "Seattle district technical schools administration",
+ "visibility": "HiddenMembership"
+}
+```
+
+## See also
+
+- [Add custom data to resources using extensions](/graph/extensibility-overview)
+- [Add custom data to users using open extensions (preview)](/graph/extensibility-open-users)
+<!--
+- [Add custom data to groups using schema extensions (preview)](/graph/extensibility-schema-groups)
+-->
++
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!--
+{
+ "type": "#page.annotation",
+ "description": "Create administrativeUnit",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}
+-->
++
v1.0 Directorysetting Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directorysetting-delete.md
Title: "Delete a directory setting"
+ Title: "Delete directorySetting"
description: "Delete a directory setting." ms.localizationpriority: medium
ms.prod: "directory-management"
doc_type: apiPageType
-# Delete a directory setting
+# Delete directorySetting
Namespace: microsoft.graph
Namespace: microsoft.graph
Delete a directory setting.
-> **Note**: The /beta version of this API only applies to groups. The /v1.0 version of this API has been renamed to *Delete groupSettings*.
- ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
One of the following permissions is required to call this API. To learn more, in
## HTTP request <!-- { "blockType": "ignored" } -->
-Delete a specific tenant-wide or group setting
+Delete a tenant-wide setting.
```http
-DELETE /settings/{id}
-DELETE /groups/{id}/settings/{id}
+DELETE /settings/{directorySettingId}
+```
+<!-- { "blockType": "ignored" } -->
+Delete a group-specific setting.
+```http
+DELETE /groups/{groupId}/settings/{directorySettingId}
```+ ## Request headers | Name | Description| |:|:-|
Do not supply a request body for this method.
If successful, this method returns `204 No Content` response code. It does not return anything in the response body. ## Example
-##### Request
+### Request
Here is an example of the request. # [HTTP](#tab/http)
Here is an example of the request.
"blockType": "request", "name": "delete_directorysetting" }-->
-```http
-DELETE https://graph.microsoft.com/beta/settings/{id}
+```msgraph-interactive
+DELETE https://graph.microsoft.com/beta/settings/3c105fc3-2254-4861-9e2d-d59e2126f3ef
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/delete-directorysetting-csharp-snippets.md)]
DELETE https://graph.microsoft.com/beta/settings/{id}
-##### Response
+### Response
<!-- { "blockType": "response", "truncated": true
v1.0 Directorysetting Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directorysetting-get.md
Title: "Get a directory setting"
+ Title: "Get directorySetting"
description: "Retrieve the properties of a specific directory setting object." ms.localizationpriority: medium
ms.prod: "directory-management"
doc_type: apiPageType
-# Get a directory setting
+# Get directorySetting
Namespace: microsoft.graph
Namespace: microsoft.graph
Retrieve the properties of a specific directory setting object.
-> **Note**: The /beta version of this API only applies to groups. The /v1.0 version of this API has been renamed to *Get groupSettings*.
- ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). +
+### List tenant-wide settings
+ |Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Directory.Read.All, Directory.ReadWrite.All, Directory.AccessAsUser.All | |Delegated (personal Microsoft account) | Not supported. | |Application | Directory.Read.All, Directory.ReadWrite.All |
+### List group-specific settings
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Group.Read.All, Group.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Group.Read.All, Group.ReadWrite.All |
++ ## HTTP request+
+<!-- { "blockType": "ignored" } -->
+
+Get a tenant-wide setting.
+
+```http
+GET /settings/{directorySettingId}
+```
+ <!-- { "blockType": "ignored" } -->
-Get a specific tenant-wide or group setting
+Get a group-specific setting.
```http
-GET /settings/{id}
-GET /groups/{id}/settings/{id}
+GET /groups/{groupId}/settings/{directorySettingId}
```+ ## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+This method supports the `$select` [OData query parameters](/graph/query-parameters) to help customize the response.
## Request headers | Name |Description|
GET https://graph.microsoft.com/beta/settings/f0b2d6f5-097d-4177-91af-a24e530b53
-##### Response
+### Response
The following is an example of the response. >**Note:** The response object shown here might be shortened for readability. <!-- {
v1.0 Directorysetting List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directorysetting-list.md
- Title: "List directory settings"
-description: "Retrieve a list of directory setting objects."
-
-doc_type: apiPageType
--
-# List directory settings
-
-Namespace: microsoft.graph
--
-Retrieve a list of directory setting objects.
-
-> **Note**: The /beta version of this API is only applies to groups. The /v1.0 version of this API has been renamed to *List groupSettings*.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.Read.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Directory.Read.All, Directory.ReadWrite.All |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-List tenant-wide or group settings
-
-```http
-GET /settings
-GET /groups/{id}/settings
-```
-
-## Optional query parameters
-This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required.|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and collection of [directorySetting](../resources/directorysetting.md) objects in the response body.
-
-## Example
-
-### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_settings_1"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/beta/settings
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-The following is an example of the response.
->**Note:** The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.directorySetting",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#settings",
- "value": [
- {
- "id": "f0b2d6f5-097d-4177-91af-a24e530b53cc",
- "displayName": "Group.Unified",
- "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
- "values": [
- {
- "name": "EnableMIPLabels",
- "value": "true"
- },
- {
- "name": "CustomBlockedWordsList",
- "value": ""
- },
- {
- "name": "EnableMSStandardBlockedWords",
- "value": "true"
- },
- {
- "name": "ClassificationDescriptions",
- "value": ""
- },
- {
- "name": "DefaultClassification",
- "value": ""
- },
- {
- "name": "PrefixSuffixNamingRequirement",
- "value": "[Contoso-][GroupName]"
- },
- {
- "name": "AllowGuestsToBeGroupOwner",
- "value": "false"
- },
- {
- "name": "AllowGuestsToAccessGroups",
- "value": "true"
- },
- {
- "name": "GuestUsageGuidelinesUrl",
- "value": "https://privacy.contoso.com/privacystatement"
- },
- {
- "name": "GroupCreationAllowedGroupId",
- "value": ""
- },
- {
- "name": "AllowToAddGuests",
- "value": "true"
- },
- {
- "name": "UsageGuidelinesUrl",
- "value": ""
- },
- {
- "name": "ClassificationList",
- "value": ""
- },
- {
- "name": "EnableGroupCreation",
- "value": "true"
- }
- ]
- }
- ]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "List settings",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Directorysetting Post Settings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directorysetting-post-settings.md
- Title: "Create a directory setting"
-description: "Use this API to create a new setting, based on the templates available in directorySettingTemplates."
-
-doc_type: apiPageType
--
-# Create a directory setting
-
-Namespace: microsoft.graph
--
-Use this API to create a new setting, based on the templates available in directorySettingTemplates. These settings can be at the tenant-level or at an object level (currently only for groups). The creation request must provide settingValues for all the settings defined in the template. For group-specific settings, only the setting governing whether members of a group can invite guest users can be set. This will govern this behavior once the ability to add guest users to a group is generally available.
-
-> **Note**: The /beta version of this API only applies to groups. The /v1.0 version of this API has been renamed to *Create groupSettings*.
-
-For a list of templates and the properties they support in beta, use a [directorySettingTemplate query](https://developer.microsoft.com/graph/graph-explorer?request=directorySettingTemplates&version=beta). (For v1.0 endpoints, call [groupSettingTemplates](https://developer.microsoft.com/graph/graph-explorer?request=groupSettingTemplates&version=v1.0).)
--
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.ReadWrite.All, Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Directory.ReadWrite.All |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /settings
-POST /groups/{id}/settings
-```
-## Request headers
-| Name | Description|
-|:|:-|
-| Authorization | Bearer {token}. Required.|
-
-## Request body
-In the request body, supply a JSON representation of [directorySetting](../resources/directorysetting.md) object. However, the display name for the setting will be set based on the referenced settings template name.
-
-## Response
-
-If successful, this method returns `201 Created` response code and [directorySetting](../resources/directorysetting.md) object in the response body.
-
-## Example 1: Create a new setting for all Microsoft 365 groups in the tenant
-
-### Request
-The following is an example of the request.
--
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "create_directorysetting_from_settings"
-}-->
-```http
-POST https://graph.microsoft.com/beta/settings
-Content-type: application/json
-
-{
- "displayName": "Group.Unified",
- "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
- "values": [
- {
- "name": "GuestUsageGuidelinesUrl",
- "value": "https://privacy.contoso.com/privacystatement"
- },
- {
- "name": "EnableMSStandardBlockedWords",
- "value": "true"
- },
- {
- "name": "EnableMIPLabels",
- "value": "true"
- },
- {
- "name": "PrefixSuffixNamingRequirement",
- "value": "[Contoso-][GroupName]"
- }
- ]
-}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
----
-In the request body, supply a JSON representation of [directorySetting](../resources/directorysetting.md) object.
-
-### Response
-The following is an example of the response.
-
->**Note:** The response object shown here has been shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.directorySetting"
-} -->
-```http
-HTTP/1.1 201 Created
-Content-type: application/json
-
-{
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#settings/$entity",
- "id": "f0b2d6f5-097d-4177-91af-a24e530b53cc",
- "displayName": "Group.Unified",
- "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
- "values": [
- {
- "name": "GuestUsageGuidelinesUrl",
- "value": "https://privacy.contoso.com/privacystatement"
- },
- {
- "name": "EnableMSStandardBlockedWords",
- "value": "true"
- },
- {
- "name": "EnableMIPLabels",
- "value": "true"
- },
- {
- "name": "PrefixSuffixNamingRequirement",
- "value": "[Contoso-][GroupName]"
- }
- ]
-}
-```
-
-## Example 2: Create a setting to block guests for a specific Microsoft 365 group
-
-### Request
--
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "create_directorysetting_from_settings_for_guests"
-}-->
-```http
-POST https://graph.microsoft.com/v1.0/groups/055a5d18-a3a9-4338-b9c5-de92559b7ebf/settings
-Content-type: application/json
-
-{
- "displayName": "Group.Unified.Guest",
- "templateId": "08d542b9-071f-4e16-94b0-74abb372e3d9",
- "values": [
- {
- "name": "AllowToAddGuests",
- "value": "false"
- }
- ]
-}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
----
-In the request body, supply a JSON representation of [directorySetting](../resources/directorysetting.md) object.
-
-### Response
-
-Note: The response object shown here may be shortened for readability.
-
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.directorySetting"
-} -->
-```http
-HTTP/1.1 201 Created
-Content-type: application/json
-
-{
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#settings/$entity",
- "id": "a77ad44e-aa2a-4976-91b5-b947787b9577",
- "displayName": "Group.Unified.Guest",
- "templateId": "08d542b9-071f-4e16-94b0-74abb372e3d9",
- "values": [
- {
- "name": "AllowToAddGuests",
- "value": "false"
- }
- ]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Create directorySetting",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Directorysetting Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directorysetting-update.md
Title: "Update a directory setting"
+ Title: "Update directorySetting"
description: "Update the properties of a specific directory setting object." ms.localizationpriority: medium
ms.prod: "directory-management"
doc_type: apiPageType
-# Update a directory setting
+# Update directorySetting
Namespace: microsoft.graph
Namespace: microsoft.graph
Update the properties of a specific directory setting object.
-> **Note**: The /beta version of this API only applies to groups. The /v1.0 version of this API has been renamed to *Update groupSettings*.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | Directory.ReadWrite.All | + ## HTTP request <!-- { "blockType": "ignored" } -->
-Update a tenant-wide or group specific setting.
+Update a tenant-wide setting.
+```http
+PATCH /settings/{directorySettingId}
+```
+
+<!-- { "blockType": "ignored" } -->
+Update a group-specific setting.
```http
-PATCH /settings/{id}
-PATCH /groups/{id}/settings/{id}
+PATCH /groups/{groupId}/settings/{directorySettingId}
```+ ## Optional request headers | Name | Description| |:--|:--|
In the request body, supply the values for relevant fields that should be update
If successful, this method returns a `204 OK` response code. ## Example
-##### Request
+### Request
Here is an example of the request. # [HTTP](#tab/http)
Here is an example of the request.
"blockType": "request", "name": "update_directorysetting" }-->
-```http
-PATCH https://graph.microsoft.com/beta/settings/{id}
+```msgraph-interactive
+PATCH https://graph.microsoft.com/beta/settings/3c105fc3-2254-4861-9e2d-d59e2126f3ef
Content-type: application/json {
- "values": [
- {
- "name": "name-value",
- "value": "value-value"
- }
- ]
+ "values": [
+ {
+ "name": "CustomBlockedWordsList",
+ "value": "Contoso"
+ }
+ ]
} ``` # [C#](#tab/csharp)
Content-type: application/json
-##### Response
+### Response
<!-- { "blockType": "response" } -->
v1.0 Driveitem Get Content Format https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/driveitem-get-content-format.md
Not all files can be converted into all formats.
To download the item in its original format, see [download an item's contents](driveitem-get-content.md).
-## Prerequisites
+## Permissions
-To call this API, the user must have granted the application read access to the file the app wishes to convert.
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+|:|:|
+| Delegated (work or school account) | Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
+| Delegated (personal Microsoft account) | Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All |
+| Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
## HTTP request
GET /drive/root:/{path and filename}:/content?format={format}
|:-|:-|:| | _format_ | string | Specify the format the item's content should be downloaded as. | - The following values are valid for the **format** parameter: | Value | Description | Supported source extensions
The following values are valid for the **format** parameter:
## Example - # [HTTP](#tab/http) <!-- { "blockType": "request", "name": "convert-item-content", "scopes": "files.read" } -->
v1.0 Driveitem Get Content https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/driveitem-get-content.md
-description: "Download the contents of the primary stream (file) of a DriveItem. Only driveItems with the file property can be downloaded."
Previously updated : 09/10/2017
+description: "Download the contents of the primary stream (file) of a driveItem. Only driveItems with the file property can be downloaded."
Title: Download a file ms.localizationpriority: medium ms.prod: "sharepoint" doc_type: apiPageType
-# Download the contents of a DriveItem
+# Download the contents of a driveItem
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] [!INCLUDE [tls-1.2-required](../../includes/tls-1.2-required.md)]
-Download the contents of the primary stream (file) of a DriveItem. Only driveItems with the **file** property can be downloaded.
+Download the contents of the primary stream (file) of a [driveItem](../resources/driveitem.md). Only **driveItems** with the **file** property can be downloaded.
## Permissions
GET /users/{userId}/drive/items/{item-id}/content
Here is an example to download a complete file. -
+### Request
# [HTTP](#tab/http) <!-- { "blockType": "request", "name": "download-item-content", "scopes": "files.read" } -->
HTTP/1.1 302 Found
Location: https://b0mpua-by3301.files.1drv.com/y23vmagahszhxzlcvhasdhasghasodfi ```
+## Downloading files in JavaScript apps
+To download files in a JavaScript app, you cannot use the `/content` API, because this responds with a `302` redirect.
+A `302` redirect is explicitly prohibited when a [Cross-Origin Resource Sharing (CORS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) _preflight_ is required, such as when providing the **Authorization** header.
+
+Instead, your app needs to select the `@microsoft.graph.downloadUrl` property, which returns the same URL that `/content` directs to.
+This URL can then be requested directly using XMLHttpRequest.
+Because these URLs are pre-authenticated, they can be retrieved without a CORS preflight request.
+
+### Example
+
+To retrieve the download URL for a file, first make a request that includes the `@microsoft.graph.downloadUrl` property:
+
+```http
+GET /drive/items/{item-ID}?select=id,@microsoft.graph.downloadUrl
+```
+
+This returns the ID and download URL for a file:
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "id": "12319191!11919",
+ "@microsoft.graph.downloadUrl": "https://..."
+}
+```
+
+You can then make an XMLHttpRequest for the URL provided in `@microsoft.graph.downloadUrl` to retrieve the file.
+ ## Partial range downloads To download a partial range of bytes from the file, your app can use the `Range` header as specified in [RFC 2616](https://www.ietf.org/rfc/rfc2616.txt).
v1.0 Driveitem List Children https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/driveitem-list-children.md
GET /drives/{drive-id}/items/{item-id}/children
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Driveitemversion Restore https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/driveitemversion-restore.md
POST /drives/{drive-id}/items/{item-id}/versions/{version-id}/restoreVersion
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Educationclass Delete Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationclass-delete-members.md
DELETE https://graph.microsoft.com/beta/education/classes/11003/members/14008
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Educationclass Delete Teachers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationclass-delete-teachers.md
DELETE https://graph.microsoft.com/beta/education/classes/{id}/teachers/14012
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Educationschool Delete Classes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationschool-delete-classes.md
DELETE https://graph.microsoft.com/beta/education/schools/10001/classes/11001
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Educationschool Delete Users https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/educationschool-delete-users.md
DELETE https://graph.microsoft.com/beta/education/schools/10001/users/13006
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Emailauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/emailauthenticationmethodconfiguration-delete.md
DELETE https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/aut
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Emailauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/emailauthenticationmethodconfiguration-get.md
GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/ema
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Emailauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/emailauthenticationmethodconfiguration-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Entitlementmanagement Post Accesspackageassignmentpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/entitlementmanagement-post-accesspackageassignmentpolicies.md
Content-type: application/json
``` +
+### Example 4: Create a policy and specify the stages to trigger pre-defined custom workflow extensions
+
+#### Request
+
+In the following example, the pre-defined **customAccessPackageWorkflowExtension** object is triggered when an access package assigned request is created and when it's granted.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_accesspackageassignmentpolicy_customaccesspackageworkflowextension"
+}-->
+```msgraph-interactive
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
+Content-type: application/json
+
+{
+ "displayName": "extension-policy",
+ "description": "test",
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "expiration": {
+ "type": "afterDuration",
+ "duration": "P365D"
+ },
+ "canExtend": false,
+ "requestApprovalSettings": null,
+ "requestorSettings": {
+ "acceptRequests": true,
+ "scopeType": "AllExistingDirectorySubjects",
+ "allowedRequestors": [],
+ "isOnBehalfAllowed": false
+ },
+ "accessReviewSettings": null,
+ "questions": [],
+ "customExtensionHandlers": [
+ {
+ "stage": "assignmentRequestCreated",
+ "customExtension": {
+ "id": "219f57b6-7983-45a1-be01-2c228b7a43f8" //customAccessPackageWorkflowExtension.id
+ }
+ },
+ {
+ "stage": "assignmentRequestGranted",
+ "customExtension": {
+ "id": "219f57b6-7983-45a1-be01-2c228b7a43f8"
+ }
+ }
+ ]
+}
+```
+# [JavaScript](#tab/javascript)
+
+# [Go](#tab/go)
+++++
+#### Response
+
+The following is an example of the response. The **customExtensionHandlers** object isn't returned by default. To retrieve this object, use the **GET** method with `$expand`. For more information, see [Retrieve the custom extension handlers for a policy](accesspackageassignmentpolicy-get.md#example-2-retrieve-the-custom-extension-handlers-for-a-policy)
+
+> **Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentPolicy"
+} -->
+
+```http
+HTTP/1.1 201 Created
+Content-type: application/json
+
+{
+ "id": "d0324cbb-24a2-4edb-acca-fee5384c6a5e",
+ "displayName": "extension-policy",
+ "description": "test",
+ "canExtend": false,
+ "durationInDays": 0,
+ "expirationDateTime": null,
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "accessReviewSettings": null,
+ "questions": [],
+ "requestorSettings": {
+ "scopeType": "AllExistingDirectorySubjects",
+ "acceptRequests": true,
+ "allowedRequestors": []
+ },
+ "requestApprovalSettings": {
+ "isApprovalRequired": false,
+ "isApprovalRequiredForExtension": false,
+ "isRequestorJustificationRequired": false,
+ "approvalMode": "NoApproval",
+ "approvalStages": []
+ }
+}
+```
+ <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98 2019-02-04 14:57:30 UTC --> <!-- {
v1.0 Entitlementmanagement Post Accesspackageresourcerequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/entitlementmanagement-post-accesspackageresourcerequests.md
POST /identityGovernance/entitlementManagement/accessPackageResourceRequests
In the request body, supply a JSON representation of an [accessPackageResourceRequest](../resources/accesspackageresourcerequest.md) object. Include the `accessPackageResource` relationship with an [accessPackageResource](../resources/accesspackageresource.md) object as part of the request.
-To add an Azure AD group as a resource to a catalog, set the **catalogId** to be of the ID of the catalog, **requestType** to be `AdminAdd`, and an `accessPackageResource` representing the resource. The value of the **originSystem** property within the `accessPackageResource` should be `AadGroup` and the value of the **originId** is the identifier of the group.
+To add an Azure AD group as a resource to a catalog, set the **catalogId** to be of the ID of the catalog, **requestType** to be `AdminAdd`, and an `accessPackageResource` representing the resource. The value of the **originSystem** property within the `accessPackageResource` should be `AadGroup` and the value of the **originId** is the identifier of the group. If using delegated permissions, the user requesting to add a group should be an owner of the group or in a directory role which allows them to modify groups. If using application permissions, the application requesting to add the group should also be assigned the `Group.ReadWrite.All` permission.
-To remove an Azure AD app from a catalog, set the **catalogId** to be of the ID of the catalog, **requestType** to be `AdminRemove`, and the `accessPackageResource` the resource object to be removed. The resource object can be retrieved using [list accessPackageResources](accesspackagecatalog-list-accesspackageresources.md).
+To add an Azure AD application as a resource to a catalog, set the **catalogId** to be of the ID of the catalog, **requestType** to be `AdminAdd`, and an `accessPackageResource` representing the resource. The value of the **originSystem** property within the `accessPackageResource` should be `AadApplication` and the value of the **originId** is the identifier of the [servicePrincipal](../resources/serviceprincipal.md). If using delegated permissions, the user requesting to add an application should be an owner of the application or in a directory role which allows them to modify application role assignments.
-To assign the geolocation environment for a multi-geolocation Sharepoint Online resource, include the **accessPackageResourceEnvironment** relationship in the `accessPackageResource` object. This can be done in two ways:
+To add a SharePoint Online site as a resource to a catalog, set the **catalogId** to be of the ID of the catalog, **requestType** to be `AdminAdd`, and an `accessPackageResource` representing the resource. The value of the **originSystem** property within the `accessPackageResource` should be `SharePointOnline` and the value of the **originId** is the URI of the [site](../resources/site.md). If using delegated permissions, the user should be in the the SharePoint Administrator role. If using application permissions, the application requesting to add the site should also be assigned the `Sites.FullControl.All` permission. To assign the geolocation environment for a multi-geolocation Sharepoint Online resource, include the **accessPackageResourceEnvironment** relationship in the `accessPackageResource` object. This can be done in two ways:
+ Use `@odata.bind` annotation to assign the `id` of the `accessPackageResourceEnvironment` to an `accessPackageResourceEnvironment` object. + Specify the `originId` parameter of the `accessPackageResourceEnvironment` in an `accessPackageResourceEnvironment` object.
+To remove a resource from a catalog, set the **catalogId** to be of the ID of the catalog, **requestType** to be `AdminRemove`, and the `accessPackageResource` the resource object to be removed. The resource object can be retrieved using [list accessPackageResources](accesspackagecatalog-list-accesspackageresources.md).
## Response
Content-type: application/json
The following is an example of the request for adding an application to a catalog, including specifying a required attribute of that application. +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_accesspackageresourcerequest_from_accesspackageresourcerequests6"
Content-type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++ #### Response
v1.0 Event Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/event-get.md
The following example shows expanding a series master event of a recurring serie
"name": "get_event_seriesMaster_expansion" }--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/me/events/AAMkADAGAADDdm4NAAA=/?$select=subject,start,end,occurrenceId,exceptionOccurrences,cancelledOccurrences$expand=exceptionOccurrences
+GET https://graph.microsoft.com/beta/me/events/AAMkADAGAADDdm4NAAA=/?$select=subject,start,end,occurrenceId,exceptionOccurrences,cancelledOccurrences&$expand=exceptionOccurrences
``` # [Go](#tab/go) [!INCLUDE [sample-code](../includes/snippets/go/get-event-seriesmaster-expansion-go-snippets.md)]
GET https://graph.microsoft.com/beta/me/events/AAMkADAGAADDdm4NAAA=/?$select=sub
[!INCLUDE [sample-code](../includes/snippets/powershell/get-event-seriesmaster-expansion-powershell-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+ #### Response
v1.0 Extensionproperty Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/extensionproperty-delete.md
+
+ Title: "Delete extensionProperty"
+description: "Delete an extensionProperty."
+ms.localizationpriority: medium
+++
+# Delete extensionProperty
+
+Namespace: microsoft.graph
++
+Delete an [extensionProperty](../resources/extensionproperty.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Application.ReadWrite.All, Directory.ReadWrite.All |
+|Delegated (personal Microsoft account) | Application.ReadWrite.All |
+|Application | Application.ReadWrite.OwnedBy, Application.ReadWrite.All, Directory.ReadWrite.All |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+DELETE /applications/{id}/extensionProperties/{id}
+```
+
+## Request headers
+
+| Name | Description|
+|:--|:-|
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_extensionproperty"
+}-->
+
+```http
+DELETE https://graph.microsoft.com/beta/applications/fd918e4b-c821-4efb-b50a-5eddd23afc6f/extensionProperties/
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Delete extensionProperty",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
+++
v1.0 Extensionproperty Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/extensionproperty-get.md
+
+ Title: "Get extensionProperty"
+description: "Read an extensionProperty object."
+
+ms.localizationpriority: medium
++
+# Get extensionProperty
+Namespace: microsoft.graph
++
+Read an [extensionProperty](../resources/extensionproperty.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Application.Read.All, Directory.Read.All, Application.ReadWrite.All |
+|Delegated (personal Microsoft account) | Application.Read.All, Application.ReadWrite.All |
+|Application | Application.Read.All, Application.ReadWrite.OwnedBy, Application.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /applications/{applicationsId}/extensionProperties/{extensionPropertyId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [extensionProperty](../resources/extensionproperty.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_extensionproperty"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/applications/fd918e4b-c821-4efb-b50a-5eddd23afc6f/extensionProperties/1f0f15e3-925d-40f0-8fc8-9d3ad135bce0
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.extensionProperty"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#applications('fd918e4b-c821-4efb-b50a-5eddd23afc6f')/extensionProperties/$entity",
+ "id": "1f0f15e3-925d-40f0-8fc8-9d3ad135bce0",
+ "deletedDateTime": null,
+ "appDisplayName": "b2c-extensions-app. Do not modify. Used by AADB2C for storing user data.",
+ "name": "extension_25883231668a43a780b25685c3f874bc_cpiminternal_useAccountEnabledForPhone",
+ "dataType": "String",
+ "isSyncedFromOnPremises": false,
+ "targetObjects": [
+ "User"
+ ]
+}
+```
+
v1.0 Externalconnectors Connectionoperation Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-connectionoperation-get.md
GET https://graph.microsoft.com/beta/external/connections/contosohr/operations/3
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalconnection Post Groups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-externalconnection-post-groups.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalconnection Post Schema https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-externalconnection-post-schema.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ <!-- markdownlint-disable MD024 -->
v1.0 Externalconnectors Externalconnection Put Items https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-externalconnection-put-items.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/objc/create-externalitem-from-connections-objc-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalgroup Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-externalgroup-delete.md
DELETE https://graph.microsoft.com/beta/external/connections/contosohr/groups/31
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalgroup Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-externalgroup-post-members.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalgroupmember Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-externalgroupmember-delete.md
DELETE https://graph.microsoft.com/beta/external/connections/contosohr/groups/31
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ <!-- markdownlint-disable MD024 -->
v1.0 Externalconnectors Externalitem Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-externalitem-delete.md
DELETE https://graph.microsoft.com/beta/external/connections/contosohr/items/TSP
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalitem Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-externalitem-update.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Schema Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-schema-get.md
GET https://graph.microsoft.com/beta/external/connections/contosohr/schema
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Schema Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/externalconnectors-schema-update.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Fido2authenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/fido2authenticationmethodconfiguration-delete.md
DELETE https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/aut
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Fido2authenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/fido2authenticationmethodconfiguration-get.md
GET https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authen
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Fido2authenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/fido2authenticationmethodconfiguration-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Governanceresource Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceresource-get.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve the properties and relationships of a [governanceResource](../resources/governanceresource.md) object.
v1.0 Governanceresource List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceresource-list.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve a collection of [governanceResource](../resources/governanceresource.md) that the requestor has access to.
v1.0 Governanceresource Register https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceresource-register.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Register a [governanceResource](../resources/governanceresource.md) object in Privileged Identity Management.
v1.0 Governanceroleassignment Export https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignment-export.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve a collection of [governanceRoleAssignmentRequests](../resources/governanceroleassignmentrequest.md) in the format `application/octet-stream`, which can be parsed as a .csv file in the browser.
v1.0 Governanceroleassignment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignment-get.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve the properties and relationships of a [governanceRoleAssignment](../resources/governanceroleassignment.md).
v1.0 Governanceroleassignment List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignment-list.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve a collection of [governanceRoleAssignments](../resources/governanceroleassignment.md).
v1.0 Governanceroleassignmentrequest Cancel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignmentrequest-cancel.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Cancel a [governanceRoleAssignmentRequest](../resources/governanceroleassignmentrequest.md).
v1.0 Governanceroleassignmentrequest Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignmentrequest-get.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Get a [governanceRoleAssignmentRequest](../resources/governanceroleassignmentrequest.md).
v1.0 Governanceroleassignmentrequest List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignmentrequest-list.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve a collection of [governanceRoleAssignmentRequests](../resources/governanceroleassignmentrequest.md).
v1.0 Governanceroleassignmentrequest Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignmentrequest-post.md
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Create a role assignment request to represent the operation you want on a role assignment. The following table lists the operations.
v1.0 Governanceroleassignmentrequest Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroleassignmentrequest-update.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Enable administrators to update their decisions (`AdminApproved` or `AdminDenied`) on [governanceRoleAssignmentRequests](../resources/governanceroleassignmentrequest.md) that are in status of `PendingAdminDecision`.
v1.0 Governanceroledefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroledefinition-get.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve the properties and relationships of a [governanceRoleDefinition](../resources/governanceroledefinition.md).
v1.0 Governanceroledefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governanceroledefinition-list.md
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Get a collection of [governanceRoleDefinitions](../resources/governanceroledefinition.md) on a resource.
v1.0 Governancerolesetting Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governancerolesetting-get.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve the properties and relationships of a [governanceRoleSetting](../resources/governancerolesetting.md).
v1.0 Governancerolesetting List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governancerolesetting-list.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve a collection of [governanceRoleSettings](../resources/governancerolesetting.md) on a resource.
v1.0 Governancerolesetting Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/governancerolesetting-update.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Update the properties of [governanceRoleSetting](../resources/governancerolesetting.md).
v1.0 Group Assignlicense https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-assignlicense.md
In the request body, provide a JSON object with the following parameters.
| Parameter | Type |Description| |:|:--|:-| |addLicenses|[assignedLicense](../resources/assignedlicense.md) collection|A collection of [assignedLicense](../resources/assignedlicense.md) objects that specify the licenses to add. You can disable servicePlans associated with a license by setting the **disabledPlans** property on an [assignedLicense](../resources/assignedlicense.md) object.|
-|removeLicenses|GUID collection|A collection of skuIds that identify the licenses to remove.|
+|removeLicenses|Guid collection|A collection of skuIds that identify the licenses to remove.|
## Response
v1.0 Group Delete Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-delete-members.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | GroupMember.ReadWrite.All, Group.ReadWrite.All, Directory.ReadWrite.All |
+> [!IMPORTANT]
+> To remove members from a role-assignable group, the calling user or app must also be assigned the *RoleManagement.ReadWrite.Directory* permission.
+ ## HTTP request <!-- { "blockType": "ignored" } --> ```http
v1.0 Group List Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-list-members.md
Content-type: application/json
} -->
+### Example 6: Use OData cast to retrieve service principals added as group members
+#### Request
+
+The following is an example of the request.
+
+<!-- {
+ "blockType": "request",
+ "name": "get_members_serviceprincipals"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/groups/3802e9bb-0951-4e18-b9eb-f934b4241194/members/microsoft.graph.servicePrincipal
+```
+
+#### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.servicePrincipal",
+ "isCollection": true
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#servicePrincipals",
+ "value": [
+ {
+ "id": "11111111-2222-3333-4444-555555555555",
+ "deletedDateTime": null,
+ "accountEnabled": true,
+ "appDisplayName": "Contoso Azure App",
+ "appId": "11111111-2222-3333-4444-555555555555",
+ }
+ ]
+}
+```
v1.0 Group List Settings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-list-settings.md
+
+ Title: "List settings"
+description: "Retrieve a list of directory setting objects."
+
+ms.localizationpriority: medium
++
+# List settings
+
+Namespace: microsoft.graph
++
+Retrieve a list of tenant-level or group-specific group settings objects.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+### List tenant-wide settings
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Directory.Read.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Directory.Read.All, Directory.ReadWrite.All |
+
+### List group-specific settings
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Group.Read.All, Group.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Group.Read.All, Group.ReadWrite.All |
+
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+List tenant-wide or group settings
+```http
+GET /settings
+```
+
+<!-- { "blockType": "ignored" } -->
+List group-specific settings
+```http
+GET /groups/{groupId}/settings
+```
+
+## Optional query parameters
+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.
+
+## Request headers
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and collection of [directorySetting](../resources/directorysetting.md) objects in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_settings_1"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/settings
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.directorySetting",
+ "isCollection": true
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#settings",
+ "value": [
+ {
+ "id": "f0b2d6f5-097d-4177-91af-a24e530b53cc",
+ "displayName": "Group.Unified",
+ "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
+ "values": [
+ {
+ "name": "EnableMIPLabels",
+ "value": "true"
+ },
+ {
+ "name": "CustomBlockedWordsList",
+ "value": ""
+ },
+ {
+ "name": "EnableMSStandardBlockedWords",
+ "value": "true"
+ },
+ {
+ "name": "ClassificationDescriptions",
+ "value": ""
+ },
+ {
+ "name": "DefaultClassification",
+ "value": ""
+ },
+ {
+ "name": "PrefixSuffixNamingRequirement",
+ "value": "[Contoso-][GroupName]"
+ },
+ {
+ "name": "AllowGuestsToBeGroupOwner",
+ "value": "false"
+ },
+ {
+ "name": "AllowGuestsToAccessGroups",
+ "value": "true"
+ },
+ {
+ "name": "GuestUsageGuidelinesUrl",
+ "value": "https://privacy.contoso.com/privacystatement"
+ },
+ {
+ "name": "GroupCreationAllowedGroupId",
+ "value": ""
+ },
+ {
+ "name": "AllowToAddGuests",
+ "value": "true"
+ },
+ {
+ "name": "UsageGuidelinesUrl",
+ "value": ""
+ },
+ {
+ "name": "ClassificationList",
+ "value": ""
+ },
+ {
+ "name": "EnableGroupCreation",
+ "value": "true"
+ }
+ ]
+ }
+ ]
+}
+```
+
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!--
+{
+ "type": "#page.annotation",
+ "description": "List settings",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}
+-->
v1.0 Group List Transitivemembers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-list-transitivemembers.md
ConsistencyLevel: eventual
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
ConsistencyLevel: eventual
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Group List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-list.md
Content-type: application/json
} ``` +
+### Example 8: List any groups with any licenses
+
+#### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_groups_with_licenses"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/groups?$select=id,assignedLicenses&$filter=assignedLicenses/any()
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.group",
+ "isCollection": true
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#groups(id,assignedLicenses)",
+ "value": [
+ {
+ "id": "5caf712c-8483-4b3d-8384-d8da988c0ca4",
+ "assignedLicenses": [
+ {
+ "disabledPlans": [],
+ "skuId": "6fd2c87f-b296-42f0-b197-1e91e994b900"
+ }
+ ]
+ },
+ {
+ "id": "aae8ec2a-5a08-4013-ae70-fafbb5c20de1",
+ "assignedLicenses": [
+ {
+ "disabledPlans": [
+ "7547a3fe-08ee-4ccb-b430-5077c5041653"
+ ],
+ "skuId": "18181a46-0d4e-45cd-891e-60aabd171b4e"
+ }
+ ]
+ },
+ {
+ "id": "e55bdaa0-e104-479a-979e-b0457fff6380",
+ "assignedLicenses": [
+ {
+ "disabledPlans": [
+ "7547a3fe-08ee-4ccb-b430-5077c5041653"
+ ],
+ "skuId": "6fd2c87f-b296-42f0-b197-1e91e994b900"
+ }
+ ]
+ }
+ ]
+}
+```
++ <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!--
v1.0 Group Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-post-members.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | GroupMember.ReadWrite.All, Group.ReadWrite.All, Directory.ReadWrite.All |
+> [!IMPORTANT]
+> To add members to a role-assignable group, the calling user or app must also be assigned the *RoleManagement.ReadWrite.Directory* permission.
+ ## HTTP request <!-- { "blockType": "ignored" } --> ```http
v1.0 Group Post Settings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-post-settings.md
Title: "Create a directory setting on groups"
+ Title: "Create settings"
description: "Use this API to create a new directory setting for the group." ms.localizationpriority: medium
ms.prod: "groups"
doc_type: apiPageType
-# Create a directory setting on groups
+# Create settings
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Use this API to create a new directory setting for the group.
+Create a new setting based on the templates available in [directorySettingTemplates](../resources/directorysettingtemplate.md). These settings can be at the tenant-level or at the group level.
+
+Group settings apply to only Microsoft 365 groups. The template named `Group.Unified` can be used to configure tenant-wide Microsoft 365 group settings, while the template named `Group.Unified.Guest` can be used to configure group-specific settings.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
One of the following permissions is required to call this API. To learn more, in
|Application | Directory.ReadWrite.All | ## HTTP request+
+Create a tenant-wide setting.
+<!-- { "blockType": "ignored" } -->
+```http
+POST /settings
+```
+
+Create a group-specific setting.
<!-- { "blockType": "ignored" } --> ```http POST /groups/{id}/settings ```+ ## Request headers | Name | Description| |:|:-|
In the request body, supply a JSON representation of [directorySetting](../resou
If successful, this method returns `201 Created` response code and [directorySetting](../resources/directorysetting.md) object in the response body.
-## Example
-### Request
+## Examples
+
+### Example 1: Create a setting to block guests for a specific Microsoft 365 group
+
+#### Request
The following is an example of the request. # [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_directorysetting_from_group"
+ "name": "create_groupsetting_from_groupsettings_for_guests"
}--> ```http
-POST https://graph.microsoft.com/beta/groups/{id}/settings
+POST https://graph.microsoft.com/beta/groups/05aa6a98-956a-45c0-b13b-88076a23f2cd/settings
Content-type: application/json {
- "directorySetting": {
- "displayName": "displayName-value",
- "templateId": "templateId-value",
+ "templateId": "08d542b9-071f-4e16-94b0-74abb372e3d9",
"values": [
- {
- "name": "name-value",
- "value": "value-value"
- }
+ {
+ "name": "AllowToAddGuests",
+ "value": "false"
+ }
]
- }
} ``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell)+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-### Response
+#### Response
The following is an example of the response. >**Note:** The response object shown here might be shortened for readability. <!-- {
HTTP/1.1 201 Created
Content-type: application/json {
- "directorySetting": {
- "id": "id-value",
- "displayName": "displayName-value",
- "templateId": "templateId-value",
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#settings/$entity",
+ "id": "a06fa228-3042-4662-bd09-33e298da1afe",
+ "displayName": null,
+ "templateId": "08d542b9-071f-4e16-94b0-74abb372e3d9",
+ "values": [
+ {
+ "name": "AllowToAddGuests",
+ "value": "false"
+ }
+ ]
+}
+```
+
+### Example 2: Create a directory or tenant-level setting
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_directorysettings"
+}-->
+```msgraph-interactive
+POST https://graph.microsoft.com/beta/settings
+Content-type: application/json
+
+{
+ "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
+ "values": [
+ {
+ "name": "GuestUsageGuidelinesUrl",
+ "value": "https://privacy.contoso.com/privacystatement"
+ },
+ {
+ "name": "EnableMSStandardBlockedWords",
+ "value": "true"
+ },
+ {
+ "name": "EnableMIPLabels",
+ "value": "true"
+ },
+ {
+ "name": "PrefixSuffixNamingRequirement",
+ "value": "[Contoso-][GroupName]"
+ }
+ ]
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++
+#### Response
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.directorySetting"
+} -->
+```http
+HTTP/1.1 201 Created
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#settings/$entity",
+ "id": "844d252c-4de2-43eb-a784-96df77231aae",
+ "displayName": null,
+ "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
"values": [
- {
- "name": "name-value",
- "value": "value-value"
- }
+ {
+ "name": "GuestUsageGuidelinesUrl",
+ "value": "https://privacy.contoso.com/privacystatement"
+ },
+ {
+ "name": "EnableMSStandardBlockedWords",
+ "value": "true"
+ },
+ {
+ "name": "EnableMIPLabels",
+ "value": "true"
+ },
+ {
+ "name": "PrefixSuffixNamingRequirement",
+ "value": "[Contoso-][GroupName]"
+ }
]
- }
} ```
v1.0 Identityapiconnector Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identityapiconnector-create.md
Content-Type: application/json
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/apiConnectors/$entity",
- "id":"guid",
+ "id":"GUID",
"displayName": "Test API", "targetUrl": "https://someapi.com/api", "authenticationConfiguration": {
Content-Type: application/json
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/apiConnectors/$entity",
- "id":"guid",
+ "id":"GUID",
"displayName": "Test API", "targetUrl": "https://someotherapi.com/api", "authenticationConfiguration": {
v1.0 Identityapiconnector Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identityapiconnector-get.md
Content-Type: application/json
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/apiConnectors/$entity",
- "id":"guid",
+ "id":"GUID",
"displayName": "Test API", "targetUrl": "https://someapi.com/api", "authenticationConfiguration": {
v1.0 Identityapiconnector Uploadclientcertificate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identityapiconnector-uploadclientcertificate.md
Content-type: application/json
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identity/apiConnectors/$entity",
- "id": "guid",
+ "id": "45715bb8-13f9-4bf6-927f-ef96c102d394",
"displayName": "My API connector", "targetUrl": "https://api.contoso.com/endpoint", "authenticationConfiguration": {
v1.0 Identityprotectionroot List Riskyserviceprincipals https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identityprotectionroot-list-riskyserviceprincipals.md
If successful, this method returns a `200 OK` response code and a collection of
## Examples ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_riskyserviceprincipal"
If successful, this method returns a `200 OK` response code and a collection of
``` http GET https://graph.microsoft.com/beta/identityProtection/riskyServicePrincipals ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response
v1.0 Identityprotectionroot List Serviceprincipalriskdetections https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identityprotectionroot-list-serviceprincipalriskdetections.md
If successful, this method returns a `200 OK` response code and a collection of
#### Request The following is an example of the request.+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_serviceprincipalriskdetection"
The following is an example of the request.
``` http GET https://graph.microsoft.com/beta/identityProtection/servicePrincipalRiskDetections ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ #### Response
Content-Type: application/json
#### Request The following example shows how to use `$filter` to get the collection of service principal risk detections where the risk level is `medium` or the risk event type is `investigationsThreatIntelligence`. +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_filter_serviceprincipalriskdetection"
The following example shows how to use `$filter` to get the collection of servic
``` http GET https://graph.microsoft.com/beta/identityProtection/servicePrincipalRiskDetections?$filter=riskEventType eq 'investigationsThreatIntelligence' or riskLevel eq 'medium' ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ #### Response The following is an example of the response.
v1.0 Informationprotectionlabel Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/informationprotectionlabel-get.md
GET https://graph.microsoft.com/beta/me/informationprotection/policy/labels/{id}
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Informationprotectionpolicy List Labels https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/informationprotectionpolicy-list-labels.md
GET https://graph.microsoft.com/beta/me/informationProtection/policy/labels
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Intune Deviceconfig Aospdeviceownercertificateprofilebase Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownercertificateprofilebase-get.md
+
+ Title: "Get aospDeviceOwnerCertificateProfileBase"
+description: "Read properties and relationships of the aospDeviceOwnerCertificateProfileBase object."
+
+localization_priority: Normal
++
+# Get aospDeviceOwnerCertificateProfileBase
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Read properties and relationships of the [aospDeviceOwnerCertificateProfileBase](../resources/intune-deviceconfig-aospdeviceownercertificateprofilebase.md) object.
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/groupAssignments/{deviceConfigurationGroupAssignmentId}/deviceConfiguration
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations/{deviceConfigurationId}
+```
+
+## Optional query parameters
+This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `200 OK` response code and [aospDeviceOwnerCertificateProfileBase](../resources/intune-deviceconfig-aospdeviceownercertificateprofilebase.md) object in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+GET https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 1295
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerCertificateProfileBase",
+ "id": "0a3f3f7e-3f7e-0a3f-7e3f-3f0a7e3f3f0a",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7
+ }
+}
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownercertificateprofilebase List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownercertificateprofilebase-list.md
+
+ Title: "List aospDeviceOwnerCertificateProfileBases"
+description: "List properties and relationships of the aospDeviceOwnerCertificateProfileBase objects."
+
+localization_priority: Normal
++
+# List aospDeviceOwnerCertificateProfileBases
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+List properties and relationships of the [aospDeviceOwnerCertificateProfileBase](../resources/intune-deviceconfig-aospdeviceownercertificateprofilebase.md) objects.
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /deviceManagement/deviceConfigurations
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `200 OK` response code and a collection of [aospDeviceOwnerCertificateProfileBase](../resources/intune-deviceconfig-aospdeviceownercertificateprofilebase.md) objects in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+GET https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 1373
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerCertificateProfileBase",
+ "id": "0a3f3f7e-3f7e-0a3f-7e3f-3f0a7e3f3f0a",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7
+ }
+ ]
+}
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownerpkcscertificateprofile Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownerpkcscertificateprofile-create.md
+
+ Title: "Create aospDeviceOwnerPkcsCertificateProfile"
+description: "Create a new aospDeviceOwnerPkcsCertificateProfile object."
+
+localization_priority: Normal
++
+# Create aospDeviceOwnerPkcsCertificateProfile
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Create a new [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) object.
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /deviceManagement/deviceConfigurations
+POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+In the request body, supply a JSON representation for the aospDeviceOwnerPkcsCertificateProfile object.
+
+The following table shows the properties that are required when you create the aospDeviceOwnerPkcsCertificateProfile.
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|Key of the entity. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|lastModifiedDateTime|DateTimeOffset|DateTime the object was last modified. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|roleScopeTagIds|String collection|List of Scope Tags for this Entity instance. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|supportsScopeTags|Boolean|Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsEdition|[deviceManagementApplicabilityRuleOsEdition](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosedition.md)|The OS edition applicability for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsVersion|[deviceManagementApplicabilityRuleOsVersion](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosversion.md)|The OS version applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleDeviceMode|[deviceManagementApplicabilityRuleDeviceMode](../resources/intune-deviceconfig-devicemanagementapplicabilityruledevicemode.md)|The device mode applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|createdDateTime|DateTimeOffset|DateTime the object was created. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|description|String|Admin provided description of the Device Configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|displayName|String|Admin provided name of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|version|Int32|Version of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|certificationAuthority|String|PKCS Certification Authority|
+|certificationAuthorityName|String|PKCS Certification Authority Name|
+|certificationAuthorityType|[deviceManagementCertificationAuthority](../resources/intune-deviceconfig-devicemanagementcertificationauthority.md)|Certification authority type. Possible values are: `notConfigured`, `microsoft`, `digiCert`.|
+|certificateTemplateName|String|PKCS Certificate Template Name|
+|subjectAlternativeNameFormatString|String|Custom String that defines the AAD Attribute.|
+|subjectNameFormatString|String|Custom format to use with SubjectNameFormat = Custom. Example: CN={{EmailAddress}},E={{EmailAddress}},OU=Enterprise Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US|
+|certificateStore|[certificateStore](../resources/intune-shared-certificatestore.md)|Target store certificate. Possible values are: `user`, `machine`.|
+|customSubjectAlternativeNames|[customSubjectAlternativeName](../resources/intune-deviceconfig-customsubjectalternativename.md) collection|Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements.|
+++
+## Response
+If successful, this method returns a `201 Created` response code and a [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) object in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations
+Content-type: application/json
+Content-length: 1663
+
+{
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerPkcsCertificateProfile",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "certificationAuthority": "Certification Authority value",
+ "certificationAuthorityName": "Certification Authority Name value",
+ "certificationAuthorityType": "microsoft",
+ "certificateTemplateName": "Certificate Template Name value",
+ "subjectAlternativeNameFormatString": "Subject Alternative Name Format String value",
+ "subjectNameFormatString": "Subject Name Format String value",
+ "certificateStore": "machine",
+ "customSubjectAlternativeNames": [
+ {
+ "@odata.type": "microsoft.graph.customSubjectAlternativeName",
+ "sanType": "emailAddress",
+ "name": "Name value"
+ }
+ ]
+}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+Content-Length: 1835
+
+{
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerPkcsCertificateProfile",
+ "id": "9e0cbf94-bf94-9e0c-94bf-0c9e94bf0c9e",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "certificationAuthority": "Certification Authority value",
+ "certificationAuthorityName": "Certification Authority Name value",
+ "certificationAuthorityType": "microsoft",
+ "certificateTemplateName": "Certificate Template Name value",
+ "subjectAlternativeNameFormatString": "Subject Alternative Name Format String value",
+ "subjectNameFormatString": "Subject Name Format String value",
+ "certificateStore": "machine",
+ "customSubjectAlternativeNames": [
+ {
+ "@odata.type": "microsoft.graph.customSubjectAlternativeName",
+ "sanType": "emailAddress",
+ "name": "Name value"
+ }
+ ]
+}
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownerpkcscertificateprofile Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownerpkcscertificateprofile-delete.md
+
+ Title: "Delete aospDeviceOwnerPkcsCertificateProfile"
+description: "Deletes a aospDeviceOwnerPkcsCertificateProfile."
+
+localization_priority: Normal
++
+# Delete aospDeviceOwnerPkcsCertificateProfile
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Deletes a [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md).
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /deviceManagement/deviceConfigurations/{deviceConfigurationId}
+DELETE /deviceManagement/deviceConfigurations/{deviceConfigurationId}/groupAssignments/{deviceConfigurationGroupAssignmentId}/deviceConfiguration
+DELETE /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations/{deviceConfigurationId}
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `204 No Content` response code.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+DELETE https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 204 No Content
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownerpkcscertificateprofile Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownerpkcscertificateprofile-get.md
+
+ Title: "Get aospDeviceOwnerPkcsCertificateProfile"
+description: "Read properties and relationships of the aospDeviceOwnerPkcsCertificateProfile object."
+
+localization_priority: Normal
++
+# Get aospDeviceOwnerPkcsCertificateProfile
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Read properties and relationships of the [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) object.
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/groupAssignments/{deviceConfigurationGroupAssignmentId}/deviceConfiguration
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations/{deviceConfigurationId}
+```
+
+## Optional query parameters
+This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `200 OK` response code and [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) object in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+GET https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 1946
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerPkcsCertificateProfile",
+ "id": "9e0cbf94-bf94-9e0c-94bf-0c9e94bf0c9e",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "certificationAuthority": "Certification Authority value",
+ "certificationAuthorityName": "Certification Authority Name value",
+ "certificationAuthorityType": "microsoft",
+ "certificateTemplateName": "Certificate Template Name value",
+ "subjectAlternativeNameFormatString": "Subject Alternative Name Format String value",
+ "subjectNameFormatString": "Subject Name Format String value",
+ "certificateStore": "machine",
+ "customSubjectAlternativeNames": [
+ {
+ "@odata.type": "microsoft.graph.customSubjectAlternativeName",
+ "sanType": "emailAddress",
+ "name": "Name value"
+ }
+ ]
+ }
+}
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownerpkcscertificateprofile List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownerpkcscertificateprofile-list.md
+
+ Title: "List aospDeviceOwnerPkcsCertificateProfiles"
+description: "List properties and relationships of the aospDeviceOwnerPkcsCertificateProfile objects."
+
+localization_priority: Normal
++
+# List aospDeviceOwnerPkcsCertificateProfiles
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+List properties and relationships of the [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) objects.
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /deviceManagement/deviceConfigurations
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `200 OK` response code and a collection of [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) objects in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+GET https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 2052
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerPkcsCertificateProfile",
+ "id": "9e0cbf94-bf94-9e0c-94bf-0c9e94bf0c9e",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "certificationAuthority": "Certification Authority value",
+ "certificationAuthorityName": "Certification Authority Name value",
+ "certificationAuthorityType": "microsoft",
+ "certificateTemplateName": "Certificate Template Name value",
+ "subjectAlternativeNameFormatString": "Subject Alternative Name Format String value",
+ "subjectNameFormatString": "Subject Name Format String value",
+ "certificateStore": "machine",
+ "customSubjectAlternativeNames": [
+ {
+ "@odata.type": "microsoft.graph.customSubjectAlternativeName",
+ "sanType": "emailAddress",
+ "name": "Name value"
+ }
+ ]
+ }
+ ]
+}
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownerpkcscertificateprofile Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownerpkcscertificateprofile-update.md
+
+ Title: "Update aospDeviceOwnerPkcsCertificateProfile"
+description: "Update the properties of a aospDeviceOwnerPkcsCertificateProfile object."
+
+localization_priority: Normal
++
+# Update aospDeviceOwnerPkcsCertificateProfile
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Update the properties of a [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) object.
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}
+PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/groupAssignments/{deviceConfigurationGroupAssignmentId}/deviceConfiguration
+PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations/{deviceConfigurationId}
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+In the request body, supply a JSON representation for the [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) object.
+
+The following table shows the properties that are required when you create the [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md).
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|Key of the entity. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|lastModifiedDateTime|DateTimeOffset|DateTime the object was last modified. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|roleScopeTagIds|String collection|List of Scope Tags for this Entity instance. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|supportsScopeTags|Boolean|Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsEdition|[deviceManagementApplicabilityRuleOsEdition](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosedition.md)|The OS edition applicability for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsVersion|[deviceManagementApplicabilityRuleOsVersion](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosversion.md)|The OS version applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleDeviceMode|[deviceManagementApplicabilityRuleDeviceMode](../resources/intune-deviceconfig-devicemanagementapplicabilityruledevicemode.md)|The device mode applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|createdDateTime|DateTimeOffset|DateTime the object was created. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|description|String|Admin provided description of the Device Configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|displayName|String|Admin provided name of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|version|Int32|Version of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|certificationAuthority|String|PKCS Certification Authority|
+|certificationAuthorityName|String|PKCS Certification Authority Name|
+|certificationAuthorityType|[deviceManagementCertificationAuthority](../resources/intune-deviceconfig-devicemanagementcertificationauthority.md)|Certification authority type. Possible values are: `notConfigured`, `microsoft`, `digiCert`.|
+|certificateTemplateName|String|PKCS Certificate Template Name|
+|subjectAlternativeNameFormatString|String|Custom String that defines the AAD Attribute.|
+|subjectNameFormatString|String|Custom format to use with SubjectNameFormat = Custom. Example: CN={{EmailAddress}},E={{EmailAddress}},OU=Enterprise Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US|
+|certificateStore|[certificateStore](../resources/intune-shared-certificatestore.md)|Target store certificate. Possible values are: `user`, `machine`.|
+|customSubjectAlternativeNames|[customSubjectAlternativeName](../resources/intune-deviceconfig-customsubjectalternativename.md) collection|Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements.|
+++
+## Response
+If successful, this method returns a `200 OK` response code and an updated [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) object in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+PATCH https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}
+Content-type: application/json
+Content-length: 1663
+
+{
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerPkcsCertificateProfile",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "certificationAuthority": "Certification Authority value",
+ "certificationAuthorityName": "Certification Authority Name value",
+ "certificationAuthorityType": "microsoft",
+ "certificateTemplateName": "Certificate Template Name value",
+ "subjectAlternativeNameFormatString": "Subject Alternative Name Format String value",
+ "subjectNameFormatString": "Subject Name Format String value",
+ "certificateStore": "machine",
+ "customSubjectAlternativeNames": [
+ {
+ "@odata.type": "microsoft.graph.customSubjectAlternativeName",
+ "sanType": "emailAddress",
+ "name": "Name value"
+ }
+ ]
+}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 1835
+
+{
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerPkcsCertificateProfile",
+ "id": "9e0cbf94-bf94-9e0c-94bf-0c9e94bf0c9e",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "certificationAuthority": "Certification Authority value",
+ "certificationAuthorityName": "Certification Authority Name value",
+ "certificationAuthorityType": "microsoft",
+ "certificateTemplateName": "Certificate Template Name value",
+ "subjectAlternativeNameFormatString": "Subject Alternative Name Format String value",
+ "subjectNameFormatString": "Subject Name Format String value",
+ "certificateStore": "machine",
+ "customSubjectAlternativeNames": [
+ {
+ "@odata.type": "microsoft.graph.customSubjectAlternativeName",
+ "sanType": "emailAddress",
+ "name": "Name value"
+ }
+ ]
+}
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownertrustedrootcertificate Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownertrustedrootcertificate-create.md
+
+ Title: "Create aospDeviceOwnerTrustedRootCertificate"
+description: "Create a new aospDeviceOwnerTrustedRootCertificate object."
+
+localization_priority: Normal
++
+# Create aospDeviceOwnerTrustedRootCertificate
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Create a new [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) object.
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /deviceManagement/deviceConfigurations
+POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+In the request body, supply a JSON representation for the aospDeviceOwnerTrustedRootCertificate object.
+
+The following table shows the properties that are required when you create the aospDeviceOwnerTrustedRootCertificate.
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|Key of the entity. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|lastModifiedDateTime|DateTimeOffset|DateTime the object was last modified. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|roleScopeTagIds|String collection|List of Scope Tags for this Entity instance. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|supportsScopeTags|Boolean|Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsEdition|[deviceManagementApplicabilityRuleOsEdition](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosedition.md)|The OS edition applicability for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsVersion|[deviceManagementApplicabilityRuleOsVersion](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosversion.md)|The OS version applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleDeviceMode|[deviceManagementApplicabilityRuleDeviceMode](../resources/intune-deviceconfig-devicemanagementapplicabilityruledevicemode.md)|The device mode applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|createdDateTime|DateTimeOffset|DateTime the object was created. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|description|String|Admin provided description of the Device Configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|displayName|String|Admin provided name of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|version|Int32|Version of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|trustedRootCertificate|Binary|Trusted Root Certificate|
+|certFileName|String|File name to display in UI.|
+++
+## Response
+If successful, this method returns a `201 Created` response code and a [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) object in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations
+Content-type: application/json
+Content-length: 1148
+
+{
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerTrustedRootCertificate",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "trustedRootCertificate": "dHJ1c3RlZFJvb3RDZXJ0aWZpY2F0ZQ==",
+ "certFileName": "Cert File Name value"
+}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+Content-Length: 1320
+
+{
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerTrustedRootCertificate",
+ "id": "fa03dc2b-dc2b-fa03-2bdc-03fa2bdc03fa",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "trustedRootCertificate": "dHJ1c3RlZFJvb3RDZXJ0aWZpY2F0ZQ==",
+ "certFileName": "Cert File Name value"
+}
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownertrustedrootcertificate Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownertrustedrootcertificate-delete.md
+
+ Title: "Delete aospDeviceOwnerTrustedRootCertificate"
+description: "Deletes a aospDeviceOwnerTrustedRootCertificate."
+
+localization_priority: Normal
++
+# Delete aospDeviceOwnerTrustedRootCertificate
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Deletes a [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md).
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /deviceManagement/deviceConfigurations/{deviceConfigurationId}
+DELETE /deviceManagement/deviceConfigurations/{deviceConfigurationId}/groupAssignments/{deviceConfigurationGroupAssignmentId}/deviceConfiguration
+DELETE /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations/{deviceConfigurationId}
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `204 No Content` response code.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+DELETE https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 204 No Content
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownertrustedrootcertificate Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownertrustedrootcertificate-get.md
+
+ Title: "Get aospDeviceOwnerTrustedRootCertificate"
+description: "Read properties and relationships of the aospDeviceOwnerTrustedRootCertificate object."
+
+localization_priority: Normal
++
+# Get aospDeviceOwnerTrustedRootCertificate
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Read properties and relationships of the [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) object.
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/groupAssignments/{deviceConfigurationGroupAssignmentId}/deviceConfiguration
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations/{deviceConfigurationId}
+```
+
+## Optional query parameters
+This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `200 OK` response code and [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) object in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+GET https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 1407
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerTrustedRootCertificate",
+ "id": "fa03dc2b-dc2b-fa03-2bdc-03fa2bdc03fa",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "trustedRootCertificate": "dHJ1c3RlZFJvb3RDZXJ0aWZpY2F0ZQ==",
+ "certFileName": "Cert File Name value"
+ }
+}
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownertrustedrootcertificate List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownertrustedrootcertificate-list.md
+
+ Title: "List aospDeviceOwnerTrustedRootCertificates"
+description: "List properties and relationships of the aospDeviceOwnerTrustedRootCertificate objects."
+
+localization_priority: Normal
++
+# List aospDeviceOwnerTrustedRootCertificates
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+List properties and relationships of the [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) objects.
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /deviceManagement/deviceConfigurations
+GET /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+If successful, this method returns a `200 OK` response code and a collection of [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) objects in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+GET https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 1489
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerTrustedRootCertificate",
+ "id": "fa03dc2b-dc2b-fa03-2bdc-03fa2bdc03fa",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "trustedRootCertificate": "dHJ1c3RlZFJvb3RDZXJ0aWZpY2F0ZQ==",
+ "certFileName": "Cert File Name value"
+ }
+ ]
+}
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownertrustedrootcertificate Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-deviceconfig-aospdeviceownertrustedrootcertificate-update.md
+
+ Title: "Update aospDeviceOwnerTrustedRootCertificate"
+description: "Update the properties of a aospDeviceOwnerTrustedRootCertificate object."
+
+localization_priority: Normal
++
+# Update aospDeviceOwnerTrustedRootCertificate
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Update the properties of a [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) object.
+
+## Prerequisites
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|DeviceManagementConfiguration.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|DeviceManagementConfiguration.ReadWrite.All|
+
+## HTTP Request
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}
+PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/groupAssignments/{deviceConfigurationGroupAssignmentId}/deviceConfiguration
+PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations/{deviceConfigurationId}
+```
+
+## Request headers
+|Header|Value|
+|:|:|
+|Authorization|Bearer &lt;token&gt; Required.|
+|Accept|application/json|
+
+## Request body
+In the request body, supply a JSON representation for the [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) object.
+
+The following table shows the properties that are required when you create the [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md).
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|Key of the entity. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|lastModifiedDateTime|DateTimeOffset|DateTime the object was last modified. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|roleScopeTagIds|String collection|List of Scope Tags for this Entity instance. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|supportsScopeTags|Boolean|Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsEdition|[deviceManagementApplicabilityRuleOsEdition](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosedition.md)|The OS edition applicability for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsVersion|[deviceManagementApplicabilityRuleOsVersion](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosversion.md)|The OS version applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleDeviceMode|[deviceManagementApplicabilityRuleDeviceMode](../resources/intune-deviceconfig-devicemanagementapplicabilityruledevicemode.md)|The device mode applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|createdDateTime|DateTimeOffset|DateTime the object was created. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|description|String|Admin provided description of the Device Configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|displayName|String|Admin provided name of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|version|Int32|Version of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|trustedRootCertificate|Binary|Trusted Root Certificate|
+|certFileName|String|File name to display in UI.|
+++
+## Response
+If successful, this method returns a `200 OK` response code and an updated [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) object in the response body.
+
+## Example
+
+### Request
+Here is an example of the request.
+``` http
+PATCH https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}
+Content-type: application/json
+Content-length: 1148
+
+{
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerTrustedRootCertificate",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "trustedRootCertificate": "dHJ1c3RlZFJvb3RDZXJ0aWZpY2F0ZQ==",
+ "certFileName": "Cert File Name value"
+}
+```
+
+### Response
+Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 1320
+
+{
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerTrustedRootCertificate",
+ "id": "fa03dc2b-dc2b-fa03-2bdc-03fa2bdc03fa",
+ "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
+ "roleScopeTagIds": [
+ "Role Scope Tag Ids value"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "windows10EnterpriseN"
+ ],
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "Min OSVersion value",
+ "maxOSVersion": "Max OSVersion value",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "sModeConfiguration",
+ "name": "Name value",
+ "ruleType": "exclude"
+ },
+ "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
+ "description": "Description value",
+ "displayName": "Display Name value",
+ "version": 7,
+ "trustedRootCertificate": "dHJ1c3RlZFJvb3RDZXJ0aWZpY2F0ZQ==",
+ "certFileName": "Cert File Name value"
+}
+```
++++
v1.0 Intune Shared Devicemanagementscript Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-devicemanagementscript-create.md
Content-Length: 615
"id": "59ea4525-4525-59ea-2545-ea592545ea59", "displayName": "Display Name value", "description": "Description value",
- "runSchedule": {
- "@odata.type": "microsoft.graph.runSchedule"
- },
"scriptContent": "c2NyaXB0Q29udGVudA==", "createdDateTime": "2017-01-01T00:02:43.5775965-08:00", "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
v1.0 Intune Shared Devicemanagementscript Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/intune-shared-devicemanagementscript-update.md
Content-Length: 615
"id": "59ea4525-4525-59ea-2545-ea592545ea59", "displayName": "Display Name value", "description": "Description value",
- "runSchedule": {
- "@odata.type": "microsoft.graph.runSchedule"
- },
"scriptContent": "c2NyaXB0Q29udGVudA==", "createdDateTime": "2017-01-01T00:02:43.5775965-08:00", "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
v1.0 Itemactivity Getbyinterval https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/itemactivity-getbyinterval.md
description: "Get itemActivityStats for the activities that took place under this resource within the specified time interval." Previously updated : 10/06/2017 Title: Get item activity stats by interval ms.localizationpriority: medium doc_type: apiPageType # Get item activity stats by interval
Get [itemActivityStats][] for the activities that took place under this resource
Analytics aggregates might not be available for all action types.
-[itemActivityStats]: ../resources/itemactivitystat.md
- ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged)
-|:--|:-
-|Delegated (work or school account) | Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All
-|Delegated (personal Microsoft account) | Not supported.
-|Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All
+|Permission type | Permissions (from least to most privileged)|
+|:--|:-|
+|Delegated (work or school account) | Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All|
+|Delegated (personal Microsoft account) | Not supported.|
+|Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All|
## HTTP request
GET /sites/{site-id}/lists/{list-id}/items/{item-id}/getActivitiesByInterval(sta
| endDateTime | string (timestamp) | The end time over which to aggregate activities. | interval | string | The aggregation interval.
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [itemActivityStats][] object in the response body.
+ ## Example
-#### Request
+### Request
+The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request", "name": "get-activities-by-interval" } -->
GET /drives/{drive-id}/items/{item-id}/getActivitiesByInterval(startDateTime='20
-#### Response
+### Response
+
+The following is an example of the response.
<!-- { "blockType": "response", "@type": "Collection(microsoft.graph.itemActivityStat)", "truncated": true } -->
Content-type: application/json
} ```
+[itemActivityStats]: ../resources/itemactivitystat.md
+ <!-- { "type": "#page.annotation",
v1.0 Itemanalytics Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/itemanalytics-get.md
description: "Get itemAnalytics about the views that took place under this resource." Previously updated : 10/06/2017 Title: Get analytics ms.localizationpriority: medium doc_type: apiPageType # Get analytics
For a custom time range or interval, use the [getActivitiesByInterval][] API.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged)
-|:--|:-
-|Delegated (work or school account) | Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All
-|Delegated (personal Microsoft account) | Not supported.
-|Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All
+|Permission type | Permissions (from least to most privileged)|
+|:--|:-|
+|Delegated (work or school account) | Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All|
+|Delegated (personal Microsoft account) | Not supported.|
+|Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All|
## HTTP request
GET /sites/{site-id}/analytics
GET /sites/{site-id}/lists/{list-id}/items/{item-id}/analytics ```
+## Optional query parameters
+This method supports the [OData query parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [itemAnalytics][] objects in the response body.
+ ## Example
-#### Request
+### Request
+The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request", "name": "get-analytics" } -->
GET /drives/{drive-id}/items/{item-id}/analytics
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
-#### Response
+### Response
+
+The following is an example of the response.
<!-- { "blockType": "response", "@type": "microsoft.graph.itemAnalytics", "truncated": true } -->
v1.0 List Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/list-create.md
description: "Create a new list in a site." Previously updated : 09/11/2017 Title: Create a SharePoint List ms.localizationpriority: medium ms.prod: "sharepoint"
One of the following permissions is required to call this API. To learn more, in
POST https://graph.microsoft.com/beta/sites/{site-id}/lists ```
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+ ## Request body
-In the request body, supply a JSON representation of the [list][] resource to create.
+In the request body, supply a JSON representation of a [list][] object.
+
+## Response
-## Example
+If successful, this method returns a `201 Created` response code and a [list][] object in the response body.
-Here is an example of how to create a new generic list.
+## Examples
+
+### Request
+
+The following is an example of how to create a new generic list.
+
+> **Note:** Custom columns are optional.
+
+In addition to any columns specified here, new lists are created with columns defined in the referenced **template**.
+If the **list** facet or **template** is not specified, the list defaults to the `genericList` template, which includes a _Title_ column.
# [HTTP](#tab/http)
Content-Type: application/json
-**Note:** Custom columns are optional.
-
-In addition to any columns specified here, new lists are created with columns defined in the referenced **template**.
-If the **list** facet or **template** is unspecified, the list defaults to the `genericList` template, which includes a _Title_ column.
+### Response
-## Response
+The following is an example of the response.
-If successful, this method returns a [list][] in the response body for the created list.
+> **Note:** The response object is truncated for clarity. Default properties will be returned from the actual call.
<!-- { "blockType": "response", "@odata.type": "microsoft.graph.list", "truncated": true } -->
Content-type: application/json
} ```
-**Note:** The response object is truncated for clarity.
-Default properties will be returned from the actual call.
- [list]: ../resources/list.md [site]: ../resources/site.md
v1.0 List List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/list-list.md
Get the collection of [lists][] for a [site][].
Lists with the [system][] facet are hidden by default. To list them, include `system` in your `$select` statement.
-[lists]: ../resources/list.md
-[site]: ../resources/site.md
-[system]: ../resources/systemfacet.md
- ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
One of the following permissions is required to call this API. To learn more, in
GET /sites/{site-id}/lists ```
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [list][] objects in the response body.
+ ## Example ### Request
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request", "name": "enum-lists", "scopes": "sites.read.all service.sharepoint" } -->
GET https://graph.microsoft.com/beta/sites/{site-id}/lists
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "@type": "microsoft.graph.list", "isCollection": true, "truncated": true } --> ```http
Content-type: application/json
} ```
+[lists]: ../resources/list.md
+[list]: ../resources/list.md
+[site]: ../resources/site.md
+[system]: ../resources/systemfacet.md
+ <!-- { "type": "#page.annotation",
v1.0 Manageddevice Bulkrestorecloudpc https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/manageddevice-bulkrestorecloudpc.md
+
+ Title: "managedDevice: bulkRestoreCloudPc"
+description: "Restore multiple Cloud PC devices with a single request that includes the IDs of Intune managed devices and a restore point date and time."
+
+ms.localizationpriority: medium
++
+# managedDevice: bulkRestoreCloudPc
+Namespace: microsoft.graph
++
+Restore multiple Cloud PC devices with a single request that includes the IDs of Intune managed devices and a restore point date and time.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CloudPC.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|CloudPC.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /deviceManagement/managedDevices/bulkRestoreCloudPc
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action.
+
+|Parameter|Type|Description|
+|:|:|:|
+|managedDeviceIds|String collection|The IDs of the Cloud PC devices.|
+|restorePointDateTime|DateTimeOffset|The UTC time point for the selected Cloud PC devices to restore to a previous state. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is '2014-01-01T00:00:00Z'.|
+|timeRange|[restoreTimeRange](#restoretimerange-values)|The time range of the restore point. Possible values are: `before`, `after`, `beforeOrAfter`, `unknownFutureValue`.|
+
+### restoreTimeRange values
+
+|Member|Description|
+|:|:|
+|before|Choose the closest snapshot before the selected time point.|
+|after|Choose the closest snapshot after the selected time point.|
+|beforeOrAfter|Choose the closest snapshot around the selected time point.|
+|unknownFutureValue|Evolvable enumeration sentinel value. Do not use.|
+
+## Response
+
+If successful, this action returns a `200 OK` response code and a [cloudPcBulkRemoteActionResult](../resources/cloudpcbulkremoteactionresult.md) in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "manageddevicethis.bulkrestorecloudpc"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/deviceManagement/managedDevices/bulkRestoreCloudPc
+Content-Type: application/json
+Content-length: 123
+
+{
+ "managedDeviceIds": [
+ "30d0e128-de93-41dc-89ec-33d84bb662a0",
+ "7c82a3e3-9459-44e4-94d9-b92f93bf78dd"
+ ],
+ "restorePointDateTime": "2021-09-23T04:00:00.0000000",
+ "timeRange": "before"
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+The following is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.cloudPcBulkRemoteActionResult"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "microsoft.graph.cloudPcBulkRemoteActionResult",
+ "successfulDeviceIds": [
+ "30d0e128-de93-41dc-89ec-33d84bb662a0"
+ ],
+ "failedDeviceIds": [
+ "7c82a3e3-9459-44e4-94d9-b92f93bf78dd"
+ ],
+ "notFoundDeviceIds": [
+ ],
+ "notSupportedDeviceIds": [
+ ]
+ }
+}
+```
v1.0 Manageddevice Restorecloudpc https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/manageddevice-restorecloudpc.md
+
+ Title: "managedDevice: restoreCloudPc"
+description: "Restore a Cloud PC device to a previous state from a snapshot."
+
+ms.localizationpriority: medium
++
+# managedDevice: restoreCloudPc
+Namespace: microsoft.graph
++
+Restore a Cloud PC device to a previous state from a snapshot.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CloudPC.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|CloudPC.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /deviceManagement/managedDevices/{managedDeviceId}/restoreCloudPc
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action.
+
+|Parameter|Type|Description|
+|:|:|:|
+|cloudPcSnapshotId|String|The unique identifier for the snapshot of the Cloud PC device at a specific point in time.|
+++
+## Response
+
+If successful, this action returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "manageddevicethis.restorecloudpc"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/deviceManagement/managedDevices/5e1387aa-d960-4916-ae7c-293b977e49bf/restoreCloudPc
+Content-Type: application/json
+Content-length: 37
+
+{
+ "cloudPcSnapshotId": "A00009UV000_93aff428-61f2-467f-a879-1102af6fd4a8"
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+The following is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Managedtenants Auditevent Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/managedtenants-auditevent-get.md
+
+ Title: "Get auditEvent"
+description: "Read the properties and relationships of an auditEvent object."
+
+ms.localizationpriority: medium
++
+# Get auditEvent
+Namespace: microsoft.graph.managedTenants
++
+Read the properties and relationships of an [auditEvent](../resources/managedtenants-auditevent.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ManagedTenant.Read.All, ManagedTenant.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Not supported.|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /auditEvent
+GET /managedTenant/auditEvents/{auditEventId}
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [auditEvent](../resources/managedtenants-auditevent.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_auditevent"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/tenantRelationships/managedTenants/auditEvent
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.managedTenants.auditEvent"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "id": "c3b0d319-9913-bd52-7376-1125f0594129",
+ "activityDateTime": "2021-12-21T16:48:23.0330765Z",
+ "activityId": "64be6675-3cb8-4b14-95f3-6d5ce9eecd79",
+ "initiatedByAppId": "00000003-0000-0000-c000-000000000000",
+ "initiatedByUpn": "meganb@contoso.onmicrosoft.com",
+ "category": "Baselines",
+ "activity": "/managementActionTenantDeploymentStatuses/microsoft.graph.managedTenants.changeDeploymentStatus",
+ "httpVerb": "POST",
+ "path": "/managementActionTenantDeploymentStatuses/microsoft.graph.managedTenants.changeDeploymentStatus",
+ "url": "https://graph.microsoft.com/managementActionTenantDeploymentStatuses/microsoft.graph.managedTenants.changeDeploymentStatus",
+ "requestBody": ""
+}
+```
+
v1.0 Managedtenants Managedtenant List Auditevents https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/managedtenants-managedtenant-list-auditevents.md
+
+ Title: "List auditEvents"
+description: "Get a list of the auditEvent objects and their properties."
+
+ms.localizationpriority: medium
++
+# List auditEvents
+Namespace: microsoft.graph.managedTenants
++
+Get a list of the [auditEvent](../resources/managedtenants-auditevent.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|ManagedTenant.Read.All, ManagedTenant.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Not supported.|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /managedTenant/auditEvents
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [auditEvent](../resources/managedTenants-auditevent.md) objects in the response body.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "request",
+ "name": "list_auditevent"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/managedTenant/auditEvents
+```
++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.managedTenants.auditEvent)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "id": "c3b0d319-9913-bd52-7376-1125f0594129",
+ "activityDateTime": "2021-12-21T16:48:23.0330765Z",
+ "activityId": "64be6675-3cb8-4b14-95f3-6d5ce9eecd79",
+ "initiatedByAppId": "00000003-0000-0000-c000-000000000000",
+ "initiatedByUpn": "meganb@contoso.onmicrosoft.com",
+ "category": "Baselines",
+ "activity": "/managementActionTenantDeploymentStatuses/microsoft.graph.managedTenants.changeDeploymentStatus",
+ "httpVerb": "POST",
+ "path": "/managementActionTenantDeploymentStatuses/microsoft.graph.managedTenants.changeDeploymentStatus",
+ "url": "https://graph.microsoft.com/managementActionTenantDeploymentStatuses/microsoft.graph.managedTenants.changeDeploymentStatus",
+ "requestBody": ""
+ }
+ ]
+}
+```
+
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/microsoftauthenticatorauthenticationmethodconfiguration-delete.md
DELETE https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/aut
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/microsoftauthenticatorauthenticationmethodconfiguration-get.md
GET https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authen
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/microsoftauthenticatorauthenticationmethodconfiguration-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Mobileappmanagementpolicies List Includedgroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/mobileappmanagementpolicies-list-includedgroups.md
GET https://graph.microsoft.com/beta/policies/mobileAppManagementPolicies/ab90ba
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Mobileappmanagementpolicies Post Includedgroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/mobileappmanagementpolicies-post-includedgroups.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Mobiledevicemanagementpolicies List Includedgroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/mobiledevicemanagementpolicies-list-includedgroups.md
GET https://graph.microsoft.com/beta/policies/mobileDeviceManagementPolicies/ab9
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Mobiledevicemanagementpolicies Post Includedgroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/mobiledevicemanagementpolicies-post-includedgroups.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Organizationalbranding Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbranding-get.md
The following example returns the **bannerLogo** object which hadn't been set fo
The following is an example of the request. +
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_organizationalbranding_frlocale_bannerLogo"
The following is an example of the request.
```msgraph-interactive GET https://graph.microsoft.com/beta/organization/d69179bf-f4a4-41a9-a9de-249c0f2efb1d/branding/localizations/default/bannerLogo ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ #### Response
v1.0 Organizationalbranding List Localizations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbranding-list-localizations.md
GET https://graph.microsoft.com/beta/organization/84841066-274d-4ec0-a5c1-276be6
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Organizationalbranding Post Localizations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbranding-post-localizations.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Organizationalbranding Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbranding-update.md
The following is an example of the request.
+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_organizationalbrandinglocaliation_2"
Content-Type: image/jpeg
<Image> ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+++
v1.0 Organizationalbrandinglocalization Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbrandinglocalization-delete.md
DELETE https://graph.microsoft.com/beta/organization/d69179bf-f4a4-41a9-a9de-249
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Organizationalbrandinglocalization Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbrandinglocalization-get.md
GET https://graph.microsoft.com/beta/organization/d69179bf-f4a4-41a9-a9de-249c0f
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
GET https://graph.microsoft.com/beta/organization/d69179bf-f4a4-41a9-a9de-249c0f
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Organizationalbrandinglocalization Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbrandinglocalization-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Orgcontact Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/orgcontact-delete.md
- Title: "Delete orgContact"
-description: "Delete orgContact."
-
-doc_type: apiPageType
--
-# Delete orgContact
-
-Namespace: microsoft.graph
--
-Delete orgContact.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-DELETE /contacts/{id}
-
-```
-## Request headers
-| Name | Description|
-|:|:--|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
-
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "delete_orgcontact"
-}-->
-```http
-DELETE https://graph.microsoft.com/beta/contacts/{id}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
---
-##### Response
-Here is an example of the response.
-<!-- {
- "blockType": "response",
- "truncated": true
-} -->
-```http
-HTTP/1.1 204 No Content
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Delete orgContact",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Orgcontact Get Transitivereports https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/orgcontact-get-transitivereports.md
GET https://graph.microsoft.com/beta/contacts/45b7d2e7-b882-4a80-ba97-10b7a63b8f
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Orgcontact Post Directreports https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/orgcontact-post-directreports.md
- Title: "Create directReport"
-description: "Use this API to create a new directReport."
-
-doc_type: apiPageType
--
-# Create directReport
-
-Namespace: microsoft.graph
--
-Use this API to create a new directReport.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Not supported. |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /contacts/{id}/directReports
-
-```
-## Request headers
-| Name | Description|
-|:|:--|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-In the request body, supply a JSON representation of [directoryObject](../resources/directoryobject.md) object.
-
-## Response
-
-If successful, this method returns `201 Created` response code and [directoryObject](../resources/directoryobject.md) object in the response body.
-
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "create_directoryobject_from_orgcontact_1"
-}-->
-```http
-POST https://graph.microsoft.com/beta/contacts/{id}/directReports
-Content-type: application/json
-
-{
- "directoryObject": {
- }
-}
-```
-# [JavaScript](#tab/javascript)
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
---
-In the request body, supply a JSON representation of [directoryObject](../resources/directoryobject.md) object.
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.directoryObject"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "directoryObject": {
- "id": "id-value"
- }
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Create directReport",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Orgcontact Post Memberof https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/orgcontact-post-memberof.md
- Title: "Create memberOf"
-description: "Use this API to create a new memberOf."
-
-doc_type: apiPageType
--
-# Create memberOf
-
-Namespace: microsoft.graph
--
-Use this API to create a new memberOf.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Not supported. |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /contacts/{id}/memberOf
-
-```
-## Request headers
-| Name | Description|
-|:|:--|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-In the request body, supply a JSON representation of [directoryObject](../resources/directoryobject.md) object.
-
-## Response
-
-If successful, this method returns `201 Created` response code and [directoryObject](../resources/directoryobject.md) object in the response body.
-
-## Example
-##### Request
-Here is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "create_directoryobject_from_orgcontact_2"
-}-->
-```http
-POST https://graph.microsoft.com/beta/contacts/{id}/memberOf
-Content-type: application/json
-
-{
- "directoryObject": {
- }
-}
-```
-# [JavaScript](#tab/javascript)
-
-# [C#](#tab/csharp)
-
-# [Go](#tab/go)
---
-In the request body, supply a JSON representation of [directoryObject](../resources/directoryobject.md) object.
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.directoryObject"
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "directoryObject": {
- "id": "id-value"
- }
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Create memberOf",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Orgcontact Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/orgcontact-update.md
- Title: "Update orgcontact"
-description: "Update the properties of orgcontact object."
-
-doc_type: apiPageType
--
-# Update orgcontact
-
-Namespace: microsoft.graph
--
-Update the properties of orgcontact object.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Not supported. |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Not supported. |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-PATCH /contacts/{id}
-```
-## Request headers
-| Name | Type | Description|
-|:--|:|:-|
-| Authorization | string | Bearer {token}. Required. |
-
-## Request body
-In the request body, supply the values for relevant fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance you shouldn't include existing values that haven't changed.
-
-| Property | Type |Description|
-|:|:--|:-|
-|city|String||
-|country|String||
-|department|String||
-|onPremisesSyncEnabled|Boolean||
-|displayName|String||
-|givenName|String||
-|jobTitle|String||
-|onPremisesLastSyncDateTime|DateTimeOffset||
-|mail|String||
-|mailNickname|String||
-|mobilePhone|String||
-|officeLocation|String||
-|postalCode|String||
-|proxyAddresses|String||
-|state|String||
-|streetAddress|String||
-|surname|String||
-|businessPhones|String collection||
-
-## Response
-
-If successful, this method returns a `204 No Content` response code.
-
-## Example
-##### Request
-The following is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "update_orgcontact"
-}-->
-```http
-PATCH https://graph.microsoft.com/beta/contacts/{id}
-Content-type: application/json
-
-{
- "businessPhones": [
- "businessPhones-value"
- ],
- "city": "city-value",
- "companyName": "companyName-value",
- "country": "country-value",
- "department": "department-value",
- "displayName": "displayName-value"
-}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
---
-### Response
-The following is an example of the response.
-<!-- {
- "blockType": "response"
-} -->
-```http
-HTTP/1.1 204 No Content
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Update orgcontact",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>--
v1.0 Outlookuser Post Mastercategories https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/outlookuser-post-mastercategories.md
POST /users/{id|userPrincipalName}/outlook/masterCategories
| Name | Description| |:|:-| | Authorization | Bearer {token}. Required. |-
+|Content-Type|application/json. Required.|
## Request body
-In the request body, supply a JSON representation of [outlookCategory](../resources/outlookcategory.md) object.
+In the request body, supply a JSON representation of an [outlookCategory](../resources/outlookcategory.md) object.
## Response
-If successful, this method returns `201 Created` response code and [outlookCategory](../resources/outlookcategory.md) object in the response body.
+If successful, this method returns a `201 Created` response code and an [outlookCategory](../resources/outlookcategory.md) object in the response body.
## Example
-##### Request
-Here is an example of the request.
+### Request
+The following is an example of a request.
# [HTTP](#tab/http) <!-- {
Content-type: application/json
Content-Length: 70 {
- "displayName":"Project expenses",
- "color":"preset9"
+ "displayName": "Project expenses",
+ "color": "preset9"
} ``` # [C#](#tab/csharp)
Content-Length: 70
-In the request body, supply a JSON representation of [outlookCategory](../resources/outlookcategory.md) object.
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
HTTP/1.1 201 Created
Content-type: application/json {
- "@odata.context":"https://graph.microsoft.com/beta/$metadata#users('8ae6f565-0d7f-4ead-853e-7db94c912a1f')/outlook/masterCategories/$entity",
- "id":"bac262b7-485d-4739-b436-e31467d64fac",
- "displayName":"Project expenses",
- "color":"preset9"
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#users('8ae6f565-0d7f-4ead-853e-7db94c912a1f')/outlook/masterCategories/$entity",
+ "id": "bac262b7-485d-4739-b436-e31467d64fac",
+ "displayName": "Project expenses",
+ "color": "preset9"
} ```
v1.0 Participant Invite https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/participant-invite.md
Title: "participant: invite" description: "Invite participants to the active call."-+ ms.localizationpriority: medium ms.prod: "cloud-communications" doc_type: apiPageType
Invite participants to the active call.
For more information about how to handle operations, see [commsoperation](../resources/commsoperation.md).
->**Note:** This API is only supported for group calls.
+>**Note:** Inviting multiple participants in one request is only supported for group calls.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
In the request body, provide a JSON object with the following parameters.
|clientContext|String|Unique Client Context string. Max limit is 256 chars.| ## Response
-If succsessful, this method returns a `200 OK` response code and a Location header with a URI to the [inviteParticipantsOperation](../resources/inviteparticipantsoperation.md) created for this request. The body of the response contains the [inviteParticipantsOperation](../resources/inviteparticipantsoperation.md) created.
+If successful, this method returns a `200 OK` response code and a Location header with a URI to the [inviteParticipantsOperation](../resources/inviteparticipantsoperation.md) created for this request. The body of the response contains the [inviteParticipantsOperation](../resources/inviteparticipantsoperation.md) created.
>**Note:** When this API returns a successful response, all participants will receive a roster update.
The following examples show how to call this API.
> **Note:** The response objects might be shortened for readability. All the properties will be returned from an actual call.
-### Example 1: Invite one participant to an existing group call
+### Example 1: Invite one participant to an existing call
#### Request
v1.0 Participant Stopholdmusic https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/participant-stopholdmusic.md
Location: https://graph.microsoft.com/beta/communications/calls/e141b67c-90fd-45
{ "@odata.type": "#microsoft.graph.stopHoldMusicOperation", "id": "0fe0623f-d628-42ed-b4bd-8ac290072cc5",
- "status": "running",
- "clientContext": "d45324c1-fcb5-430a-902c-f20af696537c"
-}
-```
-
-### Notification sent to the application after the stopHoldMusicOperation finishes
-
-```http
-POST https://bot.contoso.com/api/calls
-Content-Type: application/json
-```
-
-<!-- {
- "blockType": "example",
- "@odata.type": "microsoft.graph.commsNotifications"
-}-->
-```json
-{
- "@odata.type": "#microsoft.graph.commsNotifications",
- "value": [
- {
- "@odata.type": "#microsoft.graph.commsNotification",
- "changeType": "deleted",
- "resourceUrl": "communications/calls/e141b67c-90fd-455d-858b-b48a40b9cc8d/operations/0fe0623f-d628-42ed-b4bd-8ac290072cc5",
- "resourceData": {
- "@odata.type": "#microsoft.graph.stopHoldMusicOperation",
- "@odata.id": "communications/calls/e141b67c-90fd-455d-858b-b48a40b9cc8d/operations/0fe0623f-d628-42ed-b4bd-8ac290072cc5",
- "@odata.etag": "W/\"54451\"",
- "clientContext": "d45324c1-fcb5-430a-902c-f20af696537c",
- "status": "completed"
- }
- }
- ]
+ "status": "completed",
+ "clientContext": "d45324c1-fcb5-430a-902c-f20af696537c",
+ "resultInfo": null
} ```
v1.0 Passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration-delete.md
DELETE https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/aut
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration-get.md
GET https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authen
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Printusagebyprinter Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printusagebyprinter-get.md
GET https://graph.microsoft.com/beta/print/reports/dailyPrintUsageByPrinter/016b
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response
v1.0 Printusagebyuser Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/printusagebyuser-get.md
GET https://graph.microsoft.com/beta/print/reports/dailyPrintUsageByUser/016b556
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response
v1.0 Privilegedapproval Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedapproval-get.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve the properties and relationships of privilegedapproval object. ## Permissions
v1.0 Privilegedapproval List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedapproval-list.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve a list of privilegedapproval objects.
v1.0 Privilegedapproval Myrequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedapproval-myrequests.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Get the requestor's approval requests.
v1.0 Privilegedapproval Post Privilegedapproval https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedapproval-post-privilegedapproval.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Use this API to create a new privilegedApproval. ## Permissions
v1.0 Privilegedapproval Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedapproval-update.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Update the properties of privilegedapproval object. ## Permissions
v1.0 Privilegedoperationevent List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedoperationevent-list.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve a list of [privilegedOperationEvent](../resources/privilegedoperationevent.md) objects, which represent the audit events that are generated by Privileged Identity Management for the role operations. For the details about the audit event, refer [privilegedOperationEvent](../resources/privilegedoperationevent.md). To filter the query results, use the standard OData ``$filter`` expression.
v1.0 Privilegedrole Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrole-get.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve the properties and relationships of [privilegedRole](../resources/privilegedrole.md) object.
v1.0 Privilegedrole List Assignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrole-list-assignments.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve a list of [privilegedRoleAssignment](../resources/privilegedroleassignment.md) objects that are associated with the role. Each [privilegedRoleAssignment](../resources/privilegedroleassignment.md) represents a role assignment to a user. ## Permissions
v1.0 Privilegedrole List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrole-list.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve a list of [privilegedRole](../resources/privilegedrole.md) objects.
v1.0 Privilegedrole Selfactivate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrole-selfactivate.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Activate the role that is assigned to the requester.
v1.0 Privilegedrole Selfdeactivate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrole-selfdeactivate.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Deactivate the role that is assigned to the requestor. ## Permissions
v1.0 Privilegedroleassignment Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-delete.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Delete [privilegedRoleAssignment](../resources/privilegedroleassignment.md). ## Permissions
v1.0 Privilegedroleassignment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-get.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve the properties and relationships of privilegedRoleAssignment object. ## Permissions
v1.0 Privilegedroleassignment List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-list.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve a list of [privilegedRoleAssignment](../resources/privilegedroleassignment.md) objects, which correspond to all role assignments for the organization. ## Permissions
v1.0 Privilegedroleassignment Makeeligible https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-makeeligible.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Make the role assignment eligible. If the role assignment is already eligible before the call, it does nothing. If the role assignment is permanent and the requestor is different from the target user, the role assignment will become eligible and the role will be deactivated for the target user. If the requestor is the target user and the role is Security Administrator or Privileged Role Administrator, the role will be activated with the default expiration.
v1.0 Privilegedroleassignment Makepermanent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-makepermanent.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Make the role assignment permanent.
v1.0 Privilegedroleassignment My https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-my.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Get the requestor's privileged role assignments.
v1.0 Privilegedroleassignment Post Privilegedroleassignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignment-post-privilegedroleassignments.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Use this API to create a new [privilegedRoleAssignment](../resources/privilegedroleassignment.md). ## Permissions
v1.0 Privilegedroleassignmentrequest Cancel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignmentrequest-cancel.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Cancel a [privilegedRoleAssignmentRequest](../resources/privilegedroleassignmentrequest.md).
v1.0 Privilegedroleassignmentrequest List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignmentrequest-list.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve a collection of [privilegedRoleAssignmentRequest](../resources/privilegedroleassignmentrequest.md).
v1.0 Privilegedroleassignmentrequest My https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignmentrequest-my.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Get the requester's privileged role assignment requests.
v1.0 Privilegedroleassignmentrequest Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedroleassignmentrequest-post.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Create a [privilegedroleassignmentrequest](../resources/privilegedroleassignmentrequest.md) object.
v1.0 Privilegedrolesettings Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrolesettings-get.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve the role settings for the given role. A [privilegedRoleSettings](../resources/privilegedrolesettings.md) object will be returned. ## Permissions
v1.0 Privilegedrolesummary Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/privilegedrolesummary-get.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Retrieve the properties and relationships of [privilegedRoleSummary](../resources/privilegedrolesummary.md) object. ## Permissions
v1.0 Rbacapplication List Roleassignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/rbacapplication-list-roleassignments.md
GET /roleManagement/entitlementManagement/roleAssignments?$filter=principalId eq
GET /roleManagement/entitlementManagement/roleAssignments?$filter=roleDefinitionId eq '{roleDefinition id}'
-GET /roleManagement/entitlementManagement/roleAssignments?$filter=appScopeId eq '/accessPackageCatalog/{catalog id}'
+GET /roleManagement/entitlementManagement/roleAssignments?$filter=appScopeId eq '/AccessPackageCatalog/{catalog id}'
``` ## Query parameters
-This operation requires the `$filter` query parameter. You can filter on the `roleDefinitionId` or `principalId` properties. The `roleDefinitionId` property can be either a role object ID or a role template object ID. The `$expand` query parameter is also supported on **principal**. For general information, see [OData query parameters](/graph/query-parameters).
+This operation requires the `$filter` query parameter. You can filter on the `roleDefinitionId`, `principalId` or `appScopeId` properties. The `roleDefinitionId` property can be either a role object ID or a role template object ID. The `$expand` query parameter is also supported on **principal**. For general information, see [OData query parameters](/graph/query-parameters).
## Request headers
Content-type: application/json
} ```
+### Example 3: Request using $filter for role assignments on an access package catalog and expand principal
+
+#### Request
+
+The following is an example of the request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_roleAssignments_3"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/roleManagement/entitlementManagement/roleAssignments?$filter=appScopeId eq '/AccessPackageCatalog/4cee616b-fdf9-4890-9d10-955e0ccb12bc'&$expand=principal
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedRoleAssignment",
+ "isCollection": true
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#roleManagement/directory/roleAssignments",
+ "value": [
+ {
+ "id": "900633fe-2508-4b13-a561-a15e320ad35f",
+ "principalId": "39228473-522e-4533-88cc-a9553180cb99",
+ "roleDefinitionId": "ae79f266-94d4-4dab-b730-feca7e132178",
+ "appScopeId": "/AccessPackageCatalog/4cee616b-fdf9-4890-9d10-955e0ccb12bc",
+ "principal": {
+ "@odata.type": "#microsoft.graph.user",
+ "id": "39228473-522e-4533-88cc-a9553180cb99"
+ }
+ }
+ ]
+}
+```
+++ <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98 2019-02-04 14:57:30 UTC --> <!-- {
v1.0 Rbacapplication List Transitiveroleassignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/rbacapplication-list-transitiveroleassignments.md
+
+ Title: "List transitiveRoleAssignment"
+description: "List direct and transitive role assignments for a specific principal."
+ms.localizationpriority: medium
+++
+# List transitiveRoleAssignment
+
+Namespace: microsoft.graph
++
+Get the list of direct and transitive [unifiedRoleAssignment](../resources/unifiedroleassignment.md) objects for a specific principal. For example, if a user is assigned an Azure AD role through group membership, the role assignment is transitive, and this request will list the group's ID as the **principalId**. Results can also be filtered by the **roleDefinitionId** and **directoryScopeId**. Supported only for directory (Azure AD) provider.
+
+For more information, see [Use Azure AD groups to manage role assignments](/azure/active-directory/roles/groups-concept).
+
+> [!NOTE]
+> This request might have replication delays for role assignments that were recently created, updated, or deleted.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
+
+## HTTP request
+
+To list transitive role assignments for a directory provider:
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+```http
+GET /roleManagement/directory/transitiveRoleAssignments?$filter=principalId eq '{principalId}'
+```
+
+## Optional query parameters
+
+This method supports the `$count`, `$filter` (`eq`), and `$select` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters). You can filter by the **principalId**, **roleDefinitionId** and **directoryScopeId** to retrieve both direct and transitive role assignments for a principal.
+
+## Request headers
+
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer {token} Required. |
+| ConsistencyLevel | eventual. This header, `$count`, and `$filter` are required. For more information about the use of **ConsistencyLevel**, `$count`, and `$filter`, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries). |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [unifiedRoleAssignment](../resources/unifiedroleassignment.md) objects in the response body.
+
+## Examples
+For the examples in this section, consider the following role assignment scenario. A user named Alice has both direct and transitive role assignments as follows:
+
+| User | Group | Role | Scope | Role assignment ID |
+| :: | :: | :: | :: | :: |
+| Alice<br/>`2c7936bc-3517-40f3-8eda-4806637b6516` | | User Administrator<br/>`fe930be7-5e62-47db-91af-98c3a49a38b1` | Tenant | RA1<br/>`857708a7-b5e0-44f9-bfd7-53531d72a739` |
+| | G1<br/>`ae2fc327-4c71-48ed-b6ca-f48632186510`<br/>(Alice is a member) | User Administrator<br/>`fe930be7-5e62-47db-91af-98c3a49a38b1` | Tenant | RA2<br/>`8a021d5f-7351-4713-aab4-b088504d476e` |
+| | G2<br/>`6ffb34b8-5e6d-4727-a7f9-93245e7f6ea8`<br/>(Alice is a member) | Helpdesk Administrator<br/>`729827e3-9c14-49f7-bb1b-9608f156bbb8` | Administrative unit (AU1)<br/>`26e79164-0c5c-4281-8c5b-be7bc7809fb2` | RA3<br/>`6cc86637-13c8-473f-afdc-e0e65c9734d2` |
+++ Alice is assigned the User Administrator role directly at tenant scope with role assignment RA1. ++ Alice is member of a group G1 and G1 is assigned the User Administrator role at tenant scope with role assignment RA2.++ Alice is also a member of group G2 and G2 is assigned the Helpdesk Administrator role at an administrative unit AU1 scope with role assignment RA3.+
+### Example 1 : Get direct and transitive role assignments of a principal
+
+#### Request
+
+The following is an example of the request. This request requires the **ConsistencyLevel** header set to `eventual` and the `$count=true` and `$filter` query parameters. For more information about the use of **ConsistencyLevel**, `$count`, and `$filter`, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries).
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_unifiedroleassignment_all"
+}
+-->
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/roleManagement/directory/transitiveRoleAssignments?$count=true&$filter=principalId eq '2c7936bc-3517-40f3-8eda-4806637b6516'
+ConsistencyLevel: eventual
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++++
+#### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability. All the properties will be returned from an actual call.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedRoleAssignment",
+ "isCollection": true
+}
+-->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#roleManagement/directory/transitiveRoleAssignments",
+ "value": [
+ {
+ "id": "857708a7-b5e0-44f9-bfd7-53531d72a739",
+ "principalId": "2c7936bc-3517-40f3-8eda-4806637b6516",
+ "directoryScopeId": "/",
+ "roleDefinitionId": "fe930be7-5e62-47db-91af-98c3a49a38b1"
+ },
+ {
+ "id": "8a021d5f-7351-4713-aab4-b088504d476e",
+ "principalId": "ae2fc327-4c71-48ed-b6ca-f48632186510",
+ "directoryScopeId": "/",
+ "roleDefinitionId": "fe930be7-5e62-47db-91af-98c3a49a38b1"
+ },
+ {
+ "id": "6cc86637-13c8-473f-afdc-e0e65c9734d2",
+ "principalId": "6ffb34b8-5e6d-4727-a7f9-93245e7f6ea8",
+ "directoryScopeId": "/administrativeUnits/26e79164-0c5c-4281-8c5b-be7bc7809fb2",
+ "roleDefinitionId": "729827e3-9c14-49f7-bb1b-9608f156bbb8"
+ }
+ ]
+}
+```
+
+### Example 2: Get direct and transitive assignments of a principal, but only specific role definitions
+
+#### Request
+
+The following is an example of the request. This request requires the **ConsistencyLevel** header set to `eventual` and the `$count=true` and `$filter` query parameters. For more information about the use of **ConsistencyLevel**, `$count`, and `$filter`, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries).
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_unifiedroleassignment_transitive"
+}
+-->
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/roleManagement/directory/transitiveRoleAssignments?$count=true&$filter=principalId eq '2c7936bc-3517-40f3-8eda-4806637b6516' and roleDefinitionId eq 'fe930be7-5e62-47db-91af-98c3a49a38b1'
+ConsistencyLevel: eventual
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+#### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability. All the properties will be returned from an actual call.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedRoleAssignment",
+ "isCollection": true
+}
+-->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#roleManagement/directory/transitiveRoleAssignments",
+ "value": [
+ {
+ "id": "857708a7-b5e0-44f9-bfd7-53531d72a739",
+ "principalId": "2c7936bc-3517-40f3-8eda-4806637b6516",
+ "directoryScopeId": "/",
+ "roleDefinitionId": "fe930be7-5e62-47db-91af-98c3a49a38b1"
+ },
+ {
+ "id": "8a021d5f-7351-4713-aab4-b088504d476e",
+ "principalId": "6ffb34b8-5e6d-4727-a7f9-93245e7f6ea8",
+ "directoryScopeId": "/",
+ "roleDefinitionId": "fe930be7-5e62-47db-91af-98c3a49a38b1"
+ }
+ ]
+}
+```
+
+### Example 3: Get direct and transitive role assignments of a principal, but only administrative unit scoped
+
+#### Request
+
+The following is an example of the request. This request requires the **ConsistencyLevel** header set to `eventual` and the `$count=true` and `$filter` query parameters. For more information about the use of **ConsistencyLevel**, `$count`, and `$filter`, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries).
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_unifiedroleassignment_tenantscoped"
+}
+-->
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/roleManagement/directory/transitiveRoleAssignments?$count=true&$filter=principalId eq '2c7936bc-3517-40f3-8eda-4806637b6516' and directoryScopeId eq '/administrativeUnits/26e79164-0c5c-4281-8c5b-be7bc7809fb2'
+ConsistencyLevel: eventual
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++++
+#### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability. All the properties will be returned from an actual call.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedRoleAssignment",
+ "isCollection": true
+}
+-->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#roleManagement/directory/transitiveRoleAssignments",
+ "value": [
+ {
+ "id": "6cc86637-13c8-473f-afdc-e0e65c9734d2",
+ "principalId": "6ffb34b8-5e6d-4727-a7f9-93245e7f6ea8",
+ "directoryScopeId": "/administrativeUnits/26e79164-0c5c-4281-8c5b-be7bc7809fb2",
+ "roleDefinitionId": "729827e3-9c14-49f7-bb1b-9608f156bbb8"
+ }
+ ]
+}
+```
v1.0 Rbacapplicationmultiple List Resourcenamespaces https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/rbacapplicationmultiple-list-resourcenamespaces.md
+
+ Title: "List resourceNamespaces"
+description: "Get a list of the unifiedRbacResourceNamespace objects and their properties."
+
+ms.localizationpriority: medium
++
+# List resourceNamespaces
+Namespace: microsoft.graph
++
+Get a list of the [unifiedRbacResourceNamespace](../resources/unifiedrbacresourcenamespace.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /roleManagement/directory/resourceNamespaces
+```
+
+## Optional query parameters
+This method supports the `$filter` and `$select` OData query parameters to help customize the response. This method supports `$filter` for **id** and **name**. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [unifiedRbacResourceNamespace](../resources/unifiedrbacresourcenamespace.md) objects in the response body.
+
+## Examples
+
+The following example gets all resource namespaces.
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_unifiedrbacresourcenamespace"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/roleManagement/directory/resourceNamespaces
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here has been shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.unifiedRbacResourceNamespace)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#roleManagement/directory/resourceNamespaces",
+ "value": [
+ {
+ "id": "microsoft.aad.b2c",
+ "name": "microsoft.aad.b2c"
+ },
+ {
+ "id": "microsoft.aad.cloudAppSecurity",
+ "name": "microsoft.aad.cloudAppSecurity"
+ },
+ {
+ "id": "microsoft.directory",
+ "name": "microsoft.directory"
+ }
+ ]
+}
+```
v1.0 Reportroot List Dailyprintusagebyprinter https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reportroot-list-dailyprintusagebyprinter.md
GET https://graph.microsoft.com/beta/print/reports/dailyPrintUsageByPrinter
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response
v1.0 Reportroot List Dailyprintusagebyuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reportroot-list-dailyprintusagebyuser.md
GET https://graph.microsoft.com/beta/print/reports/dailyPrintUsageByUser
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response
v1.0 Reportroot List Monthlyprintusagebyprinter https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reportroot-list-monthlyprintusagebyprinter.md
GET https://graph.microsoft.com/beta/print/reports/monthlyPrintUsageByPrinter
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response
v1.0 Reportroot List Monthlyprintusagebyuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reportroot-list-monthlyprintusagebyuser.md
GET https://graph.microsoft.com/beta/print/reports/monthlyPrintUsageByUser
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response
v1.0 Riskyserviceprincipal Confirmcompromised https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/riskyserviceprincipal-confirmcompromised.md
If successful, this action returns a `204 No Content` response code. It does not
## Example ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "riskyserviceprincipal_confirmcompromised"
Content-Type: application/json
] } ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response
v1.0 Riskyserviceprincipal Dismiss https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/riskyserviceprincipal-dismiss.md
If successful, this action returns a `204 No Content` response code. It does not
## Example ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "riskyserviceprincipal_dismiss"
Content-Type: application/json
] } ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response
v1.0 Riskyserviceprincipal Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/riskyserviceprincipal-get.md
If successful, this method returns a `200 OK` response code and a [riskyServiceP
## Examples ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_riskyserviceprincipal"
If successful, this method returns a `200 OK` response code and a [riskyServiceP
``` http GET https://graph.microsoft.com/beta/identityProtection/riskyServicePrincipals/9089a539-a539-9089-39a5-899039a58990 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response
v1.0 Riskyserviceprincipal List History https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/riskyserviceprincipal-list-history.md
If successful, this method returns a `200 OK` response code and a collection of
## Example ### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_riskyserviceprincipalhistoryitem"
If successful, this method returns a `200 OK` response code and a collection of
``` http GET https://graph.microsoft.com/beta/identityProtection/riskyServicePrincipals/{riskyServicePrincipalId}/history ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response
v1.0 Riskyuser List History https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/riskyuser-list-history.md
GET https://graph.microsoft.com/beta/identityProtection/riskyUsers/41a31b00-3b3b
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ #### Response
v1.0 Riskyuserhistoryitem Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/riskyuserhistoryitem-get.md
GET https://graph.microsoft.com/beta/identityProtection/riskyUsers/41a31b00-3b3b
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ #### Response
v1.0 Schedule Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedule-get.md
Title: "Get schedule" description: "Retrieve the properties and relationships of a **schedule** object."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Schedule List Schedulinggroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedule-list-schedulinggroups.md
Title: "List schedulingGroups" description: "Get the list of schedulingGroup in this schedule."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Schedule List Shifts https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedule-list-shifts.md
Title: "List shifts" description: "Get the list of shifts in a schedule."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
GET /teams/{teamId}/schedule/shifts
``` ## Optional query parameters+ This method supports the `$filter` [OData query parameter](/graph/query-parameters) to help customize the response.
+> [!NOTE]
+> The `$filter` parameter doesn't support the use of the same property more than once in a query. For example, the following query will not work: `sharedShift/startDateTime ge 2019-05-09T00:00:00Z and sharedShift/startDateTime le 2019-05-09T23:59:59Z`.
+ ## Request headers | Header | Value |
v1.0 Schedule List Timeoffreasons https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedule-list-timeoffreasons.md
Title: "List timeOffReasons" description: "Get the list of timeOffReasons in a schedule."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Schedule List Timesoff https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedule-list-timesoff.md
Title: "List timesOff" description: "Get the list of timesOff in this schedule."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Schedule Post Schedulinggroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedule-post-schedulinggroups.md
Title: "Create schedulingGroup" description: "Create a new schedulingGroup."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Schedule Post Shifts https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedule-post-shifts.md
Title: "Create shift" description: "Create a new shift."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Schedule Post Timeoffreasons https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedule-post-timeoffreasons.md
Title: "Create timeOffReason" description: "Create a new timeOffReason."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Schedule Post Timesoff https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedule-post-timesoff.md
Title: "Create timeOff" description: "Create a new timeOff."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Schedule Share https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedule-share.md
Title: "schedule: share" description: "Share a schedule time range with schedule members."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Schedulinggroup Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedulinggroup-delete.md
Title: "Delete schedulingGroup" description: "Mark a schedulingGroup as inactive by setting its isActive property"-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Schedulinggroup Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedulinggroup-get.md
Title: "Get schedulingGroup" description: "Retrieve the properties and relationships of a [schedulingGroup](../resources/schedulinggroup.md) by ID."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Schedulinggroup Put https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/schedulinggroup-put.md
Title: "Replace schedulingGroup" description: "Replace an existing schedulingGroup."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Search Acronym Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-acronym-delete.md
+
+ Title: "Delete acronym"
+description: "Deletes an acronym object."
+
+ms.localizationpriority: medium
++
+# Delete acronym
+Namespace: microsoft.graph.search
++
+Deletes an [acronym](../resources/search-acronym.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /search/acronyms/{acronymsId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_acronym"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/beta/search/acronyms/{acronymsId}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Search Acronym Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-acronym-get.md
+
+ Title: "Get acronym"
+description: "Read the properties and relationships of an acronym object."
+
+ms.localizationpriority: medium
++
+# Get acronym
+Namespace: microsoft.graph.search
++
+Read the properties and relationships of an [acronym](../resources/search-acronym.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /search/acronyms/{acronymsId}
+```
+
+## Optional query parameters
+This method supports the `select`, `expand`, `filter`, `orderBy`, `maxTop`, and `count` [OData Query Parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [acronym](../resources/search-acronym.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_acronym"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/search/acronyms/{acronymsId}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.search.acronym"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "id": "733b26d5-af76-4eea-ac69-1a0ce8716897",
+ "displayName": "DNN",
+ "standsFor": ["Deep Neural Network"],
+ "description": "A deep neural network is a neural network with a certain level of complexity, a neural network with more than two layers.",
+ "webUrl": "http://microsoft.com/deep-neural-network",
+ "state": "published",
+ "lastModifiedDateTime": "2016-03-21T20:01:37Z",
+ "lastModifiedBy": {
+ "user": {
+ "id": "efee1b77-fb3b-4f65-99d6-274c11914d12",
+ "displayName": "Amalie Larsen"
+ }
+ }
+}
+```
+
v1.0 Search Acronym Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-acronym-update.md
+
+ Title: "Update acronym"
+description: "Update the properties of an acronym object."
+
+ms.localizationpriority: medium
++
+# Update acronym
+Namespace: microsoft.graph.search
++
+Update the properties of an [acronym](../resources/search-acronym.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /search/acronyms/{acronymsId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [acronym](../resources/search-acronym.md) object. Supply the values for relevant fields that should be updated. Existing properties that aren't included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance you shouldn't include existing values that haven't changed.
+
+|Property|Type|Description|
+|:|:|:|
+|description|String|A brief description of the acronym that gives users more info about the acronym and what it stands for. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|displayName|String|The actual short form or acronym. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|standsFor|String collection|What the acronym stands for.|
+|state|microsoft.graph.search.answerState|State of the acronym. Possible values are: `published`, `draft`, `excluded`, or `unknownFutureValue`.|
+|webUrl|String|The URL of the page or website where users can go for more information about the acronym. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+++
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_acronym"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/beta/search/acronyms/{acronymsId}
+Content-Type: application/json
+
+{
+ "description": "A deep neural network is a neural network with a certain level of complexity, a neural network with more than two layers."
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Search Bookmark Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-bookmark-delete.md
+
+ Title: "Delete bookmark"
+description: "Delete a bookmark object."
+
+ms.localizationpriority: medium
++
+# Delete bookmark
+Namespace: microsoft.graph.search
++
+Delete a [bookmark](../resources/search-bookmark.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /search/bookmarks/{bookmarksId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_bookmark"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/beta/search/bookmarks/{bookmarkId}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Search Bookmark Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-bookmark-get.md
+
+ Title: "Get bookmark"
+description: "Read the properties and relationships of a bookmark object."
+
+ms.localizationpriority: medium
++
+# Get bookmark
+Namespace: microsoft.graph.search
++
+Read the properties and relationships of a [bookmark](../resources/search-bookmark.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /search/bookmarks/{bookmarksId}
+```
+
+## Optional query parameters
+This method supports the `select`, `expand`, `filter`, `orderBy`, `maxTop`, and `count` [OData Query Parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [bookmark](../resources/search-bookmark.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_bookmark"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/search/bookmarks/{bookmarksId}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.search.bookmark"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "id": "733b26d5-af76-4eea-ac69-1a0ce8716897",
+ "displayName": "Italy Holiday",
+ "webUrl": "http://www.margiestravel.com/",
+ "description": "Book a fancy vacation in Tuscany or browse museums in Florence.",
+ "lastModifiedDateTime": "2016-03-21T20:01:37Z",
+ "lastModifiedBy": {
+ "user": {
+ "id": "efee1b77-fb3b-4f65-99d6-274c11914d12",
+ "displayName": "Amalie Larsen"
+ }
+ },
+ "keywords": {
+ "keywords": ["Vacation in Europe", "Holiday in Europe"],
+ "reservedKeywords": ["Vacation in Italy"],
+ "matchSimilarKeywords": true
+ },
+ "categories": ["HR"],
+ "availabilityStartDateTime": "2020-09-21T20:01:37Z",
+ "availabilityEndDateTime": "2020-11-21T20:01:37Z",
+ "languageTags": ["en-US"],
+ "platforms": ["ios"],
+ "groupIds": ["groupId"],
+ "targetedVariations": null,
+ "powerAppIds": ["powerAppId"],
+ "state": "published",
+ "isSuggested": false
+}
+```
+
v1.0 Search Bookmark Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-bookmark-update.md
+
+ Title: "Update bookmark"
+description: "Update the properties of a bookmark object."
+
+ms.localizationpriority: medium
++
+# Update bookmark
+Namespace: microsoft.graph.search
++
+Update the properties of a [bookmark](../resources/search-bookmark.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /search/bookmarks/{bookmarksId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [bookmark](../resources/search-bookmark.md) object. Supply the values for relevant fields that should be updated. Existing properties that aren't included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance you shouldn't include existing values that haven't changed.
+>**Note:** Updates to collection properties will update the entire collection. Any updates to a collection, such as keywords or categories, will replace the collection entirely.
+
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|Bookmark name displayed in search results. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|description|String|Bookmark description shown on search results page. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|webUrl|String|Bookmark URL link. When users click this bookmark in search results, they will go to this URL. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|categories|String collection|Categories commonly used to describe this bookmark. For example, IT and HR.|
+|availabilityStartDateTime|DateTimeOffset|Timestamp of when the bookmark will start to appear as a search result. Set as `null` for always available.|
+|availabilityEndDateTime|DateTimeOffset|Timestamp of when the bookmark will stop to appear as a search result. Set as `null` for always available.|
+|languageTags|String collection|List of countries or regions able to view this bookmark.|
+|platforms|microsoft.graph.devicePlatformType collection|List of devices and operating systems able to view this bookmark. Possible values are: `unknown`, `android`, `androidForWork`, `ios`, `macOS`, `windowsPhone81`, `windowsPhone81AndLater`, `windows10AndLater`, `androidWorkProfile`, `androidASOP`.|
+|targetedVariations|[microsoft.graph.search.answerVariant](../resources/search-answerVariant.md) collection|Variations of a bookmark for different countries or devices. Use when you need to show different content to users based on their device, country/region, or both. The date and group settings will apply to all variations.|
+|powerAppIds|String collection|List of Power Apps associated with this bookmark. If users add existing Power Apps to a bookmark, they can complete tasks, such as to enter vacation time or to report expenses on the search results page.|
+|keywords|[microsoft.graph.search.answerKeyword](../resources/search-answerKeyword.md)|Keywords that trigger this bookmark to appear in search results.|
+|state|microsoft.graph.search.answerState|State of the bookmark. Possible values are: `published`, `draft`, `excluded`, or `unknownFutureValue`.|
+|groupIds|String collection|List of security groups able to view this bookmark.|
+++
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_bookmark"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/beta/search/bookmarks/{bookmarksId}
+Content-Type: application/json
+
+{
+ "description": "Book a fancy vacation in Tuscany or browse museums in Florence."
+}
+
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Search Qna Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-qna-delete.md
+
+ Title: "Delete qna"
+description: "Delete a qna object."
+
+ms.localizationpriority: medium
++
+# Delete qna
+Namespace: microsoft.graph.search
++
+Delete a [qna](../resources/search-qna.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /search/qnas/{qnaId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_qna"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/beta/search/qnas/{qnaId}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Search Qna Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-qna-get.md
+
+ Title: "Get qna"
+description: "Read the properties and relationships of a qna object."
+
+ms.localizationpriority: medium
++
+# Get qna
+Namespace: microsoft.graph.search
++
+Read the properties and relationships of a [qna](../resources/search-qna.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /search/qnas/{qnaId}
+```
+
+## Optional query parameters
+This method supports the `select`, `expand`, `filter`, `orderBy`, `maxTop`, and `count` [OData Query Parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [qna](../resources/search-qna.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_qna"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/search/qnas/{qnaId}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.search.qna"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "id": "733b26d5-af76-4eea-ac69-1a0ce8716897",
+ "displayName": "Global Country Holidays",
+ "webUrl": "http://www.contoso.com/",
+ "description": "The dates that Contoso offices will be closed to observe holidays. These dates may differ from the actual date of the holiday in cases where the holiday falls on a weeΓÇïkend.",
+ "lastModifiedDateTime": "2016-03-21T20:01:37Z",
+ "lastModifiedBy": {
+ "user": {
+ "id": "efee1b77-fb3b-4f65-99d6-274c11914d12",
+ "displayName": "Amalie Larsen"
+ }
+ },
+ "keywords": {
+ "keywords": ["new years day", "martin luther king day", "presidents day", "memorial day", "independence day", "labor day", "thanksgiving", "christmas"],
+ "reservedKeywords": ["holidays", "paid days off"],
+ "matchSimilarKeywords": true
+ },
+ "availabilityStartDateTime": "2020-09-21T20:01:37Z",
+ "availabilityEndDateTime": "2021-12-31T20:01:37Z",
+ "languageTags": ["en-US"],
+ "platforms": ["ios"],
+ "groupIds": ["groupId"],
+ "targetedVariations": null,
+ "state": "published"
+}
+```
+
v1.0 Search Qna Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-qna-update.md
+
+ Title: "Update qna"
+description: "Update the properties of a qna object."
+
+ms.localizationpriority: medium
++
+# Update qna
+Namespace: microsoft.graph.search
++
+Update the properties of a [qna](../resources/search-qna.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /search/qna/{qnaId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [qna](../resources/search-qna.md) object. Supply the values for relevant fields that should be updated. Existing properties that aren't included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance you shouldn't include existing values that haven't changed.
+>**Note:** Updates to collection properties will update the entire collection. Any updates to a collection, such as keywords or categories, will replace the collection entirely.
+
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|Question displayed in search results. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|description|String|Answer displayed in search results. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|webUrl|String|Qna URL link. When users click this qna in search results, they will go to this URL. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|availabilityStartDateTime|DateTimeOffset|Timestamp of when the qna will start to appear as a search result. Set as `null` for always available.|
+|availabilityEndDateTime|DateTimeOffset|Timestamp of when the qna will stop to appear as a search result. Set as `null` for always available.|
+|languageTags|String collection|List of countries or regions able to view this qna.|
+|platforms|microsoft.graph.devicePlatformType collection|List of devices and operating systems able to view this qna. Possible values are: `unknown`, `android`, `androidForWork`, `ios`, `macOS`, `windowsPhone81`, `windowsPhone81AndLater`, `windows10AndLater`, `androidWorkProfile`, `androidASOP`.|
+|targetedVariations|[microsoft.graph.search.answerVariant](../resources/search-answerVariant.md) collection|Variations of a qna for different countries or devices. Use when you need to show different content to users based on their device, country/region, or both. The date and group settings will apply to all variations.|
+|keywords|[microsoft.graph.search.answerKeyword](../resources/search-answerKeyword.md)|Keywords that trigger this qna to appear in search results.|
+|state|microsoft.graph.search.answerState|State of the qna. Possible values are: `published`, `draft`, `excluded`, or `unknownFutureValue`.|
+|groupIds|String collection|List of security groups able to view this qna.|
+++
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "request",
+ "name": "update_qna"
+}-->
+``` http
+PATCH https://graph.microsoft.com/beta/search/qna/{qnaId}
+Content-Type: application/json
+
+{
+ "description": "The dates that Contoso offices will be closed to observe holidays. These dates may differ from the actual date of the holiday in cases where the holiday falls on a weeΓÇïkend."
+}
+```
++
+### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Search Searchentity List Acronyms https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-searchentity-list-acronyms.md
+
+ Title: "List acronyms"
+description: "Get a list of the acronym objects and their properties."
+
+ms.localizationpriority: medium
++
+# List acronyms
+Namespace: microsoft.graph.search
++
+Get a list of the [acronym](../resources/search-acronym.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /search/acronyms
+```
+
+## Optional query parameters
+This method supports the `select`, `expand`, `filter`, `orderBy`, `maxTop`, and `count` [OData Query Parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [acronym](../resources/search-acronym.md) objects in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_acronym"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/search/acronyms
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.search.acronym",
+ "isCollection": true
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+[
+ {
+ "id": "733b26d5-af76-4eea-ac69-1a0ce8716897",
+ "displayName": "DNN",
+ "standsFor": ["Deep Neural Network"],
+ "description": "A deep neural network is a neural network with a certain level of complexity, a neural network with more than two layers.",
+ "webUrl": "http://microsoft.com/deep-neural-network",
+ "state": "published",
+ "lastModifiedDateTime": "2016-03-21T20:01:37Z",
+ "lastModifiedBy": {
+ "user": {
+ "id": "efee1b77-fb3b-4f65-99d6-274c11914d12",
+ "displayName": "Amalie Larsen"
+ }
+ }
+ }
+]
+```
+
v1.0 Search Searchentity List Bookmarks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-searchentity-list-bookmarks.md
+
+ Title: "List bookmarks"
+description: "Get a list of bookmark objects and their properties."
+
+ms.localizationpriority: medium
++
+# List bookmarks
+Namespace: microsoft.graph.search
++
+Get a list of [bookmark](../resources/search-bookmark.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /search/bookmarks
+```
+
+## Optional query parameters
+This method supports the `select`, `expand`, `filter`, `orderBy`, `maxTop`, and `count` [OData query parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [bookmark](../resources/search-bookmark.md) objects in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_bookmark"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/search/bookmarks
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.search.bookmark",
+ "isCollection": true
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+[
+ {
+ "id": "733b26d5-af76-4eea-ac69-1a0ce8716897",
+ "displayName": "Italy Holiday",
+ "webUrl": "http://www.margiestravel.com/",
+ "description": "Book a fancy vacation in Tuscany or browse museums in Florence.",
+ "lastModifiedDateTime": "2016-03-21T20:01:37Z",
+ "lastModifiedBy": {
+ "user": {
+ "id": "efee1b77-fb3b-4f65-99d6-274c11914d12",
+ "displayName": "Amalie Larsen"
+ }
+ },
+ "keywords": {
+ "keywords": ["Vacation in Europe", "Holiday in Europe"],
+ "reservedKeywords": ["Vacation in Italy"],
+ "matchSimilarKeywords": true
+ },
+ "categories": ["HR"],
+ "availabilityStartDateTime": "2020-09-21T20:01:37Z",
+ "availabilityEndDateTime": "2020-11-21T20:01:37Z",
+ "languageTags": ["en-US"],
+ "platforms": ["ios"],
+ "groupIds": ["groupId"],
+ "targetedVariations": null,
+ "powerAppIds": ["powerAppId"],
+ "state": "published",
+ "isSuggested": false
+ }
+]
+```
+
v1.0 Search Searchentity List Qnas https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-searchentity-list-qnas.md
+
+ Title: "List qnas"
+description: "Get a list of the qna objects and their properties."
+
+ms.localizationpriority: medium
++
+# List qnas
+Namespace: microsoft.graph.search
++
+Get a list of the [qna](../resources/search-qna.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /search/qnas
+```
+
+## Optional query parameters
+This method supports the `select`, `expand`, `filter`, `orderBy`, `maxTop`, and `count` [OData Query Parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [qna](../resources/search-qna.md) objects in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_qna"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/search/qnas
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.search.qna",
+ "isCollection": true
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+[
+ {
+ "id": "733b26d5-af76-4eea-ac69-1a0ce8716897",
+ "displayName": "Global Country Holidays",
+ "webUrl": "http://www.contoso.com/",
+ "description": "The dates that Contoso offices will be closed to observe holidays. These dates may differ from the actual date of the holiday in cases where the holiday falls on a weeΓÇïkend. <table> <thead> <tr> <td><strong>2021 Dates</strong></td> <td><strong>Holiday</strong></td> </tr> </thead> <tbody> <tr> <td>January 1, 2021</td> <td>New Year's Day</td> </tr> <tr> <td>January 18, 2021</td> <td>Martin Luther King Day</td> </tr> <tr> <td>February 15, 2021</td> <td>Presidents Day</td> </tr> <tr> <td>May 31, 2021</td> <td>Memorial Day</td> </tr> <tr> <td>July 5, 2021</td> <td>Independence Day</td> </tr> <tr> <td>September 6, 2021</td> <td>Labor Day</td> </tr> <tr> <td>November 25, 2021 - November 26, 2021</td> <td>Thanksgiving Day and Day after Thanksgiving</td> </tr> <tr> <td>December 23, 2021 - December 24, 2021</td> <td>Christmas Eve and Christmas Day</td> </tr> </tbody> </table>",
+ "lastModifiedDateTime": "2016-03-21T20:01:37Z",
+ "lastModifiedBy": {
+ "user": {
+ "id": "efee1b77-fb3b-4f65-99d6-274c11914d12",
+ "displayName": "Amalie Larsen"
+ }
+ },
+ "keywords": {
+ "keywords": ["new years day", "martin luther king day", "presidents day", "memorial day", "independence day", "labor day", "thanksgiving", "christmas"],
+ "reservedKeywords": ["holidays", "paid days off"],
+ "matchSimilarKeywords": true
+ },
+ "availabilityStartDateTime": "2020-09-21T20:01:37Z",
+ "availabilityEndDateTime": "2021-12-31T20:01:37Z",
+ "languageTags": ["en-US"],
+ "platforms": ["ios"],
+ "groupIds": ["groupId"],
+ "targetedVariations": null,
+ "state": "published"
+ }
+]
+```
+
v1.0 Search Searchentity Post Acronyms https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-searchentity-post-acronyms.md
+
+ Title: "Create acronym"
+description: "Create a new acronym object."
+
+ms.localizationpriority: medium
++
+# Create acronym
+Namespace: microsoft.graph.search
++
+Create a new [acronym](../resources/search-acronym.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /search/acronyms
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [acronym](../resources/search-acronym.md) object.
+
+The following table shows the properties that are available when you create an [acronym](../resources/search-acronym.md).
+
+|Property|Type|Description|
+|:|:|:|
+|description|String|A brief description of the acronym that gives users more info about the acronym and what it stands for. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|displayName|String|The actual short form or acronym. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|standsFor|String collection|What the acronym stands for.|
+|state|microsoft.graph.search.answerState|State of the acronym. Possible values are: `published`, `draft`, `excluded`, or `unknownFutureValue`.|
+|webUrl|String|The URL of the page or website where users can go for more information about the acronym. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+++
+## Response
+
+If successful, this method returns a `200 Ok` response code.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_acronym_from_acronyms"
+}-->
+```http
+POST https://graph.microsoft.com/beta/search/acronyms
+Content-Type: application/json
+
+{
+ "displayName": "DNN",
+ "standsFor": "Deep Neural Network",
+ "description": "A deep neural network is a neural network with a certain level of complexity, a neural network with more than two layers.",
+ "webUrl": "http://microsoft.com/deep-neural-network",
+ "state": "draft"
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+Here is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.search.acronym"
+}-->
+```http
+HTTP/1.1 200 Ok
+Content-Type: application/json
+
+{
+ "id": "733b26d5-af76-4eea-ac69-1a0ce8716897"
+}
+```
+
v1.0 Search Searchentity Post Bookmarks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-searchentity-post-bookmarks.md
+
+ Title: "Create bookmark"
+description: "Create a new bookmark object."
+
+ms.localizationpriority: medium
++
+# Create bookmark
+Namespace: microsoft.graph.search
++
+Create a new [bookmark](../resources/search-bookmark.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}-->
+```http
+POST /search/bookmarks
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [bookmark](../resources/search-bookmark.md) object.
+
+The following table shows the properties that are available when you create a [bookmark](../resources/search-bookmark.md).
+
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|Bookmark name displayed in search results. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|description|String|Bookmark description shown on search results page. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|webUrl|String|Bookmark URL link. When users click this bookmark in search results, they will go to this URL. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|categories|String collection|Categories commonly used to describe this bookmark. For example, IT and HR.|
+|availabilityStartDateTime|DateTimeOffset|Timestamp of when the bookmark will start to appear as a search result. Set as `null` for always available.|
+|availabilityEndDateTime|DateTimeOffset|Timestamp of when the bookmark will stop to appear as a search result. Set as `null` for always available.|
+|languageTags|String collection|List of countries or regions able to view this bookmark.|
+|platforms|microsoft.graph.devicePlatformType collection|List of devices and operating systems able to view this bookmark. Possible values are: `unknown`, `android`, `androidForWork`, `ios`, `macOS`, `windowsPhone81`, `windowsPhone81AndLater`, `windows10AndLater`, `androidWorkProfile`, `androidASOP`.|
+|targetedVariations|[microsoft.graph.search.answerVariant](../resources/search-answerVariant.md) collection|Variations of a bookmark for different countries or devices. Use when you need to show different content to users based on their device, country/region, or both. The date and group settings will apply to all variations.|
+|powerAppIds|String collection|List of Power Apps associated with this bookmark. If users add existing Power Apps to a bookmark, they can complete tasks, such as to enter vacation time or to report expenses on the search results page.|
+|keywords|[microsoft.graph.search.answerKeyword](../resources/search-answerKeyword.md)|Keywords that trigger this bookmark to appear in search results.|
+|state|microsoft.graph.search.answerState|State of the bookmark. Possible values are: `published`, `draft`, `excluded`, or `unknownFutureValue`.|
+|groupIds|String collection|List of security groups able to view this bookmark.|
+++
+## Response
+
+If successful, this method returns a `201 Created` response code with the ID of the bookmark created.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_bookmark_from_bookmarks"
+}-->
+```http
+POST https://graph.microsoft.com/beta/search/bookmarks
+Content-Type: application/json
+
+{
+ "displayName": "Contoso Install Site",
+ "webUrl": "http://www.contoso.com/",
+ "description": "Try or buy Contoso for Home or Business and view product information",
+ "keywords": {
+ "keywords": ["Contoso", "install"],
+ "reservedKeywords": ["Contoso"],
+ "matchSimilarKeywords": true
+ },
+ "availabilityStartDateTime": null,
+ "availabilityEndDateTime": null,
+ "platforms": ["windows"],
+ "targetedVariations": [
+ {
+ "languageTag": "es-ES",
+ "displayName": "Sitio de instalaci├│n Contoso",
+ "description": "Pruebe o compre Contoso hogar o negocios y vea la informaci├│n del producto"
+ }
+ ],
+ "groupIds": ["groupId"],
+ "powerAppIds": ["powerAppId"],
+ "state": "published"
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+Here is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.search.bookmark"
+}-->
+```http
+HTTP/1.1 201 CREATED
+Location: /733b26d5-af76-4eea-ac69-1a0ce8716897
+Content-Type: application/json
+
+{
+ "id": "733b26d5-af76-4eea-ac69-1a0ce8716897"
+}
+```
+
v1.0 Search Searchentity Post Qnas https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-searchentity-post-qnas.md
+
+ Title: "Create qna"
+description: "Create a new qna object."
+
+ms.localizationpriority: medium
++
+# Create qna
+Namespace: microsoft.graph.search
++
+Create a new [qna](../resources/search-qna.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+|Delegated (personal Microsoft account)| Not supported. |
+|Application| SearchConfiguration.Read.All, SearchConfiguration.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /search/qnas
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [qna](../resources/search-qna.md) object.
+
+The following table shows the properties that are available when you create a [qna](../resources/search-qna.md).
+
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|Question displayed in search results. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|description|String|Answer displayed in search results. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|webUrl|String|Qna URL link. When users click this qna in search results, they will go to this URL. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|availabilityStartDateTime|DateTimeOffset|Timestamp of when the qna will start to appear as a search result. Set as `null` for always available.|
+|availabilityEndDateTime|DateTimeOffset|Timestamp of when the qna will stop to appear as a search result. Set as `null` for always available.|
+|languageTags|String collection|List of countries or regions able to view this qna.|
+|platforms|microsoft.graph.devicePlatformType collection|List of devices and operating systems able to view this qna. Possible values are: `unknown`, `android`, `androidForWork`, `ios`, `macOS`, `windowsPhone81`, `windowsPhone81AndLater`, `windows10AndLater`, `androidWorkProfile`, `androidASOP`.|
+|targetedVariations|[microsoft.graph.search.answerVariant](../resources/search-answerVariant.md) collection|Variations of a qna for different countries or devices. Use when you need to show different content to users based on their device, country/region, or both. The date and group settings will apply to all variations.|
+|keywords|[microsoft.graph.search.answerKeyword](../resources/search-answerKeyword.md)|Keywords that trigger this qna to appear in search results.|
+|state|microsoft.graph.search.answerState|State of the qna. Possible values are: `published`, `draft`, `excluded`, or `unknownFutureValue`.|
+|groupIds|String collection|List of security groups able to view this qna.|
+++
+## Response
+
+If successful, this method returns a `201 Created` response code with the ID of the question and answer created.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_qna_from_qnas"
+}-->
+```http
+POST https://graph.microsoft.com/beta/search/qnas
+Content-Type: application/json
+
+{
+ "displayName": "Global Country Holidays",
+ "webUrl": "http://www.contoso.com/",
+ "description": "The dates that Contoso offices will be closed to observe holidays. These dates may differ from the actual date of the holiday in cases where the holiday falls on a weeΓÇïkend. <table> <thead> <tr> <td><strong>2021 Dates</strong></td> <td><strong>Holiday</strong></td> </tr> </thead> <tbody> <tr> <td>January 1, 2021</td> <td>New Year's Day</td> </tr> <tr> <td>January 18, 2021</td> <td>Martin Luther King Day</td> </tr> <tr> <td>February 15, 2021</td> <td>Presidents Day</td> </tr> <tr> <td>May 31, 2021</td> <td>Memorial Day</td> </tr> <tr> <td>July 5, 2021</td> <td>Independence Day</td> </tr> <tr> <td>September 6, 2021</td> <td>Labor Day</td> </tr> <tr> <td>November 25, 2021 - November 26, 2021</td> <td>Thanksgiving Day and Day after Thanksgiving</td> </tr> <tr> <td>December 23, 2021 - December 24, 2021</td> <td>Christmas Eve and Christmas Day</td> </tr> </tbody> </table>",
+ "keywords": {
+ "keywords": ["new years day", "martin luther king day", "presidents day", "memorial day", "independence day", "labor day", "thanksgiving", "christmas"],
+ "reservedKeywords": ["holidays", "paid days off"],
+ "matchSimilarKeywords": true
+ },
+ "availabilityStartDateTime": "2020-09-21T20:01:37Z",
+ "availabilityEndDateTime": "2021-12-31T20:01:37Z",
+ "languageTags": ["en-US"],
+ "platforms": ["ios"],
+ "groupIds": ["groupId"],
+ "state": "published"
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+Here is an example of the response.
+<!--{
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.search.qna"
+}-->
+```http
+HTTP/1.1 201 CREATED
+Location: /733b26d5-af76-4eea-ac69-1a0ce8716897
+Content-Type: application/json
+
+{
+ "id": "733b26d5-af76-4eea-ac69-1a0ce8716897"
+}
+```
+
v1.0 Sectiongroup List Sectiongroups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/sectiongroup-list-sectiongroups.md
GET https://graph.microsoft.com/beta/me/onenote/sectionGroups/{id}/sectionGroups
[!INCLUDE [sample-code](../includes/snippets/go/get-sectiongroups-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ##### Response
v1.0 Serviceannouncement List Healthoverviews https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceannouncement-list-healthoverviews.md
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/healthOverviews
[!INCLUDE [sample-code](../includes/snippets/go/list-healthoverviews-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/healthOverviews?$
[!INCLUDE [sample-code](../includes/snippets/go/list-healthoverviews-with-issues-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceannouncement List Issues https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceannouncement-list-issues.md
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/issues
[!INCLUDE [sample-code](../includes/snippets/go/list-servicehealthissue-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceannouncement List Messages https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceannouncement-list-messages.md
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/messages
[!INCLUDE [sample-code](../includes/snippets/go/list-serviceupdatemessage-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceannouncementattachment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceannouncementattachment-get.md
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/messages/MC54091/
[!INCLUDE [sample-code](../includes/snippets/go/get-serviceannouncementattachment-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/messages/MC54091/
[!INCLUDE [sample-code](../includes/snippets/go/get-serviceannouncementattachment-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Servicehealth Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/servicehealth-get.md
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/healthOverviews/M
[!INCLUDE [sample-code](../includes/snippets/go/get-servicehealth-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/healthOverviews/M
[!INCLUDE [sample-code](../includes/snippets/go/get-servicehealth-with-issues-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Servicehealthissue Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/servicehealthissue-get.md
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/issues/MO226784
[!INCLUDE [sample-code](../includes/snippets/go/get-servicehealthissue-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Servicehealthissue Incidentreport https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/servicehealthissue-incidentreport.md
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/issues/MO248163/i
[!INCLUDE [sample-code](../includes/snippets/go/servicehealthissue-incidentreport-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceprincipal Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | Application.Read.All, Directory.Read.All, Application.ReadWrite.OwnedBy, Application.ReadWrite.All, Directory.ReadWrite.All |
+> [!NOTE]
+> A service principal can retrieve its own application and service principal details without being granted any application permissions.
+ ## HTTP request <!-- { "blockType": "ignored" } --> ```http
GET /servicePrincipals/{id}
``` ## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+This method supports the [OData query parameters](/graph/query-parameters) to help customize the response.
This method supports the `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For more information, see [Advanced query capabilities on Azure AD directory objects](/graph/aad-advanced-queries).
v1.0 Serviceprincipal List Approleassignedto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-list-approleassignedto.md
For example, if the resource service principal is the service principal for the
If the resource service principal is an application that has app roles granted to users and groups, this will return all the users and groups assigned app roles for this application.
+>**Note** This request might have replication delays for app role assignments that were recently granted or removed.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Serviceprincipal List Approleassignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-list-approleassignments.md
Retrieve the list of [appRoleAssignment](../resources/approleassignment.md) that
App roles that are assigned to service principals are also known as [application permissions](/azure/active-directory/develop/v2-permissions-and-consent#permission-types). Application permissions can be granted directly by creating app role assignments, or through a [consent experience](/azure/active-directory/develop/application-consent-experience). +
+>**Note** This request might have replication delays for app role assignments that were recently granted or removed.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Serviceprincipal Removekey https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-removekey.md
In the request body, provide the following required properties.
| Property | Type | Description| |:-|:--|:--|
-| keyId | GUID | The unique identifier for the password.|
+| keyId | Guid | The unique identifier for the password.|
| proof | String | A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed using the private key of one of the servicePrincipal's existing valid certificates. The token should contain the following claims:<ul><li>`aud` - Audience needs to be `00000002-0000-0000-c000-000000000000`.</li><li>`iss` - Issuer needs to be the __id__ of the servicePrincipal that is making the call.</li><li>`nbf` - Not before time.</li><li>`exp` - Expiration time should be `nbf` + 10 mins.</li></ul><br>For steps to generate this proof of possession token, see [Generating proof of possession tokens for rolling keys](/graph/application-rollkey-prooftoken).| ## Response
v1.0 Serviceprincipal Removepassword https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipal-removepassword.md
POST /servicePrincipals/{id}/removePassword
| Property | Type |Description| |:|:--|:-|
-| keyId | GUID | The unique identifier for the password. Required. |
+| keyId | Guid | The unique identifier for the password. Required. |
## Response
v1.0 Serviceprincipalriskdetection Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceprincipalriskdetection-get.md
If successful, this method returns a `200 OK` response code and a [servicePrinci
### Example 1: Get a specific risk detection object #### Request+
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_serviceprincipalriskdetection"
If successful, this method returns a `200 OK` response code and a [servicePrinci
``` http GET https://graph.microsoft.com/beta/identityProtection/servicePrincipalRiskDetections/{servicePrincipalRiskDetectionId} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ #### Response
v1.0 Serviceupdatemessage Archive https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceupdatemessage-archive.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-archive-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Favorite https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceupdatemessage-favorite.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-favorite-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceupdatemessage-get.md
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/messages/MC172851
[!INCLUDE [sample-code](../includes/snippets/go/get-serviceupdatemessage-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage List Attachments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceupdatemessage-list-attachments.md
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/messages/MC54091/
[!INCLUDE [sample-code](../includes/snippets/go/list-serviceannouncementattachment-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
GET https://graph.microsoft.com/beta/admin/serviceAnnouncement/messages/MC54091/
[!INCLUDE [sample-code](../includes/snippets/go/list-serviceannouncementattachment-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Markread https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceupdatemessage-markread.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-markread-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Markunread https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceupdatemessage-markunread.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-markunread-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Unarchive https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceupdatemessage-unarchive.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-unarchive-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Unfavorite https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/serviceupdatemessage-unfavorite.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-unfavorite-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Shift Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/shift-delete.md
Title: "Delete shift" description: "Delete a shift from the schedule."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Shift Put https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/shift-put.md
Title: "Replace shift" description: "Replace an existing shift."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Site Follow https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/site-follow.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response
v1.0 Site List Subsites https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/site-list-subsites.md
description: "Get a collection of subsites defined for a site." Previously updated : 09/10/2017 Title: List the subsites for a SharePoint site ms.localizationpriority: medium ms.prod: "sharepoint"
One of the following permissions is required to call this API. To learn more, in
## HTTP request
+<!-- { "blockType": "ignored" } -->
+ ```http GET /sites/{site-id}/sites ```
+## Request headers
+
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer {code}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [site][] objects in the response body.
+ ## Example ### Request
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request", "name": "list-subsites", "scopes": "service.sharepoint sites.read.all" } -->
GET https://graph.microsoft.com/beta/sites/{site-id}/sites
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "@type": "microsoft.graph.site", "isCollection": true, "truncated": true } --> ```http
v1.0 Site Unfollow https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/site-unfollow.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response
v1.0 Smsauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/smsauthenticationmethodconfiguration-delete.md
DELETE https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/aut
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Smsauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/smsauthenticationmethodconfiguration-get.md
GET https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authen
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Smsauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/smsauthenticationmethodconfiguration-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Subjectrightsrequest Getfinalattachment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/subjectrightsrequest-getfinalattachment.md
Do not supply a request body for this method.
## Response
-If successful, this function will redirect to the Microsoft Azure blob storage link with the SAS token and return a `302` response code.
+If successful, this function will redirect to the Microsoft Azure blob storage link with the SAS token and return a `200` response code.
## Examples
GET https://graph.microsoft.com/beta/privacy/subjectRightsRequests/{subjectRight
} --> ``` http
-HTTP/1.1 302
+HTTP/1.1 200
```
v1.0 Subscription Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/subscription-delete.md
Namespace: microsoft.graph
Delete a subscription.
-See the table in the [Permissions](#permissions) section for the list of resources that support subscribing to change notifications.
+For the list of resources that support subscribing to change notifications, see the table in the [Permissions](#permissions) section.
## Permissions
Depending on the resource and the permission type (delegated or application) req
| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application | |:--|:--|:--|:--|
-|[callRecord](../resources/callrecords-callrecord.md) | Not supported | Not supported | CallRecords.Read.All |
-|[channels](../resources/channel.md) (/teams/getAllChannels ΓÇô all channels in an organization) | Not supported | Not supported | Channel.ReadBasic.All, ChannelSettings.Read.All |
-|[channels](../resources/channel.md) (/teams/{id}/channels) | Channel.ReadBasic.All, ChannelSettings.Read.All | Not supported | Channel.ReadBasic.All, ChannelSettings.Read.All |
-|[chat](../resources/chat.md) (/chats ΓÇô all chats in an organization) | Not supported | Not supported | Chat.ReadBasic.All, Chat.Read.All, Chat.ReadWrite.All |
-|[chat](../resources/chat.md) (/chats/{id}) | Chat.ReadBasic, Chat.Read, Chat.ReadWrite | Not supported | ChatSettings.Read.Chat*, ChatSettings.ReadWrite.Chat*, Chat.Manage.Chat*, Chat.ReadBasic.All, Chat.Read.All, Chat.ReadWrite.All |
-|[chatMessage](../resources/chatmessage.md) (/teams/{id}/channels/{id}/messages) | ChannelMessage.Read.All, Group.Read.All, Group.ReadWrite.All | Not supported | ChannelMessage.Read.Group*, ChannelMessage.Read.All |
-|[chatMessage](../resources/chatmessage.md) (/teams/getAllMessages -- all channel messages in organization) | Not supported | Not supported | ChannelMessage.Read.All |
-|[chatMessage](../resources/chatmessage.md) (/chats/{id}/messages) | Chat.Read, Chat.ReadWrite | Not supported | Chat.Read.All |
-|[chatMessage](../resources/chatmessage.md) (/chats/getAllMessages -- all chat messages in organization) | Not supported | Not supported | Chat.Read.All |
-|[chatMessage](../resources/chatmessage.md) (/users/{id}/chats/getAllMessages -- chat messages for all chats a particular user is part of) | Chat.Read, Chat.ReadWrite | Not supported | Chat.Read.All, Chat.ReadWrite.All |
+|[callRecord](../resources/callrecords-callrecord.md) | Not supported. | Not supported. | CallRecords.Read.All |
+|[channels](../resources/channel.md) (/teams/getAllChannels ΓÇô all channels in an organization) | Not supported. | Not supported. | Channel.ReadBasic.All, ChannelSettings.Read.All |
+|[channels](../resources/channel.md) (/teams/{id}/channels) | Channel.ReadBasic.All, ChannelSettings.Read.All | Not supported. | Channel.ReadBasic.All, ChannelSettings.Read.All |
+|[chat](../resources/chat.md) (/chats ΓÇô all chats in an organization) | Not supported. | Not supported. | Chat.ReadBasic.All, Chat.Read.All, Chat.ReadWrite.All |
+|[chat](../resources/chat.md) (/chats/{id}) | Chat.ReadBasic, Chat.Read, Chat.ReadWrite | Not supported. | ChatSettings.Read.Chat*, ChatSettings.ReadWrite.Chat*, Chat.Manage.Chat*, Chat.ReadBasic.All, Chat.Read.All, Chat.ReadWrite.All |
+|[chatMessage](../resources/chatmessage.md) (/teams/{id}/channels/{id}/messages) | ChannelMessage.Read.All, Group.Read.All, Group.ReadWrite.All | Not supported. | ChannelMessage.Read.Group*, ChannelMessage.Read.All |
+|[chatMessage](../resources/chatmessage.md) (/teams/getAllMessages -- all channel messages in organization) | Not supported. | Not supported. | ChannelMessage.Read.All |
+|[chatMessage](../resources/chatmessage.md) (/chats/{id}/messages) | Chat.Read, Chat.ReadWrite | Not supported. | Chat.Read.All |
+|[chatMessage](../resources/chatmessage.md) (/chats/getAllMessages -- all chat messages in organization) | Not supported. | Not supported. | Chat.Read.All |
+|[chatMessage](../resources/chatmessage.md) (/users/{id}/chats/getAllMessages -- chat messages for all chats a particular user is part of) | Chat.Read, Chat.ReadWrite | Not supported. | Chat.Read.All, Chat.ReadWrite.All |
|[contact](../resources/contact.md) | Contacts.Read | Contacts.Read | Contacts.Read |
-|[conversationMember](../resources/conversationmember.md) (/chats/getAllMembers) | Not supported | Not supported | ChatMember.Read.All, ChatMember.ReadWrite.All, Chat.ReadBasic.All, Chat.Read.All, Chat.ReadWrite.All |
-|[conversationMember](../resources/conversationmember.md) (/chats/{id}/members) | ChatMember.Read, ChatMember.ReadWrite, Chat.ReadBasic, Chat.Read, Chat.ReadWrite | Not supported | ChatMember.Read.Chat*, Chat.Manage.Chat*, ChatMember.Read.All, ChatMember.ReadWrite.All, Chat.ReadBasic.All, Chat.Read.All, Chat.ReadWrite.All |
-|[conversationMember](../resources/conversationmember.md) (/teams/getAllMembers) | Not supported | Not supported | TeamMember.Read.All, TeamMember.ReadWrite.All |
-|[conversationMember](../resources/conversationmember.md) (/teams/{id}/members) | TeamMember.Read.All | Not supported | TeamMember.Read.All |
-|[conversationMember](../resources/conversationmember.md) (/teams/{id}/channels/getAllMembers) | Not supported | Not supported | ChannelMember.Read.All |
-|[driveItem](../resources/driveitem.md) (user's personal OneDrive) | Not supported | Files.ReadWrite | Not supported |
-|[driveItem](../resources/driveitem.md) (OneDrive for Business) | Files.ReadWrite.All | Not supported | Files.ReadWrite.All |
+|[conversationMember](../resources/conversationmember.md) (/chats/getAllMembers) | Not supported. | Not supported. | ChatMember.Read.All, ChatMember.ReadWrite.All, Chat.ReadBasic.All, Chat.Read.All, Chat.ReadWrite.All |
+|[conversationMember](../resources/conversationmember.md) (/chats/{id}/members) | ChatMember.Read, ChatMember.ReadWrite, Chat.ReadBasic, Chat.Read, Chat.ReadWrite | Not supported. | ChatMember.Read.Chat*, Chat.Manage.Chat*, ChatMember.Read.All, ChatMember.ReadWrite.All, Chat.ReadBasic.All, Chat.Read.All, Chat.ReadWrite.All |
+|[conversationMember](../resources/conversationmember.md) (/teams/getAllMembers) | Not supported. | Not supported. | TeamMember.Read.All, TeamMember.ReadWrite.All |
+|[conversationMember](../resources/conversationmember.md) (/teams/{id}/members) | TeamMember.Read.All | Not supported. | TeamMember.Read.All |
+|[conversationMember](../resources/conversationmember.md) (/teams/{id}/channels/getAllMembers) | Not supported. | Not supported. | ChannelMember.Read.All |
+|[driveItem](../resources/driveitem.md) (user's personal OneDrive) | Not supported. | Files.ReadWrite | Not supported. |
+|[driveItem](../resources/driveitem.md) (OneDrive for Business) | Files.ReadWrite.All | Not supported. | Files.ReadWrite.All |
|[event](../resources/event.md) | Calendars.Read | Calendars.Read | Calendars.Read |
-|[group](../resources/group.md) | Group.Read.All | Not supported | Group.Read.All |
-|[group conversation](../resources/conversation.md) | Group.Read.All | Not supported | Not supported |
-|[list](../resources/list.md) | Sites.ReadWrite.All | Not supported | Sites.ReadWrite.All |
+|[group](../resources/group.md) | Group.Read.All | Not supported. | Group.Read.All |
+|[group conversation](../resources/conversation.md) | Group.Read.All | Not supported. | Not supported. |
+|[list](../resources/list.md) | Sites.ReadWrite.All | Not supported. | Sites.ReadWrite.All |
|[message](../resources/message.md) | Mail.ReadBasic, Mail.Read | Mail.ReadBasic, Mail.Read | Mail.ReadBasic, Mail.Read |
-|[presence](../resources/presence.md) | Presence.Read.All | Not supported | Not supported |
-|[printer](../resources/printer.md) | Not supported | Not supported | Printer.Read.All, Printer.ReadWrite.All |
-|[printTaskDefinition](../resources/printtaskdefinition.md) | Not supported | Not supported | PrintTaskDefinition.ReadWrite.All |
-|[security alert](../resources/alert.md) | SecurityEvents.ReadWrite.All | Not supported | SecurityEvents.ReadWrite.All |
-|[teams](../resources/team.md) (/teams ΓÇô all teams in an organization) | Not supported | Not supported | Team.ReadBasic.All, TeamSettings.Read.All |
-|[teams](../resources/team.md) (/teams/{id}) | Team.ReadBasic.All, TeamSettings.Read.All | Not supported | Team.ReadBasic.All, TeamSettings.Read.All |
-|[todoTask](../resources/todotask.md) | Tasks.ReadWrite | Tasks.ReadWrite | Not supported |
-|[baseTask](../resources/basetask.md) | Tasks.ReadWrite | Tasks.ReadWrite | Not supported |
+|[online meeting](../resources/onlinemeeting.md) | Not supported | Not supported | OnlineMeetings.Read.All, OnlineMeetings.ReadWrite.All |
+|[presence](../resources/presence.md) | Presence.Read.All | Not supported. | Not supported. |
+|[printer](../resources/printer.md) | Not supported. | Not supported. | Printer.Read.All, Printer.ReadWrite.All |
+|[printTaskDefinition](../resources/printtaskdefinition.md) | Not supported. | Not supported. | PrintTaskDefinition.ReadWrite.All |
+|[security alert](../resources/alert.md) | SecurityEvents.ReadWrite.All | Not supported. | SecurityEvents.ReadWrite.All |
+|[teams](../resources/team.md) (/teams ΓÇô all teams in an organization) | Not supported. | Not supported. | Team.ReadBasic.All, TeamSettings.Read.All |
+|[teams](../resources/team.md) (/teams/{id}) | Team.ReadBasic.All, TeamSettings.Read.All | Not supported. | Team.ReadBasic.All, TeamSettings.Read.All |
+|[todoTask](../resources/todotask.md) | Tasks.ReadWrite | Tasks.ReadWrite | Not supported. |
+|[baseTask](../resources/basetask.md) | Tasks.ReadWrite | Tasks.ReadWrite | Not supported. |
|[user](../resources/user.md) | User.Read.All | User.Read.All | User.Read.All | > **Note**: Permissions marked with * use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
On a personal OneDrive, you can subscribe to the root folder or any subfolder in
### contact, event, and message
-Additional limitations apply for subscriptions on Outlook items. The limitations apply to creating as well as managing (getting, updating, and deleting) subscriptions.
+You can subscribe to changes in Outlook **contact**, **event**, or **message** resources and optionally specify in the POST request payload whether to include encrypted resource data in notifications.
-- Delegated permission supports subscribing to items in folders in only the signed-in user's mailbox. For example, you cannot use the delegated permission Calendars.Read to subscribe to events in another userΓÇÖs mailbox.-- To subscribe to change notifications of Outlook contacts, events, or messages in _shared or delegated_ folders:
- - Use the corresponding application permission to subscribe to changes of items in a folder or mailbox of _any_ user in the tenant.
- - Do not use the Outlook sharing permissions (Contacts.Read.Shared, Calendars.Read.Shared, Mail.Read.Shared, and their read/write counterparts), as they do **not** support subscribing to change notifications on items in shared or delegated folders.
+### onlineMeetings, presence
-### presence
-
-**presence** subscriptions require [encryption](/graph/webhooks-with-resource-data). Subscription creation will fail if [encryptionCertificate](../resources/subscription.md) is not specified.
+**onlineMeetings** and **presence** subscriptions require [encryption](/graph/webhooks-with-resource-data) for notifications with resource data. Subscription creation will fail if [encryptionCertificate](../resources/subscription.md) and [encryptionCertificateId](../resources/subscription.md) are not specified if resource data is desired in notifications.
## HTTP request
For details about how errors are returned, see [Error responses][error-response]
## Example
-##### Request
+### Request
-Here is an example of the request.
+The following is an example of a request.
# [HTTP](#tab/http) <!-- {
DELETE https://graph.microsoft.com/beta/subscriptions/7f105c7d-2dc5-4530-97cd-4e
-##### Response
+### Response
-Here is an example of the response.
+The following is an example of the response.
<!-- { "blockType": "response" } -->
v1.0 Subscription Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/subscription-get.md
Depending on the resource and the permission type (delegated or application) req
|[group conversation](../resources/conversation.md) | Group.Read.All | Not supported | Not supported | |[list](../resources/list.md) | Sites.ReadWrite.All | Not supported | Sites.ReadWrite.All | |[message](../resources/message.md) | Mail.ReadBasic, Mail.Read | Mail.ReadBasic, Mail.Read | Mail.ReadBasic, Mail.Read |
+|[online meeting](../resources/onlinemeeting.md) | Not supported | Not supported | OnlineMeetings.Read.All, OnlineMeetings.ReadWrite.All |
|[presence](../resources/presence.md) | Presence.Read.All | Not supported | Not supported | |[printer](../resources/printer.md) | Not supported | Not supported | Printer.Read.All, Printer.ReadWrite.All | |[printTaskDefinition](../resources/printtaskdefinition.md) | Not supported | Not supported | PrintTaskDefinition.ReadWrite.All |
On a personal OneDrive, you can subscribe to the root folder or any subfolder in
### contact, event, and message
-Additional limitations apply for subscriptions on Outlook items. The limitations apply to creating as well as managing (getting, updating, and deleting) subscriptions.
+You can subscribe to changes in Outlook **contact**, **event**, or **message** resources and optionally specify in the POST request payload whether to include encrypted resource data in notifications.
-- Delegated permission supports subscribing to items in folders in only the signed-in user's mailbox. For example, you cannot use the delegated permission Calendars.Read to subscribe to events in another userΓÇÖs mailbox.-- To subscribe to change notifications of Outlook contacts, events, or messages in _shared or delegated_ folders:
- - Use the corresponding application permission to subscribe to changes of items in a folder or mailbox of _any_ user in the tenant.
- - Do not use the Outlook sharing permissions (Contacts.Read.Shared, Calendars.Read.Shared, Mail.Read.Shared, and their read/write counterparts), as they do **not** support subscribing to change notifications on items in shared or delegated folders.
+### onlineMeetings, presence
-### presence
-
-**presence** subscriptions require [encryption](/graph/webhooks-with-resource-data). Subscription creation will fail if [encryptionCertificate](../resources/subscription.md) is not specified.
+**onlineMeetings** and **presence** subscriptions require [encryption](/graph/webhooks-with-resource-data) for notifications with resource data. Subscription creation will fail if [encryptionCertificate](../resources/subscription.md) and [encryptionCertificateId](../resources/subscription.md) are not specified if resource data is desired in notifications.
## HTTP request
v1.0 Subscription List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/subscription-list.md
This API supports the following permission scopes; to learn more, including how
|[group conversation](../resources/conversation.md) | Group.Read.All, Subscription.Read.All | Not supported | Not supported | |[list](../resources/list.md) | Sites.ReadWrite.All, Subscription.Read.All | Not supported | Sites.ReadWrite.All | |[message](../resources/message.md) | Mail.ReadBasic, Mail.Read, Subscription.Read.All | Mail.ReadBasic, Mail.Read, Subscription.Read.All | Mail.ReadBasic, Mail.Read |
+|[online meeting](../resources/onlinemeeting.md) | Not supported | Not supported | OnlineMeetings.Read.All, OnlineMeetings.ReadWrite.All |
|[presence](../resources/presence.md) | Presence.Read.All, Subscription.Read.All | Not supported | Not supported | |[printer](../resources/printer.md) | Not supported | Not supported | Printer.Read.All, Printer.ReadWrite.All | |[printTaskDefinition](../resources/printtaskdefinition.md) | Not supported | Not supported | PrintTaskDefinition.ReadWrite.All |
v1.0 Subscription Post Subscriptions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/subscription-post-subscriptions.md
Subscribes a listener application to receive change notifications when the reque
See the table in the [Permissions](#permissions) section for the list of resources that support subscribing to change notifications.
+Some resources support the option to include encrypted resource data in change notifications. These resources include [chatMessage](../resources/chatmessage.md), [contact](../resources/contact.md), [event](../resources/event.md), [message](../resources/message.md), [onlineMeetings](../resources/onlinemeeting.md) and [presence](../resources/presence.md). For more information, see [Set up change notifications that include resource data](/graph/webhooks-with-resource-data) and [Change notifications for Outlook resources in Microsoft Graph](/graph/outlook-change-notification-overview).
+ ## Permissions Creating a subscription requires read permission to the resource. For example, to get change notifications on messages, your app needs the Mail.Read permission.
Depending on the resource and the permission type (delegated or application) req
|[group conversation](../resources/conversation.md) | Group.Read.All | Not supported | Not supported | |[list](../resources/list.md) | Sites.ReadWrite.All | Not supported | Sites.ReadWrite.All | |[message](../resources/message.md) | Mail.ReadBasic, Mail.Read | Mail.ReadBasic, Mail.Read | Mail.ReadBasic, Mail.Read |
+|[online meeting](../resources/onlinemeeting.md) | Not supported | Not supported | OnlineMeetings.Read.All, OnlineMeetings.ReadWrite.All |
|[presence](../resources/presence.md) | Presence.Read.All | Not supported | Not supported | |[printer](../resources/printer.md) | Not supported | Not supported | Printer.Read.All, Printer.ReadWrite.All | |[printTaskDefinition](../resources/printtaskdefinition.md) | Not supported | Not supported | PrintTaskDefinition.ReadWrite.All |
OneDrive for Business and SharePoint support sending your application notificati
### contact, event, and message
-Additional limitations apply for subscriptions on Outlook items. The limitations apply to creating as well as managing (getting, updating, and deleting) subscriptions.
--- Delegated permission supports subscribing to items in folders in only the signed-in user's mailbox. For example, you cannot use the delegated permission Calendars.Read to subscribe to events in another userΓÇÖs mailbox.-- To subscribe to change notifications of Outlook contacts, events, or messages in _shared or delegated_ folders:
+You can subscribe to changes in Outlook **contact**, **event**, or **message** resources and optionally specify in the POST request payload whether to include encrypted resource data in notifications.
- - Use the corresponding application permission to subscribe to changes of items in a folder or mailbox of _any_ user in the tenant.
- - Do not use the Outlook sharing permissions (Contacts.Read.Shared, Calendars.Read.Shared, Mail.Read.Shared, and their read/write counterparts), as they do **not** support subscribing to change notifications on items in shared or delegated folders.
-### presence
+### onlineMeetings, presence
-Subscriptions on **presence** require any resource data included in a change notification to be encrypted. Always specify the **encryptionCertificate** parameter when [creating a subscription](/graph/webhooks-with-resource-data#creating-a-subscription) to avoid failure. See more information about [setting up change notifications to include resource data](/graph/webhooks-with-resource-data).
+Subscriptions on **onlineMeetings** and **presence** require the **encryptionCertificate** and **encryptionCertificateId** property when [creating a subscription](/graph/webhooks-with-resource-data#creating-a-subscription) for notifications with encrypted resource data. For more information, see [setting up change notifications to include resource data](/graph/webhooks-with-resource-data).
## HTTP request
The following are valid values for the resource property.
|[Groups](../resources/group.md)|`groups`| |[List](../resources/list.md)|`sites/{site-id}/lists/{list-id}`| |[Mail](../resources/message.md)|`me/mailfolders('inbox')/messages`, `me/messages`|
+|[OnlineMeetings](../resources/onlinemeeting.md)|`/communications/onlineMeetings/?$filter=JoinWebUrl eq '{WebJoinUrl}'`|
|[Presence](../resources/presence.md)| `/communications/presences/{id}` (single user), `/communications/presences?$filter=id in ('{id}','{id}',…)` (multiple users)| |[printer](../resources/printer.md) |`print/printers/{id}/jobs`| |[PrintTaskDefinition](../resources/printtaskdefinition.md)|`print/taskDefinitions/{id}/tasks`|
v1.0 Subscription Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/subscription-update.md
Depending on the resource and the permission type (delegated or application) req
|[group conversation](../resources/conversation.md) | Group.Read.All | Not supported | Not supported | |[list](../resources/list.md) | Sites.ReadWrite.All | Not supported | Sites.ReadWrite.All | |[message](../resources/message.md) | Mail.ReadBasic, Mail.Read | Mail.ReadBasic, Mail.Read | Mail.ReadBasic, Mail.Read |
+|[online meeting](../resources/onlinemeeting.md) | Not supported | Not supported | OnlineMeetings.Read.All, OnlineMeetings.ReadWrite.All |
|[presence](../resources/presence.md) | Presence.Read.All | Not supported | Not supported | |[printer](../resources/printer.md) | Not supported | Not supported | Printer.Read.All, Printer.ReadWrite.All | |[printTaskDefinition](../resources/printtaskdefinition.md) | Not supported | Not supported | PrintTaskDefinition.ReadWrite.All |
On a personal OneDrive, you can subscribe to the root folder or any subfolder in
### contact, event, and message
-Additional limitations apply for subscriptions on Outlook items. The limitations apply to creating as well as managing (getting, updating, and deleting) subscriptions.
+You can subscribe to changes in Outlook **contact**, **event**, or **message** resources and optionally specify in the POST request payload whether to include encrypted resource data in notifications.
-- Delegated permission supports subscribing to items in folders in only the signed-in user's mailbox. For example, you cannot use the delegated permission Calendars.Read to subscribe to events in another userΓÇÖs mailbox.-- To subscribe to change notifications of Outlook contacts, events, or messages in _shared or delegated_ folders:
- - Use the corresponding application permission to subscribe to changes of items in a folder or mailbox of _any_ user in the tenant.
- - Do not use the Outlook sharing permissions (Contacts.Read.Shared, Calendars.Read.Shared, Mail.Read.Shared, and their read/write counterparts), as they do **not** support subscribing to change notifications on items in shared or delegated folders.
+### onlineMeetings, presence
-### presence
-
-**presence** subscriptions require [encryption](/graph/webhooks-with-resource-data). Subscription creation will fail if [encryptionCertificate](../resources/subscription.md) is not specified.
+**onlineMeetings** and **presence** subscriptions require [encryption](/graph/webhooks-with-resource-data) for notifications with resource data. Subscription creation will fail if [encryptionCertificate](../resources/subscription.md) and [encryptionCertificateId](../resources/subscription.md) are not specified if resource data is desired in notifications.
## HTTP request
v1.0 Tasklist Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tasklist-update.md
Content-Type: application/json
Content-length: 82 {
+ "@odata.type": "#microsoft.graph.taskList",
"displayName": "Travel Plan" } ```
v1.0 Tasks Post Lists https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tasks-post-lists.md
POST https://graph.microsoft.com/beta/me/tasks/lists
Content-Type: application/json {
+ "@odata.type": "#microsoft.graph.taskList",
"displayName": "Shopping list" } ```
v1.0 Team Delete Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-delete-installedapps.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Application | TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
> **Note**: Permissions marked with ** are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.
v1.0 Team List Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-list-installedapps.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
+|Delegated (work or school account) | TeamsAppInstallation.ReadForTeam, TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.Read.Group*, TeamsAppInstallation.ReadForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
+|Application | TeamsAppInstallation.Read.Group*, TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
[!INCLUDE [teamwork-permissions-note](../../../includes/teamwork-permissions-note.md)]
v1.0 Team Post Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-post-installedapps.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Application | TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
> **Note**: Permissions marked with ** are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.
v1.0 Team Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-post-members.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Add a new [conversationMember](../resources/conversationmember.md) to a [team](../resources/team.md).
+Add a new [conversation member](../resources/conversationmember.md) to a [team](../resources/team.md).
## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type|Permissions (from least to most privileged)|
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application| TeamMember.ReadWrite.All |
+> [!NOTE]
+> Using application permissions to [add guest members](/microsoft-365/admin/add-users/about-guest-users?view=o365-worldwide&preserve-view=true) to a team is not supported.
+ ## HTTP request <!-- {
v1.0 Team Teamsappinstallation Upgrade https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-teamsappinstallation-upgrade.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Application | TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
> **Note**: Permissions marked with ** are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.
v1.0 Team Update Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-update-members.md
Namespace: microsoft.graph
Update the role of a [conversationMember](../resources/conversationmember.md) in a [team](../resources/team.md).
+> [!NOTE]
+> Team members with the role of `guest` cannot be given the role of `owner`.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Temporaryaccesspassauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/temporaryaccesspassauthenticationmethodconfiguration-delete.md
DELETE https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/aut
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Temporaryaccesspassauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/temporaryaccesspassauthenticationmethodconfiguration-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Tenantappmanagementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tenantappmanagementpolicy-update.md
Update the properties of a [tenantAppManagementPolicy](../resources/tenantAppMan
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
-| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Policy.ReadWrite.ApplicationConfiguration |
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
## HTTP request
PATCH /policies/defaultAppManagementPolicy
In the request body, supply the values for relevant fields from the [tenantAppManagementPolicy](../resources/tenantAppManagementPolicy.md) that should be updated. Existing properties that are not included in the request body will maintain their previous values. For best performance, do not include unchanged values in the request payload.
-| Property | Type | Description |
-|:|:-|:-|
-| displayName | String | The display name of the default policy. Inherited from [policyBase](../resources/policybase.md). |
-| description | String | The description of the default policy. Inherited from [policyBase](../resources/policybase.md). |
-| isEnabled | Boolean | Denotes if the policy is enabled. Default value is false. |
-| applicationRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all application objects in the tenant. |
-| servicePrincipalRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all service principal objects in the tenant. |
+| Property | Type | Description |
+| : | :-- | :-- |
+| applicationRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all application objects in the tenant. |
+| displayName | String | The display name of the default policy. Inherited from [policyBase](../resources/policybase.md). |
+| description | String | The description of the default policy. Inherited from [policyBase](../resources/policybase.md). |
+| isEnabled | Boolean | Denotes if the policy is enabled. Default value is false. |
+| servicePrincipalRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all service principal objects in the tenant. |
## Response
If successful, this method returns a `204 No Content` response code. It does not
The following is an example of the request. -- # [HTTP](#tab/http)+ <!-- { "blockType": "request", "name": "update_tenantAppManagementPolicy"
Content-Type: application/json
{ "restrictionType": "passwordAddition", "maxLifetime": null,
- "restrictForAppsCreatedAfterDateTime": "2021-04-01T10:37:00Z"
+ "restrictForAppsCreatedAfterDateTime": "2021-01-01T10:37:00Z"
}, { "restrictionType": "passwordLifetime", "maxLifetime": "P4DT12H30M5S",
- "restrictForAppsCreatedAfterDateTime": "2019-01-01T10:37:00Z"
+ "restrictForAppsCreatedAfterDateTime": "2017-01-01T10:37:00Z"
}, { "restrictionType": "symmetricKeyAddition", "maxLifetime": null,
- "restrictForAppsCreatedAfterDateTime": "2021-04-01T10:37:00Z"
+ "restrictForAppsCreatedAfterDateTime": "2021-01-01T10:37:00Z"
+ },
+ {
+ "restrictionType": "customPasswordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
}, { "restrictionType": "symmetricKeyLifetime", "maxLifetime": "P40D",
- "restrictForAppsCreatedAfterDateTime": "2015-04-01T10:37:00Z"
+ "restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
} ], "keyCredentials":[
Content-Type: application/json
} } ```+ # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/update-tenantappmanagementpolicy-csharp-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sample-code](../includes/snippets/javascript/update-tenantappmanagementpolicy-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Objective-C](#tab/objc) [!INCLUDE [sample-code](../includes/snippets/objc/update-tenantappmanagementpolicy-objc-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sample-code](../includes/snippets/go/update-tenantappmanagementpolicy-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sample-code](../includes/snippets/powershell/update-tenantappmanagementpolicy-powershell-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] - ### Response The following is an example of the response.
v1.0 Termsofusecontainer List Agreements https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/termsofusecontainer-list-agreements.md
When calling on behalf of a user, the user needs to belong to one of the followi
```http GET /identityGovernance/termsOfUse/agreements ```
-<!--
++ ## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
>
+This method supports the `$select`, `$filter`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response.
## Request headers | Name | Type | Description |
GET https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements
[!INCLUDE [sample-code](../includes/snippets/go/get-agreements-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "displayName": "displayName-value",
- "isViewingBeforeAcceptanceRequired": true,
- "id": "id-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#agreements",
+ "value": [
+ {
+ "id": "0ec9f6a6-159d-4dd8-a563-1f0b5935e80b",
+ "displayName": "All users terms of use",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": "P90D",
+ "isViewingBeforeAcceptanceRequired": false,
+ "isPerDeviceAcceptanceRequired": false
+ },
+ {
+ "id": "920f5775-d5d7-454b-861f-14685bb24e2c",
+ "displayName": "ToU",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": "P90D",
+ "isViewingBeforeAcceptanceRequired": false,
+ "isPerDeviceAcceptanceRequired": false
+ },
+ {
+ "id": "94410bbf-3d3e-4683-8149-f034e55c39dd",
+ "displayName": "Contoso ToU for guest users",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": null,
+ "isViewingBeforeAcceptanceRequired": true,
+ "isPerDeviceAcceptanceRequired": false
+ }
+ ]
} ```
v1.0 Termsofusecontainer Post Agreements https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/termsofusecontainer-post-agreements.md
POST https://graph.microsoft.com/beta/identityGovernance/termsOfUse/agreements
Content-type: application/json {
- "displayName": "MSGraph Sample",
+ "displayName": "Contoso ToU for guest users",
"isViewingBeforeAcceptanceRequired": true, "files": [ {
Content-type: application/json
"language": "en", "isDefault": true, "fileData": {
- "data": "SGVsbG8gd29ybGQ="
+ "data": "SGVsbG8gd29ybGQ=//truncated-binary"
} } ]
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/create-agreement-from-agreements-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
HTTP/1.1 201 Created
Content-type: application/json {
- "displayName": "MSGraph Sample",
- "isViewingBeforeAcceptanceRequired": true,
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#agreements/$entity",
+ "id": "94410bbf-3d3e-4683-8149-f034e55c39dd",
+ "displayName": "Contoso ToU for guest users",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": null,
+ "isViewingBeforeAcceptanceRequired": true,
+ "isPerDeviceAcceptanceRequired": false
} ```
v1.0 Termstore Group Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/termstore-group-get.md
Content-Type: application/json
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_group"
+ "name": "get_group_termstore"
} -->
Content-Type: application/json
GET https://graph.microsoft.com/beta/sites/microsoft.sharepoint.com,c6482504-4a85-4b21-858a-7e88dafc8232,d90ca07d-25c0-4ce7-864b-d68b607e697f/termStore/groups/1FFD3F87-9464-488A-A0EC-8FB90911182C?$select=*,parentSiteId ``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Objective-C](#tab/objc) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java)+
+# [Go](#tab/go)
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-Type: application/json
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_group"
+ "name": "get_group_termstore_sites"
} -->
Content-Type: application/json
GET https://graph.microsoft.com/beta/sites/microsoft.sharepoint.com,c6482504-4a85-4b21-858a-7e88dafc8232,d90ca07d-25c0-4ce7-864b-d68b607e697f/termStore/groups/1FFD3F87-9464-488A-A0EC-8FB90911182C ``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Objective-C](#tab/objc) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java)+
+# [Go](#tab/go)
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Termstore Set Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/termstore-set-get.md
GET https://graph.microsoft.com/beta/sites/microsoft.sharepoint.com,c6482504-4a8
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Termstore Term Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/termstore-term-get.md
GET https://graph.microsoft.com/beta/termStore/groups/1FFD3F87-9464-488A-A0EC-8F
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ #### Response
GET https://graph.microsoft.com/beta/sites/microsoft.sharepoint.com,c6482504-4a8
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Timeoff Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/timeoff-delete.md
Title: "Delete timeOff" description: "Delete a timeOff instance from a schedule."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Timeoff Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/timeoff-get.md
Title: "Get timeOff" description: "Get a timeOff by ID."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Timeoff Put https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/timeoff-put.md
Title: "Replace timeOff" description: "Replace an existing timeOff."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Timeoffreason Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/timeoffreason-get.md
Title: "Get timeOffReason" description: "Get a timeOffReason by ID."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Timeoffreason Put https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/timeoffreason-put.md
Title: "Replace timeOffReason" description: "Replace an existing timeOffReason."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Unifiedrbacresourceaction Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/unifiedrbacresourceaction-get.md
+
+ Title: "Get unifiedRbacResourceAction"
+description: "Read the properties and relationships of an unifiedRbacResourceAction object."
+
+ms.localizationpriority: medium
++
+# Get unifiedRbacResourceAction
+Namespace: microsoft.graph
++
+Read the properties and relationships of an [unifiedRbacResourceAction](../resources/unifiedrbacresourceaction.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespaceId}/resourceActions/{unifiedRbacResourceActionId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [unifiedRbacResourceAction](../resources/unifiedrbacresourceaction.md) object in the response body.
+
+## Examples
+
+The following example gets the action with the identifier `microsoft.directory-accessReviews-allProperties-read-get` for the resource namespace with the identifier of `microsoft.directory`.
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_unifiedrbacresourceaction"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/roleManagement/directory/resourceNamespaces/microsoft.directory/resourceActions/microsoft.directory-accessReviews-allProperties-read-get
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedRbacResourceAction"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#roleManagement/directory/resourceNamespaces('microsoft.directory')/resourceActions/$entity",
+ "actionVerb": "GET",
+ "description": "Read all properties of access reviews",
+ "id": "microsoft.directory-accessReviews-allProperties-read-get",
+ "name": "microsoft.directory/accessReviews/allProperties/read",
+ "resourceScopeId": null
+}
+```
v1.0 Unifiedrbacresourcenamespace Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/unifiedrbacresourcenamespace-get.md
+
+ Title: "Get unifiedRbacResourceNamespace"
+description: "Read the properties and relationships of an unifiedRbacResourceNamespace object."
+
+ms.localizationpriority: medium
++
+# Get unifiedRbacResourceNamespace
+Namespace: microsoft.graph
++
+Read the properties and relationships of an [unifiedRbacResourceNamespace](../resources/unifiedrbacresourcenamespace.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespaceId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [unifiedRbacResourceNamespace](../resources/unifiedrbacresourcenamespace.md) object in the response body.
+
+## Examples
+
+The following example gets the resource namespace with the identifier of `microsoft.aad.b2c`.
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_unifiedrbacresourcenamespace"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/roleManagement/directory/resourceNamespaces/microsoft.aad.b2c
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedRbacResourceNamespace"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#roleManagement/directory/resourceNamespaces/$entity",
+ "id": "microsoft.aad.b2c",
+ "name": "microsoft.aad.b2c"
+}
+```
v1.0 Unifiedrbacresourcenamespace List Resourceactions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/unifiedrbacresourcenamespace-list-resourceactions.md
+
+ Title: "List resourceActions"
+description: "Get a list of the unifiedRbacResourceAction objects and their properties."
+
+ms.localizationpriority: medium
++
+# List resourceActions
+Namespace: microsoft.graph
++
+Get a list of the [unifiedRbacResourceAction](../resources/unifiedrbacresourceaction.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|RoleManagement.Read.Directory, RoleManagement.Read.All, RoleManagement.ReadWrite.Directory|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /roleManagement/directory/resourceNamespaces/{unifiedRbacResourceNamespaceId}/resourceActions
+```
+
+## Optional query parameters
+This method supports the `$filter`, `$select`, `$top`, and `$skipToken` OData query parameters to help customize the response. This method supports `$filter` (`eq`) for **actionVerb**, **description**, **id**, and **name** properties. This method returns a default page size of 100 **resourceActions** and supports `$top` and `$skipToken` for paging. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [unifiedRbacResourceAction](../resources/unifiedrbacresourceaction.md) objects in the response body.
+
+## Examples
+
+### Example 1: Get microsoft.directory actions
+
+The following example gets the actions for the resource namespace with the identifier of `microsoft.directory`.
+
+This method returns a maximum of 100 actions. If there are more actions, you can use `@odata.nextLink` to get the next set of actions.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_unifiedrbacresourceaction_directory"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/roleManagement/directory/resourceNamespaces/microsoft.directory/resourceActions
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+#### Response
+>**Note:** The response object shown here has been shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.unifiedRbacResourceAction)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#roleManagement/directory/resourceNamespaces('microsoft.directory')/resourceActions",
+ "@odata.nextLink": "https://graph.microsoft.com/beta/roleManagement/directory/resourceNamespaces/microsoft.directory/resourceActions?$skiptoken=bWljcm9z...",
+ "value": [
+ {
+ "actionVerb": null,
+ "description": "Create and delete access reviews, and read and update all properties of access reviews in Azure AD",
+ "id": "microsoft.directory-accessReviews-allProperties-allTasks",
+ "name": "microsoft.directory/accessReviews/allProperties/allTasks",
+ "resourceScopeId": null
+ },
+ {
+ "actionVerb": "GET",
+ "description": "Read all properties of access reviews",
+ "id": "microsoft.directory-accessReviews-allProperties-read-get",
+ "name": "microsoft.directory/accessReviews/allProperties/read",
+ "resourceScopeId": null
+ },
+ {
+ "actionVerb": null,
+ "description": "Manage access reviews of application role assignments in Azure AD",
+ "id": "microsoft.directory-accessReviews-definitions.applications-allProperties-allTasks",
+ "name": "microsoft.directory/accessReviews/definitions.applications/allProperties/allTasks",
+ "resourceScopeId": null
+ }
+ ]
+}
+```
+
+### Example 2: Get microsoft.insights actions
+
+The following example gets the actions for the resource namespace with the identifier of `microsoft.insights`.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_unifiedrbacresourceaction_insights"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/roleManagement/directory/resourceNamespaces/microsoft.insights/resourceActions
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+#### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.unifiedRbacResourceAction)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#roleManagement/directory/resourceNamespaces('microsoft.insights')/resourceActions",
+ "value": [
+ {
+ "actionVerb": null,
+ "description": "Manage all aspects of Insights app",
+ "id": "microsoft.insights-allEntities-allProperties-allTasks",
+ "name": "microsoft.insights/allEntities/allProperties/allTasks",
+ "resourceScopeId": null
+ },
+ {
+ "actionVerb": null,
+ "description": "Read all aspects of Viva Insights",
+ "id": "microsoft.insights-allEntities-allProperties-read",
+ "name": "microsoft.insights/allEntities/allProperties/read",
+ "resourceScopeId": null
+ },
+ {
+ "actionVerb": "PATCH",
+ "description": "Deploy and manage programs in Insights app",
+ "id": "microsoft.insights-programs-allProperties-update-patch",
+ "name": "microsoft.insights/programs/allProperties/update",
+ "resourceScopeId": null
+ },
+ {
+ "actionVerb": null,
+ "description": "Run and manage queries in Viva Insights",
+ "id": "microsoft.insights-queries-allProperties-allTasks",
+ "name": "microsoft.insights/queries/allProperties/allTasks",
+ "resourceScopeId": null
+ },
+ {
+ "actionVerb": "GET",
+ "description": "View reports and dashboard in Insights app",
+ "id": "microsoft.insights-reports-allProperties-read-get",
+ "name": "microsoft.insights/reports/allProperties/read",
+ "resourceScopeId": null
+ }
+ ]
+}
+```
v1.0 User Assignlicense https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-assignlicense.md
In the request body, provide a JSON object with the following parameters.
If successful, this method returns `200 OK` response code and an updated [user](../resources/user.md) object in the response body.
-## Example
-Add licenses to the user.
-##### Request
+## Examples
+
+### Example 1: Assign licenses to the signed-in user
+
+#### Request
# [HTTP](#tab/http) <!-- {
POST https://graph.microsoft.com/beta/me/assignLicense
Content-type: application/json {
- "addLicenses": [
- {
- "disabledPlans": [ "11b0131d-43c8-4bbb-b2c8-e80f9a50834a" ],
- "skuId": "skuId-value-1"
- },
- {
- "disabledPlans": [ "a571ebcc-fqe0-4ca2-8c8c-7a284fd6c235" ],
- "skuId": "skuId-value-2"
- }
- ],
- "removeLicenses": []
+ "addLicenses": [
+ {
+ "disabledPlans": [
+ "8a256a2b-b617-496d-b51b-e76466e88db0"
+ ],
+ "skuId": "84a661c4-e949-4bd2-a560-ed7766fcaf2b"
+ },
+ {
+ "disabledPlans": [],
+ "skuId": "f30db892-07e9-47e9-837c-80727f46fd3d"
+ }
+ ],
+ "removeLicenses": []
} ``` # [C#](#tab/csharp)
Content-type: application/json
-## Example
-Remove licenses from the user.
+#### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.user"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "accountEnabled": true,
+ "assignedLicenses": [
+ {
+ "disabledPlans": [
+ "8a256a2b-b617-496d-b51b-e76466e88db0"
+ ],
+ "skuId": "84a661c4-e949-4bd2-a560-ed7766fcaf2b"
+ },
+ {
+ "disabledPlans": [],
+ "skuId": "f30db892-07e9-47e9-837c-80727f46fd3d"
+ }
+ ],
+ "city": "Nairobi",
+ "companyName": "Contoso"
+}
+```
+
+### Example 2: Remove licenses from the signed-in user
-##### Request
+#### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "user_assignlicense_removelicenses"
+}-->
```http POST https://graph.microsoft.com/beta/me/assignLicense Content-type: application/json {
- "addLicenses": [],
- "removeLicenses": ["skuId-value-1", "skuId-value-2"]
+ "addLicenses": [],
+ "removeLicenses": [
+ "f30db892-07e9-47e9-837c-80727f46fd3d",
+ "84a661c4-e949-4bd2-a560-ed7766fcaf2b"
+ ]
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
-##### Response
-In both examples, the response is the updated user object. Note: The response object shown here might be shortened for readability.
+# [PowerShell](#tab/powershell)
++++
+#### Response
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-type: application/json
{ "accountEnabled": true,
- "assignedLicenses": [
- {
- "disabledPlans": [ "11b0131d-43c8-4bbb-b2c8-e80f9a50834a" ],
- "skuId": "skuId-value"
- }
- ],
- "assignedPlans": [
- {
- "assignedDateTime": "2016-10-19T10:37:00Z",
- "capabilityStatus": "capabilityStatus-value",
- "service": "service-value",
- "servicePlanId": "bea13e0c-3828-4daa-a392-28af7ff61a0f"
- }
- ],
- "businessPhones": [
- "businessPhones-value"
- ],
- "city": "city-value",
- "companyName": "companyName-value"
+ "assignedLicenses": [],
+ "city": "Nairobi",
+ "companyName": "Contoso"
} ```
v1.0 User Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-delete.md
If successful, this method returns `204 No Content` response code. It does not r
### Request
-Here is an example of the request.
+The following is an example of a request.
# [HTTP](#tab/http) <!-- {
DELETE https://graph.microsoft.com/beta/users/ba9a3254-9f18-4209-aeb3-9e42a35b5b
### Response
-Here is an example of the response.
+The following is an example of the response.
<!-- { "blockType": "response", "truncated": true
v1.0 User Get Transitivereports https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-get-transitivereports.md
GET https://graph.microsoft.com/beta/users/45b7d2e7-b882-4a80-ba97-10b7a63b8fa4/
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 User List Agreementacceptances https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-list-agreementacceptances.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Retrieve a list of a user's [agreementAcceptance](../resources/agreementacceptance.md) objects.
+Retrieve the signed-in user's [agreementAcceptance](../resources/agreementacceptance.md) objects.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http GET /me/agreementAcceptances+
+# where the id or userPrincipalName is the signed-in user's
+ GET /users/{id | userPrincipalName}/agreementAcceptances ``` <!--
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "agreementId": "agreementId-value",
- "userId": "userId-value",
- "agreementFileId": "agreementFileId-value",
- "recordedDateTime": "datetime-value",
- "userDisplayName": "userDisplayName-value",
- "userPrincipalName": "userPrincipalName-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#agreementAcceptances",
+ "value": [
+ {
+ "id": "94410bbf-3d3e-4683-8149-f034e55c39dd_d4bb5206-77bf-4d5c-96b4-cf7b0ed3be98",
+ "agreementId": "94410bbf-3d3e-4683-8149-f034e55c39dd",
+ "userId": "d4bb5206-77bf-4d5c-96b4-cf7b0ed3be98",
+ "deviceId": "00000000-0000-0000-0000-000000000000",
+ "deviceDisplayName": null,
+ "deviceOSType": null,
+ "deviceOSVersion": null,
+ "agreementFileId": "08033369-8972-42a3-8533-90bbd2757a01",
+ "userDisplayName": "Megan Bowen",
+ "userPrincipalName": "MeganB@M365x43961174.OnMicrosoft.com",
+ "userEmail": "MeganB@M365x43961174.OnMicrosoft.com",
+ "recordedDateTime": "2022-03-04T14:11:22.6658376Z",
+ "expirationDateTime": null,
+ "state": "accepted"
+ }
+ ]
} ```
v1.0 User List Licensedetails https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-list-licensedetails.md
Title: "List licenseDetails" description: "Retrieve a list of licenseDetails objects."-+ ms.localizationpriority: medium ms.prod: "users" doc_type: apiPageType
v1.0 User List Manager https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-list-manager.md
ConsistencyLevel: eventual
[!INCLUDE [sample-code](../includes/snippets/powershell/get-transitive-managers-powershell-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
v1.0 User Revokesigninsessions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-revokesigninsessions.md
This operation has no request content.
## Response
-If successful, this method returns a `204 No Content` response code.
+If successful, this method returns a `200 OK` response code.
>[!NOTE]
->This API has a [known issue](/graph/known-issues#revoke-sign-in-sessions-returns-wrong-HTTP-code). It returns a different HTTP response code.
+>This API has a [known issue](/graph/known-issues#revoke-sign-in-sessions-returns-wrong-http-code). It returns a different HTTP response code.
## Example The following example shows how to call this API.
-##### Request
+### Request
# [HTTP](#tab/http) <!-- {
- "blockType": "request",
+ "blockType": "ignored",
"name": "user_revokesigninsessionss" }--> ```http
POST https://graph.microsoft.com/beta/me/revokeSignInSessions
-##### Response
+### Response
<!-- { "blockType": "response", "truncated": true } --> ```http
-HTTP/1.1 204 No Content
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Edm.Boolean",
+ "value": true
+}
``` <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
v1.0 User Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-update.md
Because the **user** resource supports [extensions](/graph/extensibility-overvie
add, update, or delete your own app-specific data in custom properties of an extension in an existing **user** instance. > [!NOTE]
-> The follow properties cannot be updated by an app with only application permissions: **aboutMe**, **birthday**, **employeeHireDate**, **interests**, **mySite**, **pastProjects**, **preferredName**, **responsibilities**, **schools**, and **skills**.
+> - The following properties cannot be updated by an app with only application permissions: **aboutMe**, **birthday**, **employeeHireDate**, **interests**, **mySite**, **pastProjects**, **preferredName**, **responsibilities**, **schools**, and **skills**.
+> - To update the following properties, you must specify them in their own PATCH request, without including the other properties listed in the table above: **aboutMe**, **birthday**, **interests**, **mySite**, **pastProjects**, **preferredName**, **responsibilities**, **schools**, and **skills**.
## Response
v1.0 Virtualendpoint List Snapshots https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualendpoint-list-snapshots.md
+
+ Title: "List snapshots"
+description: "Get a list of cloudPcSnapshot objects and their properties."
+
+ms.localizationpriority: medium
++
+# List snapshots
+Namespace: microsoft.graph
++
+Get a list of [cloudPcSnapshot](../resources/cloudpcsnapshot.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CloudPC.Read.All, CloudPC.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|CloudPC.Read.All, CloudPC.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /deviceManagement/virtualEndpoint/snapshots
+```
+
+## Optional query parameters
+This method supports the `$filter` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [cloudPcSnapshot](../resources/cloudpcsnapshot.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of a request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_cloudpcsnapshot"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/snapshots
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.cloudPcSnapshot",
+ "isCollection": true
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.cloudPcSnapshot",
+ "cloudPcId": "662009bc-7732-4f6f-8726-25883518b33e",
+ "createdDateTime": "2021-08-23T09:28:32.8260335Z",
+ "lastRestoredDateTime": "2021-09-01T09:28:32.8260338Z",
+ "id": "A00009UV000_93aff428-61f2-467f-a879-1102af6fd4a8",
+ "status": "ready"
+ }
+ ]
+}
+```
+
v1.0 Virtualendpoint List Usersettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualendpoint-list-usersettings.md
Content-Type: application/json
"displayName": "Test1", "selfServiceEnabled": true, "localAdminEnabled": false,
+ "restorePointSetting": {
+ "frequencyInHours": 16,
+ "userRestoreEnabled": true
+ },
"lastModifiedDateTime": "2021-02-01T10:29:57Z", "createdDateTime": "2021-02-01T10:29:57Z" }
v1.0 Virtualendpoint Post Usersettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualendpoint-post-usersettings.md
The following table shows the properties that are required when you create the [
|displayName|String|The setting name as it appears in the UI. | |localAdminEnabled|Boolean|To turn on the local admin option, change this setting to `True`.ΓÇ» | |selfServiceEnabled|Boolean|To turn on the self service option, change this setting to `True`.ΓÇ»|
+|restorePointSetting|[cloudPcRestorePointSetting](../resources/cloudpcrestorepointsetting.md)|Defines how frequently a restore point is created (that is, a snapshot is taken) for users' provisioned Cloud PCs (default is 12 hours), and whether the user is allowed to restore their own Cloud PCs to a backup made at a specific point in time.|
|lastModifiedDateTime|DateTimeOffset|The last date and time the setting was modified. The Timestamp type represents the date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this:ΓÇ»'2014-01-01T00:00:00Z'.ΓÇ»| ## Response
Content-Type: application/json
"@odata.type": "#microsoft.graph.cloudPcUserSetting", "displayName": "Example", "selfServiceEnabled": false,
- "localAdminEnabled": true
+ "localAdminEnabled": true,
+ "restorePointSetting": {
+ "frequencyInHours": 16,
+ "userRestoreEnabled": true
+ }
} ``` # [C#](#tab/csharp)
Content-Type: application/json
"displayName": "Example", "selfServiceEnabled": false, "localAdminEnabled": true,
+ "restorePointSetting": {
+ "frequencyInHours": 16,
+ "userRestoreEnabled": true
+ },
"lastModifiedDateTime": "2021-02-01T10:29:57Z"ΓÇ» } ```
v1.0 Windowshelloforbusinessauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowshelloforbusinessauthenticationmethod-get.md
GET /me/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAu
GET /users/{id | userPrincipalName}/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAuthenticationMethodId} ```
+>**Note:** To read the **device** navigation property for another user, specify it in an `$expand` query as follows: `/users/{id}/authentication/windowsHelloForBusinessMethods/{id}?$expand=device`.
+ ## Optional query parameters Not supported.
v1.0 Windowsupdates Deploymentaudience Updateaudience https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/windowsupdates-deploymentaudience-updateaudience.md
Content-Type: application/json
{ "addMembers": [ {
- "@odata.type": "#microsoft.graph.windowsUpdates.updatableAsset",
+ "@odata.type": "#microsoft.graph.windowsUpdates.azureADDevice",
"id": "String (identifier)" } ], "removeMembers": [ {
- "@odata.type": "#microsoft.graph.windowsUpdates.updatableAsset",
+ "@odata.type": "#microsoft.graph.windowsUpdates.azureADDevice",
"id": "String (identifier)" } ], "addExclusions": [ {
- "@odata.type": "#microsoft.graph.windowsUpdates.updatableAsset",
+ "@odata.type": "#microsoft.graph.windowsUpdates.azureADDevice",
"id": "String (identifier)" } ], "removeExclusions": [ {
- "@odata.type": "#microsoft.graph.windowsUpdates.updatableAsset",
+ "@odata.type": "#microsoft.graph.windowsUpdates.azureADDevice",
"id": "String (identifier)" } ]
v1.0 X509certificateauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/x509certificateauthenticationmethodconfiguration-delete.md
Title: "Delete x509CertificateAuthenticationMethodConfiguration"
-description: "Delete a x509CertificateAuthenticationMethodConfiguration object and restores all the other properties to their default settings"
+description: "Delete the tenant-customized x509CertificateAuthenticationMethodConfiguration object and restore the default configuration."
ms.localizationpriority: medium ms.prod: "identity-and-sign-in"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Restore the [x509CertificateAuthenticationMethodConfiguration](../resources/x509certificateauthenticationmethodconfiguration.md) object to its default configuration.
+Delete the tenant-customized [x509CertificateAuthenticationMethodConfiguration](../resources/x509certificateauthenticationmethodconfiguration.md) object and restore the default configuration.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
DELETE https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/aut
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 X509certificateauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/x509certificateauthenticationmethodconfiguration-get.md
GET https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authen
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response+
+The following response object shows an x509CertificateAuthenticationMethodConfiguration with its default configuration.
>**Note:** The response object shown here might be shortened for readability. <!-- { "blockType": "response",
HTTP/1.1 200 OK
Content-Type: application/json {
- "@odata.type": "#microsoft.graph.x509CertificateAuthenticationMethodConfiguration",
- "id": "X509Certificate",
- "state": "disabled",
- "certificateUserBindings": [{
- "x509CertificateField": "PrincipalName",
- "userProperty": "onPremisesUserPrincipalName",
- "priority": 1
- },
- {
- "x509CertificateField": "RFC822Name",
- "userProperty": "userPrincipalName",
- "priority": 2
- }
- ],
- "authenticationModeConfiguration": {
- "x509CertificateAuthenticationDefaultMode": "x509CertificateSingleFactor",
- "rules": []
- },
- "includeTargets": [{
- "targetType": "group",
- "id": "all_users",
- "isRegistrationRequired": false
- }]
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#authenticationMethodConfigurations/$entity",
+ "@odata.type": "#microsoft.graph.x509CertificateAuthenticationMethodConfiguration",
+ "id": "X509Certificate",
+ "state": "disabled",
+ "certificateUserBindings": [
+ {
+ "x509CertificateField": "PrincipalName",
+ "userProperty": "onPremisesUserPrincipalName",
+ "priority": 1
+ },
+ {
+ "x509CertificateField": "RFC822Name",
+ "userProperty": "userPrincipalName",
+ "priority": 2
+ }
+ ],
+ "authenticationModeConfiguration": {
+ "x509CertificateAuthenticationDefaultMode": "x509CertificateSingleFactor",
+ "rules": []
+ },
+ "includeTargets@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations('X509Certificate')/microsoft.graph.x509CertificateAuthenticationMethodConfiguration/includeTargets",
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false
+ }
+ ]
} ```
v1.0 X509certificateauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/x509certificateauthenticationmethodconfiguration-update.md
If successful, this method returns a `204 No Content` response code and an updat
### Request
+The following is an example of an update request with the following settings:
+++ Enables the x509 certificate authentication method in the tenant.++ Configures only one user binding between the certificate **PrincipalName** and the Azure AD **onPremisesUserPrincipalName** properties.++ Defines multi-factor authentication as requirement.++ Configures the binding rules for the strong authentication method against the rule type.+ # [HTTP](#tab/http) <!-- { "blockType": "request",
PATCH https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/auth
Content-Type: application/json {
- "@odata.type": "#microsoft.graph.x509CertificateAuthenticationMethodConfiguration",
- "id": "X509Certificate",
- "state": "disabled",
- "certificateUserBindings": [{
- "x509CertificateField": "PrincipalName",
- "userProperty": "onPremisesUserPrincipalName",
- "priority": 1
- },
- {
- "x509CertificateField": "RFC822Name",
- "userProperty": "userPrincipalName",
- "priority": 2
- }
- ],
- "authenticationModeConfiguration": {
- "x509CertificateAuthenticationDefaultMode": "x509CertificateSingleFactor",
- "rules": []
- },
- "includeTargets": [{
- "targetType": "group",
- "id": "all_users",
- "isRegistrationRequired": false
- }]
+ "@odata.type": "#microsoft.graph.x509CertificateAuthenticationMethodConfiguration",
+ "id": "X509Certificate",
+ "state": "enabled",
+ "certificateUserBindings": [
+ {
+ "x509CertificateField": "PrincipalName",
+ "userProperty": "onPremisesUserPrincipalName",
+ "priority": 1
+ }
+ ],
+ "authenticationModeConfiguration": {
+ "x509CertificateAuthenticationDefaultMode": "x509CertificateMultiFactor",
+ "rules": [
+ {
+ "x509CertificateRuleType": "issuerSubject",
+ "identifier": "CN=ContosoCA,DC=Contoso,DC=org ",
+ "x509CertificateAuthenticationMode": "x509CertificateMultiFactor"
+ },
+ {
+ "x509CertificateRuleType": "policyOID",
+ "identifier": "1.2.3.4",
+ "x509CertificateAuthenticationMode": "x509CertificateMultiFactor"
+ }
+ ]
+ },
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false
+ }
+ ]
} ``` # [JavaScript](#tab/javascript)
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response <!-- {
- "blockType": "response",
- "truncated": true
+ "blockType": "response"
} --> ``` http HTTP/1.1 204 No Content
-Content-Type: application/json
```
v1.0 Accesspackageassignmentpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentpolicy.md
To assign a user to an access package, [create an accessPackageAssignmentRequest
| Relationship | Type | Description | |:-|:|:| |accessPackage|[accessPackage](accesspackage.md)| The access package with this policy. Read-only. Nullable. Supports `$expand`.|
+|customExtensionHandlers|[customExtensionHandler](../resources/customextensionhandler.md) collection| The collection of stages when to execute one or more custom access package workflow extensions. Supports `$expand`.|
++ ## JSON representation
The following is a JSON representation of the resource.
```json {
- "id": "string",
- "accessPackageId": "string",
- "displayName": "string",
- "description": "string",
- "isDenyPolicy": false,
- "canExtend": false,
- "durationInDays": 365,
- "requestorSettings": {
- "scopeType": "string",
- "acceptRequests": true,
- "allowedRequestors": [{
- "@odata.type": "#microsoft.graph.userSet"
- }]
- },
- "requestApprovalSettings": {
- "isApprovalRequired": false,
- "isApprovalRequiredForExtension": false,
- "isRequestorJustificationRequired": false,
- "approvalMode": "string",
- "approvalStages": [{
- "approvalStageTimeOutInDays": 14,
- "isApproverJustificationRequired": true,
- "isEscalationEnabled": true,
- "escalationTimeInMinutes": 11520,
- "primaryApprovers": [{
- "@odata.type": "#microsoft.graph.userSet"
- }],
- "escalationApprovers": [{
- "@odata.type": "#microsoft.graph.userSet"
- }]
- }]
- },
- "accessReviewSettings": null,
- "questions": [{
- "@odata.type": "#microsoft.graph.question"
- }]
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentPolicy",
+ "id": "String (identifier)",
+ "accessPackageId": "String",
+ "displayName": "String",
+ "description": "String",
+ "canExtend": "Boolean",
+ "durationInDays": "Integer",
+ "expirationDateTime": "String (timestamp)",
+ "createdBy": "String",
+ "createdDateTime": "String (timestamp)",
+ "modifiedBy": "String",
+ "modifiedDateTime": "String (timestamp)",
+ "questions": [
+ {
+ "@odata.type": "microsoft.graph.accessPackageMultipleChoiceQuestion"
+ }
+ ],
+ "requestorSettings": {
+ "@odata.type": "microsoft.graph.requestorSettings"
+ },
+ "requestApprovalSettings": {
+ "@odata.type": "microsoft.graph.approvalSettings"
+ },
+ "accessReviewSettings": {
+ "@odata.type": "microsoft.graph.assignmentReviewSettings"
+ }
} ```
v1.0 Accesspackageassignmentrequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentrequest.md
In [Azure AD Entitlement Management](entitlementmanagement-overview.md), an acce
|:-|:|:| |completedDate|DateTimeOffset|The date of the end of processing, either successful or failure, of a request. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.| |createdDateTime|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.|
+|customExtensionHandlerInstances|[customExtensionHandlerInstance](../resources/customextensionhandlerinstance.md) collection| A collection of [custom workflow extension](customaccesspackageworkflowextension.md) instances being run on an assignment request. Read-only. |
|id|String| Read-only.| |isValidationOnly|Boolean|True if the request is not to be processed for assignment.| |justification|String|The requestor's supplied justification.|
In [Azure AD Entitlement Management](entitlementmanagement-overview.md), an acce
## JSON representation + The following is a JSON representation of the resource. <!-- {
The following is a JSON representation of the resource.
```json {
- "createdDateTime": "string",
- "completedDate": "string",
- "id": "string",
- "requestType": "string",
- "requestState": "string",
- "requestStatus": "string",
- "isValidationOnly": false,
- "justification": "string",
- "answers": [{
- "@odata.type": "#microsoft.graph.accessPackageAnswerString",
- "value": "string",
- "answeredQuestion": {
- "id": "string",
- "text": {
- "defaultText": "string",
- "localizedTexts": [{
- "text": "string",
- "languageCode": "string"
- }]
- },
- "isRequired": true,
- "@odata.type": "#microsoft.graph.accessPackageTextInputQuestion",
- "isSingleLineQuestion": true
- }
- }]
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentRequest",
+ "id": "String (identifier)",
+ "requestType": "String",
+ "requestState": "String",
+ "requestStatus": "String",
+ "isValidationOnly": "Boolean",
+ "createdDateTime": "String (timestamp)",
+ "completedDate": "String (timestamp)",
+ "expirationDateTime": "String (timestamp)",
+ "justification": "String",
+ "schedule": {
+ "@odata.type": "microsoft.graph.requestSchedule"
+ },
+ "answers": [
+ {
+ "@odata.type": "microsoft.graph.accessPackageAnswerString"
+ }
+ ],
+ "customExtensionHandlerInstances": [
+ {
+ "@odata.type": "microsoft.graph.customExtensionHandlerInstance"
+ }
+ ]
} ```
v1.0 Accesspackagecatalog https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackagecatalog.md
Namespace: microsoft.graph
In [Azure AD entitlement management](entitlementmanagement-overview.md), an access package catalog is a container for zero or more access packages. An access package catalog might also have linked resources that are used in those access packages to provide access. To view or change the membership of catalog-scoped roles, use the [role assignments](unifiedroleassignment.md) API with the entitlement management RBAC provider. - ## Methods | Method | Return Type | Description |
In [Azure AD entitlement management](entitlementmanagement-overview.md), an acce
| [Get accessPackageCatalog](../api/accesspackagecatalog-get.md) | [accessPackageCatalog](accesspackagecatalog.md) | Read properties and relationships of an accessPackageCatalog object. | | [Update accessPackageCatalog](../api/accesspackagecatalog-update.md)|None | Update the properties of an accessPackageCatalog object. | | [Delete accessPackageCatalog](../api/accesspackagecatalog-delete.md) | | Delete accessPackageCatalog. |
+| **Access package resources**| | |
| [List accessPackageCatalog resources](../api/accesspackagecatalog-list-accesspackageresources.md) | [accessPackageResource](accesspackageresource.md) collection | Retrieve a list of accessPackageResource objects in a catalog. |
+| **Access package resource roles**| | |
| [List accessPackageCatalog resource roles](../api/accesspackagecatalog-list-accesspackageresourceroles.md) | [accessPackageResourceRole](accesspackageresourcerole.md) collection | Retrieve a list of accessPackageResourceRole objects for resources in a catalog. |
+| **Custom access package package workflow extensions**| | |
+|[List customAccessPackageWorkflowExtensions](../api/accesspackagecatalog-list-customaccesspackageworkflowextensions.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) collection|Get a list of the [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) objects and their properties.|
+|[Create customAccessPackageWorkflowExtensions](../api/accesspackagecatalog-post-customaccesspackageworkflowextensions.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md)|Create a new [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.|
+|[Get customAccessPackageWorkflowExtension](../api/customaccesspackageworkflowextension-get.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md)|Read the properties and relationships of a [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.|
+|[Update customAccessPackageWorkflowExtension](../api/customaccesspackageworkflowextension-update.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md)|Update the properties of a [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.|
+|[Delete customAccessPackageWorkflowExtension](../api/customaccesspackageworkflowextension-delete.md)|None|Deletes a [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.|
## Properties
In [Azure AD entitlement management](entitlementmanagement-overview.md), an acce
|:-|:|:| |accessPackages|[accessPackage](accesspackage.md) collection| The access packages in this catalog. Read-only. Nullable. Supports `$expand`.| |accessPackageResources|[accessPackageResource](accesspackageresource.md) collection| Read-only. Nullable.|
+|accessPackageResourceRoles|[accessPackageResourceRole](accesspackageresourcerole.md) collection|The roles in each resource in a catalog. Read-only.|
+|accessPackageResourceScopes|[accessPackageResourceScope](accesspackageresourcescope.md) collection|Read-only.|
+|customAccessPackageWorkflowExtension|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) collection|The attributes of a logic app, which can be called at various stages of an access package request and assignment cycle. |
## JSON representation
v1.0 Accesspackageresource https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageresource.md
In [Azure AD Entitlement Management](entitlementmanagement-overview.md), an acce
| Property | Type | Description | |:-|:|:|
-|accessPackageResourceEnvironment|[accessPackageResourceEnvironment](../resources/accesspackageresourceenvironment.md)|Contains the environment information for the resource. This can be set using either the `@odata.bind` annotation or the environment's *originId*.|
|attributes|[accessPackageResourceAttribute](../resources/accesspackageresourceattribute.md) collection| Contains information about the attributes to be collected from the requestor and sent to the resource application. | |addedBy|String|The name of the user or application that first added this resource. Read-only.| |addedOn|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`|
In [Azure AD Entitlement Management](entitlementmanagement-overview.md), an acce
| Relationship | Type | Description | |:-|:|:|
-|accessPackageResourceEnvironment|[accessPackageResourceEnvironment](accesspackageresourceenvironment.md)| Nullable. Supports `$expand`.|
+|accessPackageResourceEnvironment|[accessPackageResourceEnvironment](../resources/accesspackageresourceenvironment.md)|Contains the environment information for the resource. This can be set using either the `@odata.bind` annotation or the environment's *originId*.Supports `$expand`.|
|accessPackageResourceRoles|[accessPackageResourceRole](accesspackageresourcerole.md) collection| Read-only. Nullable. Supports `$expand`.| |accessPackageResourceScopes|[accessPackageResourceScope](accesspackageresourcescope.md) collection| Read-only. Nullable. Supports `$expand`.|
v1.0 Accessreviewsv2 Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accessreviewsv2-overview.md
Typical customer scenarios for access reviews include:
- Customers can review and certify employee access to Azure AD resources. - Customers can review and audit assignments to Azure AD privileged roles. This supports organizations in the management of privileged access.
-Note that the access reviews feature, including the API, is included in Azure AD Premium P2. The tenant where an access review is being created must have a valid purchased or trial Azure AD Premium P2 or EMS E5 subscription.
+Note that the access reviews feature, including the API, is included in Azure AD Premium P2. The tenant where an access review is being created must have a valid purchased or trial Azure AD Premium P2 or EMS E5 subscription. For more information about the license requirements, see [Access reviews license requirements](/azure/active-directory/governance/access-reviews-overview#license-requirements).
## Methods
v1.0 Activateservice https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/activateservice.md
Represents a service to be activated.
| Property | Type | Description | | -- | | - | | service| String | The name of the service to activate. |
-| servicePlanId | GUID | The plan identifier of the service plan to activate. |
-| skuId | GUID | The SKU identifier of the service plan. |
+| servicePlanId | Guid | The plan identifier of the service plan to activate. |
+| skuId | Guid | The SKU identifier of the service plan. |
## JSON representation
Here is a JSON representation of the resource.
```json {
- "service": "string",
- "skuId": "guid",
- "servicePlanId": "guid"
+ "service": "String",
+ "skuId": "Guid",
+ "servicePlanId": "Guid"
} ```
v1.0 Addin https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/addin.md
Here is a JSON representation of the resource.
```json {
- "id": "guid",
+ "id": "GUID",
"properties": [{"@odata.type": "microsoft.graph.keyValue"}],
- "type": "string"
+ "type": "String"
} ```
v1.0 Administrativeunit https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/administrativeunit.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-An administrative unit provides a conceptual container for User and Group directory objects. Using administrative units, a company administrator can now delegate administrative responsibilities to manage the users and groups contained within or scoped to an administrative unit to a regional or departmental administrator.
+An administrative unit provides a conceptual container for user, group, and device directory objects. Using administrative units, a company administrator can now delegate administrative responsibilities to manage the users, groups, and devices contained within or scoped to an administrative unit to a regional or departmental administrator.
This resource supports using [delta query](/graph/delta-query-overview) to track incremental additions, deletions, and updates, by providing a [delta](../api/administrativeunit-delta.md) function. This resource is an open type that allows other properties to be passed in.
This topic provides descriptions of the declared properties and navigation prope
| Method | Return Type | Description | |:|:--|:-|
-|[Create](../api/administrativeunit-post-administrativeunits.md) | [administrativeUnit](administrativeunit.md) | Create a new administrative unit.|
-|[List](../api/administrativeunit-list.md) | [administrativeUnit](administrativeunit.md) collection |List properties of all administrativeUnits.|
+|[Create](../api/directory-post-administrativeunits.md) | [administrativeUnit](administrativeunit.md) | Create a new administrative unit.|
+|[List](../api/directory-list-administrativeunits.md) | [administrativeUnit](administrativeunit.md) collection |List properties of all administrativeUnits.|
|[Get](../api/administrativeunit-get.md) | [administrativeUnit](administrativeunit.md) |Read properties and relationships of a specific administrativeUnit object.| |[Update](../api/administrativeunit-update.md) | [administrativeUnit](administrativeunit.md) |Update administrativeUnit object. | |[Delete](../api/administrativeunit-delete.md) | None |Delete administrativeUnit object. | |[Get delta](../api/administrativeunit-delta.md)|[administrativeUnit](administrativeunit.md)|Get newly created, updated, or deleted **administrativeUnits** without having to perform a full read of the entire resource collection.|
-|[Add a member](../api/administrativeunit-post-members.md) |[directoryObject](directoryobject.md)| Add a member (user or group).|
-|[List members](../api/administrativeunit-list-members.md) |[directoryObject](directoryobject.md) collection| Get the list of (user and group) members.|
+|[Add a member](../api/administrativeunit-post-members.md) |[directoryObject](directoryobject.md)| Add a member (user, group, or device).|
+|[List members](../api/administrativeunit-list-members.md) |[directoryObject](directoryobject.md) collection| Get the list of (user, group, and device) members.|
|[Get a member](../api/administrativeunit-get-members.md) |[directoryObject](directoryobject.md)| Get a specific member.| |[Remove a member](../api/administrativeunit-delete-members.md) |[directoryObject](directoryobject.md)| Remove a member.| |[Add scoped-role member](../api/administrativeunit-post-scopedrolemembers.md) |[scopedRoleMembership](scopedrolemembership.md)| Add a scoped-role member.|
This topic provides descriptions of the declared properties and navigation prope
| Property | Type |Description| |:|:--|:-|
-|description|string|An optional description for the administrative unit. Supports `$filter` (`eq`, `ne`, `in`, `startsWith`), `$search`.|
-|displayName|string|Display name for the administrative unit. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values), `$search`, and `$orderBy`.|
-|id|string|Unique identifier for the administrative unit. Read-only. Supports `$filter` (`eq`).|
-|visibility|string|Controls whether the administrative unit and its members are hidden or public. Can be set to `HiddenMembership` or `Public`. If not set, default behavior is `Public`. When set to `HiddenMembership`, only members of the administrative unit can list other members of the administrative unit.|
+|description|String|An optional description for the administrative unit. Supports `$filter` (`eq`, `ne`, `in`, `startsWith`), `$search`.|
+|displayName|String|Display name for the administrative unit. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values), `$search`, and `$orderBy`.|
+|id|String|Unique identifier for the administrative unit. Read-only. Supports `$filter` (`eq`).|
+|visibility|String|Controls whether the administrative unit and its members are hidden or public. Can be set to `HiddenMembership`. If not set (value is `null`), the default behavior is public. When set to `HiddenMembership`, only members of the administrative unit can list other members of the administrative unit.|
## Relationships | Relationship | Type |Description|
This topic provides descriptions of the declared properties and navigation prope
## JSON representation
-Here is a JSON representation of the resource.
+The following is a JSON representation of the resource.
<!-- { "blockType": "resource",
Here is a JSON representation of the resource.
```json {
- "description": "string",
- "displayName": "string",
- "id": "string (identifier)",
- "visibility": "string"
+ "description": "String",
+ "displayName": "String",
+ "id": "String (identifier)",
+ "visibility": "String"
} ```
v1.0 Agreement https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/agreement.md
Represents a tenant's customizable terms of use agreement that is created and ma
| Method | Return Type | Description | |:-|:|:|
-| [Create agreements](../api/termsofusecontainer-post-agreements.md) | [agreement](agreement.md) | Create a new agreement by posting to the agreement collection. |
-| [List agreements](../api/termsofusecontainer-list-agreements.md) | [agreement](agreement.md) collection | Get an agreement object collection. |
-| [Get agreement](../api/agreement-get.md) | [agreement](agreement.md) | Read properties and relationships of an agreement object. |
-| [Update agreement](../api/agreement-update.md) | [agreement](agreement.md) | Update an agreement object. |
-| [Delete agreement](../api/agreement-delete.md) | None | Delete an agreement object. |
-<!--
-| [Create agreementFile](../api/agreement-post-files.md) | [agreementFile](agreementfile.md) | Create a new agreementFile by posting to the files collection. |
-| [List files](../api/agreement-list-files.md) | [agreementFile](agreementfile.md) collection | Get an agreementFile object collection. |
>
+| [Create](../api/termsofusecontainer-post-agreements.md) | [agreement](agreement.md) | Create a new agreement by posting to the agreement collection. |
+| [List](../api/termsofusecontainer-list-agreements.md) | [agreement](agreement.md) collection | Get an agreement object collection. |
+| [Get](../api/agreement-get.md) | [agreement](agreement.md) | Read properties and relationships of an agreement object. |
+| [Update](../api/agreement-update.md) | None | Update an agreement object. |
+| [Delete](../api/agreement-delete.md) | None | Delete an agreement object. |
+|[List acceptances](../api/agreement-list-acceptances.md)|[agreementAcceptance](../resources/agreementacceptance.md) collection|Get the details about the acceptance records for a specific agreement.|
+|[List agreementAcceptances](../api/user-list-agreementacceptances.md)|[agreementAcceptance](../resources/agreementacceptance.md) collection|Get the agreement acceptances for the signed-in user.|
+|[Get agreementFile](../api/agreementfile-get.md)|[agreementFile](../resources/agreementfile.md) collection|Retrieve the details of the default file for an agreement, including the language and version information.|
+|[List files](../api/agreement-list-files.md)|[agreementFileLocalization](../resources/agreementfilelocalization.md) collection|Retrieve all localized files related to an agreement.|
+|[Create agreementFileLocalization](../api/agreement-post-files.md)|[agreementFileLocalization](../resources/agreementfilelocalization.md)|Create a new localized agreement file.|
+ ## Properties | Property | Type | Description | |:-|:|:|
-|displayName|String|Display name of the agreement. The display name is used for internal tracking of the agreement but is not shown to end users who view the agreement.|
-|id|String| Read-only.|
-|isPerDeviceAcceptanceRequired|Boolean|This setting enables you to require end users to accept this agreement on every device that they are accessing it from. The end user will be required to register their device in Azure AD, if they haven't already done so.|
-|isViewingBeforeAcceptanceRequired|Boolean|Indicates whether the user has to expand the agreement before accepting.|
-|termsExpiration|[termsExpiration](termsexpiration.md)| Expiration schedule and frequency of agreement for all users. |
+|displayName|String|Display name of the agreement. The display name is used for internal tracking of the agreement but is not shown to end users who view the agreement. Supports `$filter` (`eq`).|
+|id|String| Read-only. Supports `$filter` (`eq`).|
+|isPerDeviceAcceptanceRequired|Boolean|This setting enables you to require end users to accept this agreement on every device that they are accessing it from. The end user will be required to register their device in Azure AD, if they haven't already done so. Supports `$filter` (`eq`).|
+|isViewingBeforeAcceptanceRequired|Boolean|Indicates whether the user has to expand the agreement before accepting. Supports `$filter` (`eq`).|
+|termsExpiration|[termsExpiration](termsexpiration.md)| Expiration schedule and frequency of agreement for all users. Supports `$filter` (`eq`).|
|userReacceptRequiredFrequency|Duration|The duration after which the user must re-accept the terms of use. The value is represented in ISO 8601 format for durations.|
v1.0 Agreementacceptance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/agreementacceptance.md
Represents the current status of a user's response to a company's customizable t
|expirationDateTime|DateTimeOffset|The expiration date time of the acceptance. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`| |id|String| Read-only.| |recordedDateTime|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`|
-|state|string| Possible values are: `accepted`, `declined`.|
+|state|string| Possible values are: `accepted`, `declined`. Supports `$filter` (`eq`).|
|userDisplayName|String|Display name of the user when the acceptance was recorded.| |userEmail|String|Email of the user when the acceptance was recorded.| |userId|String|ID of the user who accepted the agreement.|
v1.0 Agreementfile https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/agreementfile.md
None.
## Properties | Property | Type | Description | |:-|:|:|
-|createdDateTime|DateTimeOffset|The date time representing when the file was created.The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Inherited from [agreementFileProperties](../resources/agreementfileproperties.md).|
+|createdDateTime|DateTimeOffset|The date time representing when the file was created.The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only. Inherited from [agreementFileProperties](../resources/agreementfileproperties.md).|
|displayName|String|Localized display name of the policy file of an agreement. The localized display name is shown to end users who view the agreement. Inherited from [agreementFileProperties](../resources/agreementfileproperties.md).| |fileData|[agreementFileData](agreementfiledata.md)|Data that represents the terms of use PDF document. Read-only. Inherited from [agreementFileProperties](../resources/agreementfileproperties.md).| |fileName|String|Name of the agreement file (for example, TOU.pdf). Read-only. Inherited from [agreementFileProperties](../resources/agreementfileproperties.md).|
v1.0 Agreementfiledata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/agreementfiledata.md
Namespace: microsoft.graph
Represents the blob of an Azure Active Directory (Azure AD) terms of use agreement file. ## Properties
-| Method | Return Type | Description |
+| Property | Type | Description |
|:-|:|:|
-|data|Binary|Data representing the terms of use PDF document. Read-only.|
+|data|Binary|Data that represents the terms of use PDF document. Read-only. <br/><br/>**Note:** You can use the .NET [Convert.ToBase64String](/dotnet/api/system.convert.tobase64string) method to convert your file to binary data for uploading using the [Create agreements](../api/termsofusecontainer-post-agreements.md) API. A sample syntax using this method in PowerShell is `[convert]::ToBase64String((Get-Content -path "your_file_path" -Encoding byte))`. |
## JSON representation
v1.0 Appidentity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/appidentity.md
Indicates the identity of the application that performed the action or was chang
## Properties | Property | Type |Description| |:|:--|:-|
-|appId|String|Refers to the Unique GUID representing Application Id in the Azure Active Directory.|
+|appId|String|Refers to the unique identifier representing Application Id in the Azure Active Directory.|
|displayName|String|Refers to the Application Name displayed in the Azure Portal.|
-|servicePrincipalId|String|Refers to the Unique GUID indicating Service Principal Id in Azure Active Directory for the corresponding App.|
+|servicePrincipalId|String|Refers to the unique identifier indicating Service Principal Id in Azure Active Directory for the corresponding App.|
|servicePrincipalName|String|Refers to the Service Principal Name is the Application name in the tenant. | ## JSON representation
v1.0 Application https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/application.md
This resource supports using [delta query](/graph/delta-query-overview) to track
|[Add key](../api/application-addkey.md)|[keyCredential](keycredential.md)|Add a key credential to an application.| |[Remove key](../api/application-removekey.md)|None|Remove a key credential from an application.| |**Extensions**| | |
-| [List extensions](../api/application-list-extensionproperty.md) | [extensionProperty](extensionProperty.md) collection | List extension properties on an application object. |
-| [Create extension](../api/application-post-extensionproperty.md) | [extensionProperty](extensionProperty.md) | Create an extension property on an application object. |
-| [Delete extension](../api/application-delete-extensionproperty.md) | None | Delete an extension property from an application object. |
+| [List extensionProperties](../api/application-list-extensionproperty.md) | [extensionProperty](extensionProperty.md) collection | List extension properties on an application object. |
+| [Create extensionProperties](../api/application-post-extensionproperty.md) | [extensionProperty](extensionProperty.md) | Create an extension property on an application object. |
+| [Get extensionProperty](../api/extensionproperty-delete.md) | None | Get an extension property from an application object. |
+| [Delete extensionProperty](../api/extensionproperty-delete.md) | None | Delete an extension property from an application object. |
|**Federated identity credentials**| | | | [List federatedIdentityCredential](../api/application-list-federatedidentitycredentials.md) | [federatedIdentityCredential](../resources/federatedidentitycredential.md) collection | List federated identity credentials on an application object. | | [Create federatedIdentityCredential](../api/application-post-federatedidentitycredentials.md) | [federatedIdentityCredential](../resources/federatedidentitycredential.md) | Create a federated identity credential on an application object. |
This resource supports using [delta query](/graph/delta-query-overview) to track
| verifiedPublisher | [verifiedPublisher](verifiedPublisher.md) | Specifies the verified publisher of the application. For more information about how publisher verification helps support application security, trustworthiness, and compliance, see [Publisher verification](/azure/active-directory/develop/publisher-verification-overview).| | uniqueName | String | The unique identifier that can be assigned to an application as an alternative identifier. Immutable. Read-only. | | web |[webApplication](webapplication.md)| Specifies settings for a web application. |
+| windows |[windowsApplication](windowsapplication.md)| Specifies settings for apps running Microsoft Windows and published in the Microsoft Store or Xbox games store.|
### signInAudience values
The following is a JSON representation of the resource.
"tokenEncryptionKeyId": "String", "uniqueName": "String", "verifiedPublisher": {"@odata.type": "microsoft.graph.verifiedPublisher"},
- "web": {"@odata.type": "microsoft.graph.webApplication"}
+ "web": {"@odata.type": "microsoft.graph.webApplication"},
+ "windows": {"@odata.type": "microsoft.graph.windowsApplication"}
} ```
v1.0 Applicationauthenticationmethodpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/applicationauthenticationmethodpolicy.md
When both the tenant default policy and an app management policy exist, the app
The application authentication methods policy API offers the following restrictions:
-| Restriction name | Description | Examples |
-| : | :- | :- |
-| passwordAddition | Restrict password secrets on applications altogether. | Block new passwords on applications created on or after '01/01/2019'. |
-| passwordLifetime | Enforce a max lifetime range for a password secret. | Restrict all new password secrets to a maximum of 30 days for applications created after 01/01/2015. |
-| symmetricKeyAddition | Restrict symmetric keys on applications. | Block new symmetric keys on applications created on or after 01/01/2019. |
-| symmetricKeyLifetime | Enforce a max lifetime range for a symmetric key. | Restrict all new symmetric keys to a maximum of 30 days for applications created after 01/01/2019. |
-| asymmetricKeyLifetime | Enforce a max lifetime range for an asymmetric key (certificate). | Restrict all new asymmetric key secrets to a maximum of 30 days for applications created after 01/01/2019. |
+| Restriction name | Description | Examples |
+| : | : | :- |
+| passwordAddition | Restrict password secrets on applications altogether. | Block new passwords on applications created on or after '01/01/2019'. |
+| passwordLifetime | Enforce a max lifetime range for a password secret. | Restrict all new password secrets to a maximum of 30 days for applications created after 01/01/2015. |
+| customPasswordAddition | Restrict a custom password secret on application or service principal. | Restrict all new custom (non-Azure AD generated) password secrets on applications created after 01/01/2015. |
+| symmetricKeyAddition | Restrict symmetric keys on applications. | Block new symmetric keys on applications created on or after 01/01/2019. |
+| symmetricKeyLifetime | Enforce a max lifetime range for a symmetric key. | Restrict all new symmetric keys to a maximum of 30 days for applications created after 01/01/2019. |
+| asymmetricKeyLifetime | Enforce a max lifetime range for an asymmetric key (certificate). | Restrict all new asymmetric key secrets to a maximum of 30 days for applications created after 01/01/2019. |
> [!Note] > All lifetime restrictions are expressed in ISO-8601 duration format (For example: P4DT12H30M5S).
+>
+> Applying the **customPasswordAddition** restriction will block any legacy PowerShell modules that add a client-generated password secret to applications or service principals. This restriction does not block Azure AD-generated application or service principal password secrets.
### Single vs multi-tenant apps
Depending on whether your app is a single tenant or multitenant app, you apply t
### Summary of key differences between the tenant default policy and app management policies
-| Tenant default policy | App management policy |
-| | |
-| Policy always exists. | Policy objects can be created or updated to override default policy. |
-| Restrictions are disabled by default for app/SP. | Allows customization for single tenant or multi tenant(backing app in home tenant or provisioned apps). |
-| Allows only single restriction object definition for all resources.| Allows multiple policy objects to be defined, but only one can be applied to a resource. |
-|Allows distinction of restrictions for application objects vs. service principals. | Policy can be applied to either an application or service principal object. |
-| Applies all restrictions configured to all apps or service principals. | Applies only the restrictions configured in the resource policy to the specified app or service principal, and doesn't inherit from default policy. |
+| Tenant default policy | App management policy |
+| - | |
+| Policy always exists. | Policy objects can be created or updated to override default policy. |
+| Restrictions are disabled by default for app/SP. | Allows customization for single tenant or multi tenant(backing app in home tenant or provisioned apps). |
+| Allows only single restriction object definition for all resources. | Allows multiple policy objects to be defined, but only one can be applied to a resource. |
+| Allows distinction of restrictions for application objects vs. service principals. | Policy can be applied to either an application or service principal object. |
+| Applies all restrictions configured to all apps or service principals. | Applies only the restrictions configured in the resource policy to the specified app or service principal, and doesn't inherit from default policy. |
## Next steps
v1.0 Approle https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/approle.md
With [appRoleAssignments](approleassignment.md), app roles can be assigned to us
|allowedMemberTypes|String collection|Specifies whether this app role can be assigned to users and groups (by setting to `["User"]`), to other application's (by setting to `["Application"]`, or both (by setting to `["User", "Application"]`). App roles supporting assignment to other applications' service principals are also known as [application permissions](/graph/auth/auth-concepts#microsoft-graph-permissions). The "Application" value is only supported for app roles defined on **application** entities. | |description|String|The description for the app role. This is displayed when the app role is being assigned and, if the app role functions as an application permission, during consent experiences.| |displayName|String|Display name for the permission that appears in the app role assignment and consent experiences.|
-|id|Guid|Unique role identifier inside the **appRoles** collection. When creating a new app role, a new Guid identifier must be provided. |
+|id|Guid|Unique role identifier inside the **appRoles** collection. When creating a new app role, a new GUID identifier must be provided. |
|isEnabled|Boolean|When creating or updating an app role, this must be set to **true** (which is the default). To delete a role, this must first be set to **false**. At that point, in a subsequent call, this role may be removed.| |origin|String| Specifies if the app role is defined on the [application](application.md) object or on the [servicePrincipal](serviceprincipal.md) entity. Must _not_ be included in any POST or PATCH requests. Read-only. | |value|String|Specifies the value to include in the `roles` claim in ID tokens and access tokens authenticating an assigned user or service principal. Must not exceed 120 characters in length. Allowed characters are `:` `!` `#` `$` `%` `&` `'` `(` `)` `*` `+` `,` `-` `.` `/` `:` `;` <code>&lt;</code> `=` <code>&gt;</code> `?` `@` `[` `]` `^` `+` `_` <code>&#96;</code> `{` <code>&#124;</code> `}` `~`, as well as characters in the ranges `0-9`, `A-Z` and `a-z`. Any other character, including the space character, are not allowed. May not begin with `.`. |
The following is a JSON representation of the resource.
```json {
- "allowedMemberTypes": ["string"],
- "description": "string",
- "displayName": "string",
- "id": "guid",
+ "allowedMemberTypes": ["String"],
+ "description": "String",
+ "displayName": "String",
+ "id": "Guid",
"isEnabled": true,
- "origin": "string",
- "value": "string"
+ "origin": "String",
+ "value": "String"
} ```
v1.0 Approleassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/approleassignment.md
An app role assignment where the assigned principal is a service principal is an
| Property | Type | Description | |:|:--|:-|
-| id | String | A unique identifier for the **appRoleAssignment** Key. Not nullable. Read-only. |
-| creationTimestamp | DateTimeOffset | The time when the app role assignment was created.The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only. |
-| principalId | Guid | The unique identifier (**id**) for the [user](user.md), [group](group.md) or [service principal](serviceprincipal.md) being granted the app role. Required on create. |
-| principalType | String | The type of the assigned principal. This can either be `User`, `Group` or `ServicePrincipal`. Read-only. |
+| id | String | A unique identifier for the **appRoleAssignment** key. Not nullable. Read-only. |
+| creationTimestamp | DateTimeOffset | The time when the app role assignment was created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only. |
+| principalId | Guid | The unique identifier (**id**) for the [user](user.md), [group](group.md), or [service principal](serviceprincipal.md) being granted the app role. Required on create. |
+| principalType | String | The type of the assigned principal. This can either be `User`, `Group`, or `ServicePrincipal`. Read-only. |
| principalDisplayName | String |The display name of the user, group, or service principal that was granted the app role assignment. Read-only. Supports `$filter` (`eq` and `startswith`). | | resourceId | Guid |The unique identifier (**id**) for the resource [service principal](serviceprincipal.md) for which the assignment is made. Required on create. Supports `$filter` (`eq` only). | | resourceDisplayName | String | The display name of the resource app's service principal to which the assignment is made. |
Here is a JSON representation of the resource
```json {
- "id": "string",
+ "id": "String",
"creationTimestamp": "String (timestamp)",
- "principalDisplayName": "string",
- "principalId": "guid",
- "principalType": "string",
- "resourceDisplayName": "string",
- "resourceId": "guid",
- "appRoleId": "guid"
+ "principalDisplayName": "String",
+ "principalId": "Guid",
+ "principalType": "String",
+ "resourceDisplayName": "String",
+ "resourceId": "Guid",
+ "appRoleId": "Guid"
} ```
v1.0 Approvalstage https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/approvalstage.md
Used for the **approvalStages** property of approval settings in the **requestAp
| isApproverJustificationRequired |Boolean | Indicates whether the approver is required to provide a justification for approving a request. | | isEscalationEnabled |Boolean | If true, then one or more escalation approvers are configured in this approval stage. | | escalationTimeInMinutes |Int32 | If escalation is required, the time a request can be pending a response from a primary approver. |
-| primaryApprovers | [userSet](userset.md) collection| The users who will be asked to approve requests. A collection of [singleUser](singleuser.md), [groupMembers](groupmembers.md), [requestorManager](requestormanager.md), [internalSponsors](internalsponsors.md) and [externalSponsors](externalsponsors.md). |
-| escalationApprovers | [userSet](userset.md) collection| If escalation is enabled and the primary approvers do not respond before the escalation time, the escalationApprovers are the users who will be asked to approve requests. This can be a collection of [singleUser](singleuser.md), [groupMembers](groupmembers.md), [requestorManager](requestormanager.md), [internalSponsors](internalsponsors.md) and [externalSponsors](externalsponsors.md).|
+| primaryApprovers | [userSet](userset.md) collection| The users who will be asked to approve requests. A collection of [singleUser](singleuser.md), [groupMembers](groupmembers.md), [requestorManager](requestormanager.md), [internalSponsors](internalsponsors.md) and [externalSponsors](externalsponsors.md). When creating or updating a [policy](accesspackageassignmentpolicy.md), include at least one **userSet** in this collection. |
+| escalationApprovers | [userSet](userset.md) collection| If escalation is enabled and the primary approvers do not respond before the escalation time, the escalationApprovers are the users who will be asked to approve requests. This can be a collection of [singleUser](singleuser.md), [groupMembers](groupmembers.md), [requestorManager](requestormanager.md), [internalSponsors](internalsponsors.md) and [externalSponsors](externalsponsors.md). When creating or updating a [policy](accesspackageassignmentpolicy.md), if there are no escalation approvers, or escalation approvers are not required for the stage, the value of this property should be an empty collection.|
v1.0 Assignedlicense https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/assignedlicense.md
Here is a JSON representation of the resource
```json {
- "disabledPlans": ["guid"],
- "skuId": "guid"
+ "disabledPlans": ["Guid"],
+ "skuId": "Guid"
} ```
v1.0 Assignedplan https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/assignedplan.md
The **assignedPlans** property of both the [user](user.md) entity and the [organ
|:|:--|:-| |assignedDateTime|DateTimeOffset|The date and time at which the plan was assigned; for example: 2013-01-02T19:32:30Z. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`| |capabilityStatus|[capabilityStatus](#capabilitystatus-values)|Condition of the capability assignment. The possible values are `Enabled`, `Warning`, `Suspended`, `Deleted`, `LockedOut`.|
-|service|String|The name of the service; for example, ΓÇ£ExchangeΓÇ¥.|
-|servicePlanId|Guid|A GUID that identifies the service plan.|
+|service|String|The name of the service; for example, `exchange`.|
+|servicePlanId|Guid|A GUID that identifies the service plan. For a complete list of GUIDs and their equivalent friendly service names, see [Product names and service plan identifiers for licensing](/azure/active-directory/enterprise-users/licensing-service-plan-reference).|
### capabilityStatus values
Here is a JSON representation of the resource
```json { "assignedDateTime": "String (timestamp)",
- "capabilityStatus": "string",
- "service": "string",
- "servicePlanId": "guid"
+ "capabilityStatus": "String",
+ "service": "String",
+ "servicePlanId": "Guid"
} ```
v1.0 Authenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationmethodconfiguration.md
The following authentication methods are derived from the **authenticationMethod
+ [microsoftAuthenticatorAuthenticationMethodConfiguration](microsoftauthenticatorauthenticationmethodconfiguration.md) + [smsAuthenticationMethodConfiguration](smsauthenticationmethodconfiguration.md) + [temporaryAccessPassAuthenticationMethodConfiguration](smsauthenticationmethodconfiguration.md)++ [x509CertificateAuthenticationMethodConfiguration](x509certificateauthenticationmethodconfiguration.md) ## Properties |Property|Type|Description|
v1.0 Azureadtokenauthentication https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/azureadtokenauthentication.md
+
+ Title: "azureAdTokenAuthentication resource type"
+description: "Defines the Azure AD application used to authenticate with a custom access package workflow extension."
+
+ms.localizationpriority: medium
++
+# azureAdTokenAuthentication resource type
+
+Namespace: microsoft.graph
++
+Defines the Azure AD application used to authenticate a logic app with a [custom access package workflow extension](customaccesspackageworkflowextension.md). Only the app ID of the application is required. Derived from [customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md).
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|resourceId|String|The **appID** of the Azure AD application to use to authenticate a logic app with a custom access package workflow extension.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.azureAdTokenAuthentication",
+ "baseType": "microsoft.graph.customExtensionAuthenticationConfiguration"
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.azureAdTokenAuthentication",
+ "resourceId": "String"
+ }
+```
v1.0 Basetask https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/basetask.md
This is an abstract base type inherited by [task](task.md) resource.
## Properties |Property|Type|Description| |:|:|:|
-|body|[itemBody](../resources/itembody.md)|The task body that typically contains information about the task. |
+|textBody|String|The task body in text format that typically contains information about the task. |
|bodyLastModifiedDateTime|DateTimeOffset|The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. | |completedDateTime|DateTimeOffset|The date when the task was finished. | |createdDateTime|DateTimeOffset|The date and time when the task was created. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. |
This is an abstract base type inherited by [task](task.md) resource.
|id|String|Unique identifier for the task. By default, this value will not change if a task is moved from one list to another. | |importance|importance|The importance of the task. Possible values are: `low`, `normal`, `high`. The possible values are: `low`, `normal`, `high`.| |lastModifiedDateTime|DateTimeOffset|The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. |
-|personalProperties|[personalTaskProperties](../resources/personaltaskproperties.md)|Properties that are personal to a user such as reminderDateTime. |
+|viewpoint|[taskViewpoint](../resources/taskviewpoint.md)|Properties that are personal to a user such as **reminderDateTime** and **categories**. |
|recurrence|[patternedRecurrence](../resources/patternedrecurrence.md)|The recurrence pattern for the task. | |startDateTime|[dateTimeTimeZone](../resources/datetimetimezone.md)|The date in the specified time zone when the task is to begin. | |status|taskStatus_v2|Indicates the state or progress of the task. Possible values are: `notStarted`, `inProgress`, `completed`,`unknownFutureValue`. |
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.baseTask",
- "body": {
- "@odata.type": "microsoft.graph.itemBody"
- },
+ "textBody": "String",
"createdDateTime": "String (timestamp)", "lastModifiedDateTime": "String (timestamp)", "bodyLastModifiedDateTime": "String (timestamp)",
The following is a JSON representation of the resource.
}, "displayName": "String", "status": "String",
- "personalProperties": {
- "@odata.type": "microsoft.graph.personalTaskProperties"
+ "viewpoint": {
+ "@odata.type": "microsoft.graph.taskViewpoint"
}, "id": "String (identifier)" }
v1.0 Bookingappointment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/bookingappointment.md
Represents a customer appointment for a [bookingService](bookingservice.md), per
|invoiceUrl|String|The URL of the invoice in Microsoft Bookings.| |isLocationOnline|Boolean|True indicates that the appointment will be held online. Default value is false.| |joinWebUrl|String|The URL of the online meeting for the appointment.|
-|maximumAttendeesCount|Int32|The maximum number of customers allowed in an appointment.|
+|maximumAttendeesCount|Int32|The maximum number of customers allowed in an appointment. If **maximumAttendeesCount** of the service is greater than 1, pass valid customer IDs while creating or updating an appointment. To create a customer, use the [Create bookingCustomer](../api/bookingbusiness-post-customers.md) operation. |
|optOutOfCustomerEmail|Boolean|True indicates that the [bookingCustomer](bookingcustomer.md) for this appointment does not wish to receive a confirmation for this appointment.| |postBuffer|Duration|The amount of time to reserve after the appointment ends, for cleaning up, as an example. The value is expressed in [ISO8601](https://www.iso.org/iso-8601-date-and-time-format.html) format. | |preBuffer|Duration|The amount of time to reserve before the appointment begins, for preparation, as an example. The value is expressed in [ISO8601](https://www.iso.org/iso-8601-date-and-time-format.html) format.|
v1.0 Bookingservice https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/bookingservice.md
Inherits from [bookingNamedEntity](bookingNamedEntity.md).
|id|String|The ID of that service, in a GUID format. Read-only.| |isHiddenFromCustomers|Boolean|True means this service is not available to customers for booking.| |isLocationOnline|Boolean|True indicates that the appointments for the service will be held online. Default value is false.|
-|maximumAttendeesCount|Int32|The maximum number of customers allowed in a service. |
+|maximumAttendeesCount|Int32|The maximum number of customers allowed in a service. If **maximumAttendeesCount** of the service is greater than 1, pass valid customer IDs while creating or updating an appointment. To create a customer, use the [Create bookingCustomer](../api/bookingbusiness-post-customers.md) operation. |
|notes|String|Additional information about this service.| |postBuffer|Duration|The time to buffer after an appointment for this service ends, and before the next customer appointment can be booked.| |preBuffer|Duration|The time to buffer before an appointment for this service can start.|
v1.0 Changenotification https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/changenotification.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents the notification sent to the subscriber.
+Represents the notification sent to the subscriber. All the properties of this resource are read-only.
For details, see [Use the Microsoft Graph API to get change notifications](webhooks.md).
None.
| clientState | string | Value of the **clientState** property sent specified in the subscription request (if any). The maximum length is 255 characters. The client can check whether the change notification came from the service by comparing the values of the **clientState** property. The value of the **clientState** property sent with the subscription is compared with the value of the **clientState** property received with each change notification. Optional. | | encryptedContent | [changeNotificationEncryptedContent](changenotificationencryptedcontent.md) | (Preview) Encrypted content attached with the change notification. Only provided if **encryptionCertificate** and **includeResourceData** were defined during the subscription request and if the resource supports it. Optional. | | id | string | Unique ID for the notification. Optional. |
-| lifecycleEvent | lifecycleEventType | The type of lifecycle notification if the current notification is a lifecycle notification. Optional. Supported values are `missed`, `subscriptionRemoved`, `reauthorizationRequired`. |
+| lifecycleEvent | lifecycleEventType | The type of lifecycle notification if the current notification is a lifecycle notification. Optional. Supported values are `missed`, `subscriptionRemoved`, `reauthorizationRequired`. Optional. |
| resource | string | The URI of the resource that emitted the change notification relative to `https://graph.microsoft.com`. Required. |
-| resourceData | [resourceData](resourcedata.md) | The content of this property depends on the type of resource being subscribed to. Required. |
+| resourceData | [resourceData](resourcedata.md) | The content of this property depends on the type of resource being subscribed to. Optional. |
| subscriptionExpirationDateTime | DateTimeOffset | The expiration time for the subscription. Required. |
-| subscriptionId | GUID | The unique identifier of the subscription that generated the notification. |
-| tenantId | GUID | The unique identifier of the tenant from which the change notification originated. |
+| subscriptionId | Guid | The unique identifier of the subscription that generated the notification. Required.|
+| tenantId | Guid | The unique identifier of the tenant from which the change notification originated. Required.|
## Relationships None.
-## JSON representation
+## JSON representation
The following is a JSON representation of the resource.- <!-- { "blockType": "resource",
- "optionalProperties": [
-
- ],
"@odata.type": "microsoft.graph.changeNotification"
-}-->
-
-```json
+}
+-->
+``` json
{
- "subscriptionId": "76222963-cc7b-42d2-882d-8aaa69cb2ba3",
- "changeType": "created",
- "clientState": "client state provided when creating subscription",
- "id": "15ee1d1f-af7b-42d9-885b-9d00db065dd9",
- "tenantId": "2c937fad-a8a7-496c-b0e4-bf77dcc7eb2a",
- "subscriptionExpirationDateTime": "2020-04-12T23:20:50.52Z",
- "resource": "teams('d29828b8-c04d-4e2a-b2f6-07da6982f0f0')/channels('19:f127a8c55ad949d1a238464d22f0f99e@thread.skype')/messages('1565045424600')/replies('1565047490246')",
+ "@odata.type": "#microsoft.graph.changeNotification",
+ "id": "String (identifier)",
+ "subscriptionId": "Guid",
+ "subscriptionExpirationDateTime": "String (timestamp)",
+ "clientState": "String",
+ "changeType": "String",
+ "resource": "String",
+ "tenantId": "Guid",
+ "encryptedContent": {
+ "@odata.type": "microsoft.graph.changeNotificationEncryptedContent"
+ },
+ "lifecycleEvent": "String",
"resourceData": {
- "id": "1565293727947",
- "@odata.type": "#Microsoft.Graph.ChatMessage",
- "@odata.id": "teams('88cbc8fc-164b-44f0-b6a6-b59b4a1559d3')/channels('19:8d9da062ec7647d4bb1976126e788b47@thread.tacv2')/messages('1565293727947')/replies('1565293727947')"
+ "@odata.type": "microsoft.graph.resourceData"
} } ```
v1.0 Changenotificationcollection https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/changenotificationcollection.md
The following is a JSON representation of the resource.
], "@odata.type": "microsoft.graph.changeNotificationCollection" }-->-
-```json
+``` json
{
- "value": [],
+ "@odata.type": "#microsoft.graph.changeNotificationCollection",
"validationTokens": [
- "eyJ0eXAiOiJKV1QiLCJhbGciOiJSU..."
+ "String"
+ ],
+ "value": [
+ {
+ "@odata.type": "microsoft.graph.changeNotification"
+ }
] } ```
v1.0 Changenotificationencryptedcontent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/changenotificationencryptedcontent.md
The following is a JSON representation of the resource.
], "@odata.type": "microsoft.graph.changeNotificationEncryptedContent" }-->-
-```json
+``` json
{
- "data": "{encrypted data that produces a full resource}",
- "dataSignature": "<HMAC-SHA256 hash>",
- "dataKey": "{encrypted symmetric key from Microsoft Graph}",
- "encryptionCertificateId": "MySelfSignedCert/DDC9651A-D7BC-4D74-86BC-A8923584B0AB",
- "encryptionCertificateThumbprint": "07293748CC064953A3052FB978C735FB89E61C3D"
+ "@odata.type": "#microsoft.graph.changeNotificationEncryptedContent",
+ "data": "String",
+ "dataSignature": "String",
+ "dataKey": "String",
+ "encryptionCertificateId": "String",
+ "encryptionCertificateThumbprint": "String"
} ```
The following is a JSON representation of the resource.
<!-- { "type": "#page.annotation",
- "description": "changeNotificationEncryptedConent resource",
+ "description": "changeNotificationEncryptedContent resource",
"keywords": "", "section": "documentation", "tocPath": "",
v1.0 Channelmoderationsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/channelmoderationsettings.md
Title: "channelModerationSettings resource type" description: "Used to control who can start new posts and reply to posts in a channel."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: resourcePageType
v1.0 Chat https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/chat.md
not all scenarios are possible. It is possible to get chat IDs with delegated pe
| permissionGrants| [resourceSpecificPermissionGrant](resourcespecificpermissiongrant.md) collection| A collection of permissions granted to apps for the chat.| | operations | [teamsAsyncOperation](teamsasyncoperation.md) collection | A collection of all the Teams async operations that ran or are running on the chat. Nullable. | lastMessagePreview | [chatMessageInfo](chatmessageinfo.md)| Preview of the last message sent in the chat. Null if no messages have been sent in the chat. Currently, only the [list chats](../api/chat-list.md) operation supports this property.|
+| tabs | [teamsTab](teamstab.md) collection | A collection of all the tabs in the chat. Nullable. |
## JSON representation
v1.0 Checklistitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/checklistitem.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents a collection of checklist items on a task. **ChecklistItem** helps split complex tasks into smaller more actionable steps.
+Represents a subtask in a bigger [baseTask](./baseTask.md). **ChecklistItem** allows breaking down a complex task into more actionable, smaller tasks.
## Methods |Method|Return type|Description|
v1.0 Claimsmappingpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/claimsmappingpolicy.md
Represents the claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Co
- Select which claims are included in tokens - Create claim types that do not already exist-- Choose or change the source of data emitted in specific claims
+- Choose or change the source of data emitted in specific claims
+
+The number of claims and transformations that can be added to a claims-mapping policy are limited to reduce token size. Any claims schema entries or transformations that are encountered after the limit has been reached are ignored and included in the issued token. For more information about the limits, see [Properties of a claims-mapping policy definition](#properties-of-a-claims-mapping-policy-definition)
For more scenario and configuration details see [How to: Customize claims emitted in tokens for a specific app in a tenant](/azure/active-directory/develop/active-directory-claims-mapping#claims-mapping-policy-properties).
The properties below form the JSON object that represents a claims-mapping polic
|:|:--|:-| |Version|Integer|Set value of 1. Required.| |IncludeBasicClaimSet|Boolean|If set to `true`, all claims in the basic claim set are emitted in tokens affected by the policy. If set to `false`, claims in the basic claim set are not in the tokens, unless they are individually added in the ClaimsSchema property of the same policy.|
-|ClaimsSchema|JSON object|Defines which claims are present in the tokens affected by the policy, in addition to the basic claim set and the core claim set. For each claim schema entry defined in this property, certain information is required. Specify where the data is coming from (Value or Source/ID pair), and which claim the data is emitted as (Claim Type). Further details are available in the [ClaimsSchema definition](/azure/active-directory/develop/active-directory-claims-mapping#claims-schema).|
-|ClaimsTransformation|JSON object| Defines common transformations that can be applied to source data, to generate the output data for claims specified in the ClaimsSchema. Further details are available in the [ClaimsTransformation definition](/azure/active-directory/develop/active-directory-claims-mapping#claims-transformation).|
+|ClaimsSchema|JSON object|Defines which claims are present in the tokens affected by the policy, in addition to the basic claim set and the core claim set. For each claim schema entry defined in this property, certain information is required. Specify where the data is coming from (Value or Source/ID pair), and which claim the data is emitted as (Claim Type). A maximum of 50 claims are included in the token through the ClaimsSchema object. Any claims schema entries that are encountered after the limit has been reached will be ignored and will not appear in the issued token. Further details are available in the [ClaimsSchema definition](/azure/active-directory/develop/active-directory-claims-mapping#claims-schema).|
+|ClaimsTransformation|JSON object| Defines common transformations that can be applied to source data, to generate the output data for claims specified in the ClaimsSchema. A maximum of 50 transformations are included in the token through the ClaimsTransformation object. Any transformations that are encountered after the limit has been reached will be ignored and will not appear in the issued token. For more information about ClaimsTransformation and the supported functions, see [Claims transformation](/azure/active-directory/develop/active-directory-claims-mapping#claims-transformation).|
## Relationships
v1.0 Cloudpc https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpc.md
Represents a cloud-managed virtual desktop. This Cloud PC is also enrolled into
|[Bulk reprovision remote action](../api/manageddevice-bulkreprovisioncloudpc.md)|None|Bulk reprovision a set of Cloud PC devices with Intune managed device IDs.| |[Resize remote action](../api/manageddevice-resizecloudpc.md)|None|Upgrade or downgrade an existing Cloud PC to another configuration with new vCPU and storage size through Intune managed device ID.| |[Troubleshoot](../api/cloudpc-troubleshoot.md)|None|Troubleshoot a specific [cloudPC](../resources/cloudpc.md) object. Use this API to check the health status of the Cloud PC and the session host.|
+|[Restore remote action](../api/manageddevice-restorecloudpc.md)|None|Restore a Cloud PC device to a previous state from a snapshot.|
+|[Bulk restore remote action](../api/manageddevice-bulkrestorecloudpc.md)|[cloudPcBulkRemoteActionResult](../resources/cloudpcbulkremoteactionresult.md)|Restore multiple Cloud PC devices with a single request that includes the IDs of Intune managed devices and a restore point date and time.|
## Properties
Represents a cloud-managed virtual desktop. This Cloud PC is also enrolled into
|imageDisplayName|String|Name of the OS image that's on the Cloud PC.| |lastLoginResult|[cloudPcLoginResult](../resources/cloudpcloginresult.md)|The last login result of the Cloud PC. For example, `{ "time": "2014-01-01T00:00:00Z"}`.| |lastModifiedDateTime|DateTimeOffset|The last modified date and time of the Cloud PC. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
-|lastRemoteActionResult|[cloudPcRemoteActionResult](../resources/cloudpcremoteactionresult.md)|The last remote action result of the enterprise Cloud PCs. The supported remote actions are: `Rename`, `Reboot`, `Reprovision`, and `Troubleshoot`.|
+|lastRemoteActionResult|[cloudPcRemoteActionResult](../resources/cloudpcremoteactionresult.md)|The last remote action result of the enterprise Cloud PCs. The supported remote actions are: `Reboot`, `Rename`, `Reprovision`, `Restore`, and `Troubleshoot`.|
|managedDeviceId|String|The Intune device ID of the Cloud PC.| |managedDeviceName|String|The Intune device name of the Cloud PC.| |onPremisesConnectionName|String|The on-premises connection that is applied during the provisioning of Cloud PCs.|
Represents a cloud-managed virtual desktop. This Cloud PC is also enrolled into
|servicePlanId|String|The service plan ID of the Cloud PC.| |servicePlanName|String|The service plan name of the Cloud PC.| |servicePlanType|[cloudPcServicePlanType](../resources/cloudpcserviceplan.md#cloudpcserviceplantype-values)|The service plan type of the Cloud PC.|
-|status|[cloudPcStatus](#cloudpcstatus-values)|The status of the Cloud PC. Possible values are: `notProvisioned`, `provisioning`, `provisioned`, `upgrading`, `inGracePeriod`, `deprovisioning`, `failed`.|
+|status|[cloudPcStatus](#cloudpcstatus-values)|The status of the Cloud PC. Possible values are: `notProvisioned`, `provisioning`, `provisioned`, `upgrading`, `inGracePeriod`, `deprovisioning`, `failed`, `restoring`.|
|statusDetails|[cloudPcStatusDetails](../resources/cloudpcstatusdetails.md)|The details of the Cloud PC status.| |userAccountType|[cloudPcUserAccountType](../resources/cloudpcorganizationsettings.md#cloudpcuseraccounttype-values)|The account type of the user on provisioned Cloud PCs. Possible values are: `standardUser`, `administrator`, and `unknownFutureValue`.| |userPrincipalName|String|The user principal name (UPN) of the user assigned to the Cloud PC.|
Represents a cloud-managed virtual desktop. This Cloud PC is also enrolled into
|provisionedWithWarnings|The Cloud PC is provisioned and can be accessed by end users but with some warnings. The user can continue to use this Cloud PC.| |resizing|The Cloud PC is resizing.| |pendingProvision|The provisioning is pending on the Cloud PC. In this case, the number of Cloud PCs in grace period is more than the number of total available licenses. |
+|restoring|The Cloud PC is restoring.|
|unknownFutureValue|Evolvable enumeration sentinel value. Do not use.| ## Relationships
v1.0 Cloudpcbulkremoteactionresult https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcbulkremoteactionresult.md
+
+ Title: "cloudPcBulkRemoteActionResult resource type"
+description: "Represents the Cloud PC-specified bulk remote action result."
+
+ms.localizationpriority: medium
++
+# cloudPcBulkRemoteActionResult resource type
+
+Namespace: microsoft.graph
++
+Represents the Cloud PC-specified bulk remote action result.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|failedDeviceIds|String collection|A list of all the Intune managed device IDs that completed the bulk action with a failure.|
+|notFoundDeviceIds|String collection|A list of all the Intune managed device IDs that were not found when the bulk action was attempted.|
+|notSupportedDeviceIds|String collection|A list of all the Intune managed device IDs that were identified as unsupported for the bulk action.|
+|successfulDeviceIds|String collection|A list of all the Intune managed device IDs that completed the bulk action successfully.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.cloudPcBulkRemoteActionResult"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.cloudPcBulkRemoteActionResult",
+ "failedDeviceIds": [
+ "String"
+ ],
+ "notFoundDeviceIds": [
+ "String"
+ ],
+ "notSupportedDeviceIds": [
+ "String"
+ ],
+ "successfulDeviceIds": [
+ "String"
+ ]
+}
+```
+
v1.0 Cloudpcremoteactionresult https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcremoteactionresult.md
Represents the Cloud PC-specified remote action result.
|Property|Type|Description| |:|:|:|
-|actionName|String|The specified action. Supported values in the Microsoft Endpoint Manager portal are: `Reprovision`, `Resize`. Supported values in enterprise Cloud PC devices are: `Rename`, `Reboot`, `Reprovision`, `Troubleshoot`.|
+|actionName|String|The specified action. Supported values in the Microsoft Endpoint Manager portal are: `Reprovision`, `Resize`, `Restore`. Supported values in enterprise Cloud PC devices are: `Reboot`, `Rename`, `Reprovision`, `Troubleshoot`.|
|actionState|[actionState](#actionstate-values)|State of the action. Possible values are: `None`, `pending`, `canceled`, `active`, `done`, `failed`, `notSupported`. Read-only.| |cloudPcId|String|The ID of the Cloud PC device on which the remote action is performed. Read-only.| |managedDeviceId|String|The ID of the Intune managed device on which the remote action is performed. Read-only.|
v1.0 Cloudpcrestorepointsetting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcrestorepointsetting.md
+
+ Title: "cloudPcRestorePointSetting resource type"
+description: "Represents specific settings of point-in-time restore."
+
+ms.localizationpriority: medium
++
+# cloudPcRestorePointSetting resource type
+
+Namespace: microsoft.graph
++
+Represents the settings of a point-in-time restore of a Cloud PC.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|frequencyInHours|Int32|The time interval in hours to take snapshots (restore points) of a Cloud PC automatically. Possible values are `4`, `6`, `12`, `16`, and `24`. The default frequency is 12 hours.|
+|userRestoreEnabled|Boolean|If `true`, the user has the ability to use snapshots to restore Cloud PCs. If `false`, non-admin users cannot use snapshots to restore the Cloud PC.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.cloudPcRestorePointSetting"
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.cloudPcRestorePointSetting",
+ "frequencyInHours": "Integer",
+ "userRestoreEnabled": "Boolean"
+}
+```
v1.0 Cloudpcsnapshot https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcsnapshot.md
+
+ Title: "cloudPcSnapshot resource type"
+description: "Represents a Cloud PC snapshot."
+
+ms.localizationpriority: medium
++
+# cloudPcSnapshot resource type
+
+Namespace: microsoft.graph
++
+Represents a snapshot of the device settings of a Cloud PC that can be used to restore the device system.
++
+Inherits from [entity](../resources/entity.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List snapshots](../api/virtualendpoint-list-snapshots.md)|[cloudPcSnapshot](../resources/cloudpcsnapshot.md) collection|Get a list of the [cloudPcSnapshot](../resources/cloudpcsnapshot.md) objects and their properties.|
+|[Get cloudPcSnapshot](../api/cloudpcsnapshot-get.md)|[cloudPcSnapshot](../resources/cloudpcsnapshot.md)|Read the properties and relationships of a [cloudPcSnapshot](../resources/cloudpcsnapshot.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|cloudPcId|String|The unique identifier for the Cloud PC.|
+|createdDateTime|DateTimeOffset|The date and time at which the snapshot was taken. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|id|String|The unique identifier for the snapshot of the Cloud PC device at a specific point in time. Inherited from [entity](../resources/entity.md).|
+|lastRestoredDateTime|DateTimeOffset|The date and time at which the snapshot was last used to restore the Cloud PC device. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
+|status|[cloudPcSnapshotStatus](#cloudpcsnapshotstatus-values)|The status of the Cloud PC snapshot. The possible values are: `ready`, `unknownFutureValue`.|
+
+### cloudPcSnapshotStatus values
+
+|Member|Description|
+|:|:|
+|ready|The snapshot is ready to restore the Cloud PC device.|
+|unknownFutureValue|Evolvable enumeration sentinel value. Do not use.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.cloudPcSnapshot",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.cloudPcSnapshot",
+ "cloudPcId": "String",
+ "createdDateTime": "String (timestamp)",
+ "id": "String (identifier)",
+ "lastRestoredDateTime": "String (timestamp)",
+ "status": "String"
+}
+```
+
v1.0 Cloudpcusersetting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcusersetting.md
Title: "cloudPcUserSetting resource type"
-description: "Represent a Cloud PC user setting"
+description: "Represents a Cloud PC user setting"
ms.localizationpriority: medium ms.prod: "cloud-pc"
Represents a Cloud PC user setting.
|displayName|String|The setting name displayed in the user interface. | |localAdminEnabled|Boolean|Indicates whether the local admin option is enabled. Default value is `false`. To enable the local admin option, change the setting to `true`. If the local admin option is enabled, the end user can be an admin of the Cloud PC device. | |selfServiceEnabled|Boolean|Indicates whether the self-service option is enabled. Default value is `false`. To enable the self-service option, change the setting to `true`. If the self-service option is enabled, the end user is allowed to perform some self-service operations, such as upgrading the Cloud PC through the end user portal.|
+|restorePointSetting|[cloudPcRestorePointSetting](../resources/cloudpcrestorepointsetting.md)|Defines how frequently a restore point is created that is, a snapshot is taken) for users' provisioned Cloud PCs (default is 12 hours), and whether the user is allowed to restore their own Cloud PCs to a backup made at a specific point in time.|
|lastModifiedDateTime|DateTimeOffset|The last date and time the setting was modified. The Timestamp type represents the date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this:ΓÇ»'2014-01-01T00:00:00Z'.ΓÇ»| |createdDateTime|DateTimeOffset|The date and time the setting was created. The Timestamp type represents the date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: '2014-01-01T00:00:00Z'.ΓÇ»|
The following is a JSON representation of the resource.
"displayName": "String", "selfServiceEnabled": "Boolean", "localAdminEnabled": "Boolean",
+ "restorePointSetting": {
+ "@odata.type": "microsoft.graph.cloudPcRestorePointSetting"
+ },
"lastModifiedDateTime": "String (timestamp)", "createdDateTime": "String (timestamp)" }
v1.0 Connectedorganization https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/connectedorganization.md
In [Azure AD entitlement management](entitlementmanagement-overview.md), a conne
|modifiedBy|String|UPN of the user who last modified this resource. Read-only.| |modifiedDateTime|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.| |state|connectedOrganizationState|The state of a connected organization defines whether assignment policies with requestor scope type `AllConfiguredConnectedOrganizationSubjects` are applicable or not. Possible values are: `configured`, `proposed`.|
+|identitySources|[identitySource](identitySource.md) collection| The identity sources in this connected organization, one of [azureActiveDirectoryTenant](azureactivedirectorytenant.md), [domainIdentitySource](domainidentitysource.md) or [externalDomainFederation](externaldomainfederation.md). Read-only. Nullable. Supports `$select` and `$filter`(`eq`). To filter by the derived types, you must declare the resource using its full OData cast, for example, `$filter=identitySources/any(is:is/microsoft.graph.azureActiveDirectoryTenant/tenantId eq 'bcfdfff4-cbc3-43f2-9000-ba7b7515054f')`.|
## Relationships |Relationship|Type|Description| |:|:|:|
-|identitySources|[identitySource](identitySource.md) collection| The identity sources in this connected organization, one of [azureActiveDirectoryTenant](azureactivedirectorytenant.md), [domainIdentitySource](domainidentitysource.md) or [externalDomainFederation](externaldomainfederation.md). Read-only. Nullable. Supports `$select` and `$filter`(`eq`). To filter by the derived types, you must declare the resource using its full OData cast, for example, `microsoft.graph.azureActiveDirectoryTenant.`|
|internalSponsors| [directoryObject](directoryobject.md) collection| Nullable.| |externalSponsors| [directoryObject](directoryobject.md) collection| Nullable.|
v1.0 Contactmergesuggestions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/contactmergesuggestions.md
+
+ Title: "contactMergeSuggestions resource type"
+description: "Represents the feature to suggest merging contact items when Outlook detects duplicates in the user's contacts list"
+
+ms.localizationpriority: medium
++
+# contactMergeSuggestions resource type
+
+Namespace: microsoft.graph
++
+Represents the feature to suggest merging contact items when Outlook detects duplicates in the user's contacts list.
+
+This resource provides a means to enable or disable the feature at the user level. By default, suggestion is enabled. Duplicate contact items remain as duplicates in the contact folder unless the user selects merging them.
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[Get](../api/contactmergesuggestions-get.md)|[contactMergeSuggestions](contactmergesuggestions.md)|Read the properties of a **contactMergeSuggestions** object.|
+|[Update](../api/contactmergesuggestions-update.md)|None |Update the properties of a **contactMergeSuggestions** object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|isEnabled|Boolean|`true` if the duplicate contact merge suggestions feature is enabled for the user; `false` if the feature is disabled. Default value is `true`.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.contactMergeSuggestions",
+ "openType": false
+}
+-->
+``` json
+{
+ "isEnabled": "Boolean"
+}
+```
+
v1.0 Countrynamedlocation https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/countrynamedlocation.md
Inherits from [namedLocation](../resources/namedLocation.md)
| Property | Type | Description | |:-|:|:| |countriesAndRegions|String collection|List of countries and/or regions in two-letter format specified by ISO 3166-2.|
-|countryLookupMethod|countryLookupMethodType|Determines what method is used to decide which country the user is located in. Possible values are `clientIpAddress` (default) and `authenticatorAppGps`. Note: `authenticatorAppGps` is not yet supported in the Microsoft Cloud for US Government.|
+|countryLookupMethod|countryLookupMethodType|Determines what method is used to decide which country the user is located in. Possible values are `clientIpAddress` (default) and `authenticatorAppGps`.|
|createdDateTime|DateTimeOffset|The Timestamp type represents creation date and time of the location using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only. Inherited from [namedLocation](../resources/namedLocation.md).| |displayName|String|Human-readable name of the location. Required. Inherited from [namedLocation](../resources/namedLocation.md).| |id|String|Identifier of a namedLocation object. Read-only. Inherited from [namedLocation](../resources/namedLocation.md).|
v1.0 Crosstenantaccesspolicy Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/crosstenantaccesspolicy-overview.md
Inbound trust settings also enable you to trust devices that are compliant, or h
The cross-tenant access settings API can be used to set up multiple configurations for allowing or blocking access to and from your organization. The following table highlights scenarios, shows an example of the API response, and what the interpretation should be of that response. **b2bSetting** is used as a placeholder for any B2B inbound (**b2bCollaborationInbound** or **b2bDirectConnectInbound**) or outbound (**b2bCollaborationOutbound** or **b2bDirectConnectOutbound**) configuration.
+<br/>
+ <table> <tr>
-<td> Scenario </td> <td> API output </td> <td> Interpretation </td>
+<th> Scenario </th> <th> API output </th> <th> Interpretation </th>
</tr> <tr> <td> Block all users and block all applications </td>
v1.0 Crosstenantaccesspolicyconfigurationpartner https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/crosstenantaccesspolicyconfigurationpartner.md
Inherits from [crossTenantAccessPolicyConfigurationBase](../resources/crosstenan
| b2bDirectConnectOutbound | [crossTenantAccessPolicyB2BSetting](../resources/crosstenantaccesspolicyb2bsetting.md) | Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B direct connect. Inherited from [crossTenantAccessPolicyConfigurationBase](../resources/crosstenantaccesspolicyconfigurationbase.md). | | inboundTrust | [crossTenantAccessPolicyInboundTrust](../resources/crosstenantaccesspolicyinboundtrust.md) | Determines the partner-specific configuration for trusting other Conditional Access claims from external Azure AD organizations. Inherited from [crossTenantAccessPolicyConfigurationBase](../resources/crosstenantaccesspolicyconfigurationbase.md). | | isServiceProvider | Boolean | Identifies whether the partner-specific configuration is a Cloud Service Provider for your organization. |
-| tenantId | String | The tenant identifier for the partner Azure AD organization. Read-only.|
+| tenantId | String | The tenant identifier for the partner Azure AD organization. Read-only. Key.|
## Relationships
None.
The following is a JSON representation of the resource. <!-- { "blockType": "resource",
- "keyProperty": "id",
+ "keyProperty": "tenantId",
"@odata.type": "microsoft.graph.crossTenantAccessPolicyConfigurationPartner", "baseType": "microsoft.graph.crossTenantAccessPolicyConfigurationBase", "openType": false
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.crossTenantAccessPolicyConfigurationPartner",
- "tenantId": "String",
+ "tenantId": "String (identifier)",
"inboundTrust": { "@odata.type": "microsoft.graph.crossTenantAccessPolicyInboundTrust" },
v1.0 Customaccesspackageworkflowextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customaccesspackageworkflowextension.md
+
+ Title: "customAccessPackageWorkflowExtension resource type"
+description: "Defines the attributes of a logic app, which can be called at various stages of an access package request and assignment cycle."
+
+ms.localizationpriority: medium
++
+# customAccessPackageWorkflowExtension resource type
+
+Namespace: microsoft.graph
++
+Defines the attributes of a logic app, which can be called at various stages of an access package request and assignment cycle. You can integrate logic apps with entitlement management to broaden your governance workflows beyond the core entitlement management use cases. The following use cases can be integrated with logic apps using this workflow:
+- When an [access package is requested](accesspackageassignmentrequest.md)
+- When an [access package request is granted](accesspackageassignment.md)
+- When an [access package assignment expires](accesspackageassignment.md)
+
+Inherits and derived from [customCalloutExtension](../resources/customcalloutextension.md).
++
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List customAccessPackageWorkflowExtensions](../api/accesspackagecatalog-list-customaccesspackageworkflowextensions.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) collection|Get a list of the [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) objects and their properties.|
+|[Create customAccessPackageWorkflowExtensions](../api/accesspackagecatalog-post-customaccesspackageworkflowextensions.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md)|Create a new [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.|
+|[Get customAccessPackageWorkflowExtension](../api/customaccesspackageworkflowextension-get.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md)|Read the properties and relationships of a [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.|
+|[Update customAccessPackageWorkflowExtension](../api/customaccesspackageworkflowextension-update.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md)|Update the properties of a [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.|
+|[Delete customAccessPackageWorkflowExtension](../api/customaccesspackageworkflowextension-delete.md)|None|Deletes a [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|clientConfiguration|[customExtensionClientConfiguration](../resources/customextensionclientconfiguration.md)| HTTP connection settings that define how long Azure AD can wait for a connection to a logic app, how many times you can retry a timed-out connection and the exception scenarios when retries are allowed. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|createdDateTime|DateTimeOffset|Represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.|
+|description|String|Description for the customAccessPackageWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Read only.|
+|displayName|String|Display name for the customAccessPackageWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Read only. Supports `$filter` (`contains`).|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|id|String|Identifier for the customAccessPackageWorkflowExtension object. Inherited from [entity](../resources/entity.md).|
+|lastModifiedDateTime|DateTimeOffset|Represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.customAccessPackageWorkflowExtension",
+ "baseType": "microsoft.graph.customCalloutExtension",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.customAccessPackageWorkflowExtension",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "description": "String",
+ "createdDateTime": "String (timestamp)",
+ "lastModifiedDateTime": "String (timestamp)",
+ "endpointConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionEndpointConfiguration"
+ }
+}
+```
v1.0 Customcalloutextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customcalloutextension.md
+
+ Title: "customCalloutExtension resource type"
+description: "An abstract type that defines the configuration for logic apps that can be integrated with the customer's entitlement management use cases to implement broader governance workflows. This abstract type is inherited by the customAccessPackageWorkflowExtension resource type"
+
+ms.localizationpriority: medium
++
+# customCalloutExtension resource type
+
+Namespace: microsoft.graph
++
+An abstract type that defines the configuration for logic apps that can be integrated with the customer's entitlement management use cases to implement broader governance workflows. This abstract type is inherited by the [customAccessPackageWorkflowExtension](customaccesspackageworkflowextension.md) resource type.
+
+Inherits from [entity](entity.md).
+
+## Methods
+
+None.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow. |
+|clientConfiguration|[customExtensionClientConfiguration](../resources/customextensionclientconfiguration.md)| HTTP connection settings that define how long Azure AD can wait for a connection to a logic app, how many times you can retry a timed-out connection and the exception scenarios when retries are allowed.|
+|description|String|Description for the customCalloutExtension object.|
+|displayName|String|Display name for the customCalloutExtension object.|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow.|
+|id|String|Identifier for the customCalloutExtension object. Inherited from [entity](../resources/entity.md).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.customCalloutExtension",
+ "openType": false,
+ "abstract": true
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.customCalloutExtension",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "description": "String",
+ "endpointConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionEndpointConfiguration"
+ },
+ "clientConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionClientConfiguration"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionAuthenticationConfiguration"
+ }
+}
+```
+
v1.0 Customextensionauthenticationconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensionauthenticationconfiguration.md
+
+ Title: "customExtensionAuthenticationConfiguration resource type"
+description: "Abstract base type that exposes the configuration for the **authenticationConfiguration** property of the derived types that inherit from the customCalloutExtension abstract type"
+
+ms.localizationpriority: medium
++
+# customExtensionAuthenticationConfiguration resource type
+
+Namespace: microsoft.graph
++
+Abstract base type that exposes the configuration for the **authenticationConfiguration** property of the derived types that inherit from the [customCalloutExtension](customcalloutextension.md) abstract type. This abstract type is inherited by the [azureAdTokenAuthentication](../resources/azureadtokenauthentication.md) resource type.
+
+## Properties
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.customExtensionAuthenticationConfiguration",
+ "abstract": true
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.customExtensionAuthenticationConfiguration "
+}
+```
v1.0 Customextensionclientconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensionclientconfiguration.md
+
+ Title: "customExtensionClientConfiguration resource type"
+description: "HTTP connection settings that define how long Azure AD can wait for a a response from a logic app before it shuts down the connection. Only timeoutInMilliseconds is supported."
+
+ms.localizationpriority: medium
++
+# customExtensionClientConfiguration resource type
+
+Namespace: microsoft.graph
++
+HTTP connection settings that define how long Azure AD can wait for a a response from a logic app before it shuts down the connection. Only **timeoutInMilliseconds** is supported.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|timeoutInMilliseconds|Int32|The max duration in milliseconds that Azure AD will wait for a response from the logic app before it shuts down the connection. The valid range is between `200` and `2000` milliseconds. Default duration is `1000`.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.customExtensionClientConfiguration"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.customExtensionClientConfiguration",
+ "timeoutInMilliseconds": "Integer"
+}
+```
+
v1.0 Customextensionendpointconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensionendpointconfiguration.md
+
+ Title: "customExtensionEndpointConfiguration resource type"
+description: "Abstract base type that exposes the derived types used to configure the endpointConfiguration property of a custom access package workflow extension object."
+
+ms.localizationpriority: medium
++
+# customExtensionEndpointConfiguration resource type
+
+Namespace: microsoft.graph
++
+Abstract base type that exposes the derived types used to configure the **endpointConfiguration** property of a [custom access package workflow extension](customaccesspackageworkflowextension.md) object. This abstract type is inherited by the [logicAppTriggerEndpointConfiguration](logicapptriggerendpointconfiguration.md) object.
+
+## Properties
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.customExtensionEndpointConfiguration",
+ "abstract": true
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.customExtensionEndpointConfiguration"
+}
+```
v1.0 Customextensionhandler https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensionhandler.md
+
+ Title: "customExtensionHandler resource type"
+description: "Defines when to execute a custom access package workflow extension."
+
+ms.localizationpriority: medium
++
+# customExtensionHandler resource type
+
+Namespace: microsoft.graph
++
+Defines when to execute a [custom access package workflow extension](customaccesspackageworkflowextension.md).
+
+Inherits from [entity](entity.md).
+
+## Methods
+None.
+
+> [!NOTE]
+>
+> 1. To read the customExtensionHandler objects on a policy, append `?$expand=customExtensionHandlers` to a [GET accessPackageAssignmentPolicy](../api/accesspackageassignmentpolicy-get.md) request. For example, `GET https://graph.microsoft.com/bet#example-2-retrieve-the-custom-extension-handlers-for-a-policy).
+>
+> 2. To delete the **customExtensionHandlers** objects from a policy, call the [Update accessPackageAssignmentPolicy](../api/accesspackageassignmentpolicy-update.md) and specify the customExtensionHandlers property as an empty collection. For more details, see [Example 2: Remove the customExtensionHandlers from a policy](../api/accesspackageassignmentpolicy-update.md#example-2-remove-the-customextensionhandlers-from-a-policy).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String| Identifier of the stage. Inherited from [entity](../resources/entity.md).|
+|stage|accessPackageCustomExtensionStage|Indicates the stage of the access package assignment request workflow when the access package custom extension runs. The possible values are: `assignmentRequestCreated`, `assignmentRequestApproved`, `assignmentRequestGranted`, `assignmentRequestRemoved`, `assignmentFourteenDaysBeforeExpiration`, `assignmentOneDayBeforeExpiration`, `unknownFutureValue`. |
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|customExtension|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md)|Indicates which custom workflow extension will be executed at this stage. Nullable. Supports `$expand`.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.customExtensionHandler",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.customExtensionHandler",
+ "id": "String (identifier)",
+ "stage": "String"
+}
+```
+
v1.0 Customextensionhandlerinstance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensionhandlerinstance.md
+
+ Title: "customExtensionHandlerInstance resource type"
+description: "Used to record the status a custom workflow extension instance being run on an access package assignment request."
+
+ms.localizationpriority: medium
++
+# customExtensionHandlerInstance resource type
+
+Namespace: microsoft.graph
++
+Used to record the status of [custom workflow extension](customaccesspackageworkflowextension.md) instance being run on an [access package assignment request](accesspackageassignmentrequest.md).
+
+## Methods
+None
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|customExtensionId|String|Identifier of the [customAccessPackageWorkflowExtension](customaccesspackageworkflowextension.md) triggered at this instance.|
+|externalCorrelationId|String|The unique run ID for the logic app.|
+|stage|accessPackageCustomExtensionStage|Indicates the stage of the request workflow when the access package custom extension runs. The possible values are: `assignmentRequestCreated`, `assignmentRequestApproved`, `assignmentRequestGranted`, `assignmentRequestRemoved`, `assignmentFourteenDaysBeforeExpiration`, `assignmentOneDayBeforeExpiration`, `unknownFutureValue`.|
+|status|accessPackageCustomExtensionHandlerStatus|Status of the request to run the access package custom extension workflow that is associated with the logic app. The possible values are: `requestSent`, `requestReceived`, `unknownFutureValue`.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.customExtensionHandlerInstance"
+}
+-->
+``` json
+
+{
+ "@odata.type": "#microsoft.graph.customExtensionHandlerInstance",
+ "stage": "String",
+ "customExtensionId": "String",
+ "externalCorrelationId": "String",
+ "status": "String"
+}
+```
+
v1.0 Device https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/device.md
This resource lets you add your own data to custom properties using [extensions]
|[List devices](../api/device-list.md) | [device](device.md) collection| Retrieve a list of devices registered in the directory. | |[Update device](../api/device-update.md) | [device](device.md) |Update the properties of the device object. | |[Delete device](../api/device-delete.md) | None |Delete the device object. |
-|[List memberOf](../api/device-list-memberof.md) |[directoryObject](directoryobject.md) collection| List the groups that the device is a direct member of. |
-|[List transitive memberOf](../api/device-list-transitivememberof.md) |[directoryObject](directoryobject.md) collection| List the groups that the device is a member of. This operation is transitive. |
+|[List memberOf](../api/device-list-memberof.md) |[directoryObject](directoryobject.md) collection| List the groups and administrative units that the device is a direct member of. |
+|[List transitive memberOf](../api/device-list-transitivememberof.md) |[directoryObject](directoryobject.md) collection| List the groups and administrative units that the device is a member of. This operation is transitive. |
|[List registeredOwners](../api/device-list-registeredowners.md) |[directoryObject](directoryobject.md) collection| Get the users that are registered owners of the device from the registeredOwners navigation property.| |[List registeredUsers](../api/device-list-registeredusers.md) |[directoryObject](directoryobject.md) collection| Get the registered users of the device from the registeredUsers navigation property.| |[List usageRights](../api/device-list-usagerights.md) | [usageRight](usageright.md) collection | Get a collection of usage rights granted to the device.|
This resource lets you add your own data to custom properties using [extensions]
|:|:--|:-| |commands | [command](command.md) collection | Set of commands sent to this device.| |extensions|[extension](extension.md) collection|The collection of open extensions defined for the device. Read-only. Nullable. |
-|memberOf|[directoryObject](directoryobject.md) collection|Groups that this device is a member of. Read-only. Nullable. Supports `$expand`. |
+|memberOf|[directoryObject](directoryobject.md) collection|Groups and administrative units that this device is a member of. Read-only. Nullable. Supports `$expand`. |
|registeredOwners|[directoryObject](directoryobject.md) collection| The user that cloud joined the device or registered their personal device. The registered owner is set at the time of registration. Currently, there can be only one owner. Read-only. Nullable. Supports `$expand`. | |registeredUsers|[directoryObject](directoryobject.md) collection| Collection of registered users of the device. For cloud joined devices and registered personal devices, registered users are set to the same value as registered owners at the time of registration. Read-only. Nullable. Supports `$expand`. |
-|transitiveMemberOf |[directoryObject](directoryobject.md) collection| Groups that this device is a member of. This operation is transitive. Supports `$expand`. |
+|transitiveMemberOf |[directoryObject](directoryobject.md) collection| Groups and administrative units that this device is a member of. This operation is transitive. Supports `$expand`. |
|usageRights|[usageRight](usageright.md) collection|Represents the usage rights a device has been granted. | ## JSON representation
v1.0 Directoryaudit https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/directoryaudit.md
Represents the directory audit items and its collection.
| activityDisplayName | String | Indicates the activity name or the operation name (E.g. "Create User", "Add member to group"). For a list of activities logged, refer to [Azure Ad activity list](/azure/active-directory/active-directory-reporting-activity-audit-logs#azure-ad-audit-activity-list). | | additionalDetails | [keyValue](keyvalue.md) collection | Indicates additional details on the activity. | | category | String | Indicates which resource category that's targeted by the activity. (For example: User Management, Group Management etc..) |
-| correlationId | GUID | Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs across services. |
+| correlationId | Guid | Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs across services. |
| id | String | Indicates the unique ID for the activity. | | initiatedBy | [auditActivityInitiator](auditactivityinitiator.md) | Indicates information about the user or app initiated the activity. | | loggedByService | String | Indicates information on which service initiated the activity (For example: Self-service Password Management, Core Directory, B2C, Invited Users, Microsoft Identity Manager, Privileged Identity Management. |
v1.0 Directoryobject https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/directoryobject.md
This resource supports:
| Property | Type |Description| |:|:--|:-|
+|deletedDateTime|DateTimeOffset|Date and time when this object was deleted. Always `null` when the object hasn't been deleted. |
|id|String|The unique identifier for the object. For example, 12345678-9abc-def0-1234-56789abcde. The value of the **id** property is often but not exclusively in the form of a GUID; treat it as an opaque identifier and do not rely on it being a GUID. Key. Not nullable. Read-only.| ## Relationships
v1.0 Directorysetting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/directorysetting.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Directory settings can be created based on the available [directorySettingTemplates](directorysettingtemplate.md), and changed from their preset defaults. These settings can govern entity or feature behaviors, both at a tenant-wide level or at a specific entity level. When the same setting is defined at both the tenant-wide and specific entity level, the specific entity level setting may opt-out from the tenant-wide setting. For example, the tenant-wide setting may allow guests to be invited by existing members of groups, but a specific group setting may opt-out and not allow guests to be invited by members of the group. Currently system defined settings are only govern Office groups behavior.
+Directory settings define the configurations that can be used to customize the tenant-wide and object-specific restrictions and allowed behavior. For examples, you can block word lists for group display names or define whether guest users are allowed to be group owners.
-> **Note**: The /beta version of the directorySetting resource type only applies to groups. The /v1.0 version has been renamed to groupSetting.
+By default, all entities inherit the preset defaults. To change the default settings, you must create a new settings object using the [directorySettingTemplates](directorysettingtemplate.md). When the same setting is defined at both the tenant-wide and to a specific group, the entity-level setting overrides the tenant-wide setting. For example, the tenant-wide setting may allow guests to be invited by existing members of groups, but an individual group setting can override and not allow guests to be invited by members of the group.
+
+> [!TIP]
+> The `/v1.0` version of this resource is named [groupSetting](/graph/api/resources/groupsetting?view=graph-rest-1.0&preserve-view=true).
## Methods | Method | Return Type |Description| |:|:--|:-|
-|[Create setting](../api/directorysetting-post-settings.md) | [directorySetting](directorysetting.md) |Create a setting object based on a directorySettingTemplate. The POST request must provide settingValues for all the settings defined in the template.|
+|[Create setting](../api/group-post-settings.md) | [directorySetting](directorysetting.md) |Create a setting object based on a directorySettingTemplate.|
|[Get setting](../api/directorysetting-get.md) | [directorySetting](directorysetting.md) |Read properties of a specific setting object.|
-|[List settings](../api/directorysetting-list.md) | [directorySetting](directorysetting.md) collection |List properties of all setting objects.|
+|[List settings](../api/group-list-settings.md) | [directorySetting](directorysetting.md) collection |List properties of all setting objects.|
|[Update setting](../api/directorysetting-update.md) | [directorySetting](directorysetting.md) |Update a setting object. Only settingValues can be changed in an update.| |[Delete setting](../api/directorysetting-delete.md) | None |Delete a setting object. |
Directory settings can be created based on the available [directorySettingTempla
|displayName|string|Display name of this group of settings, which comes from the associated template. Read-only.| |id|string| Unique identifier for these settings. Read-only.| |templateId|string| Unique identifier for the template used to create this group of settings. Read-only.|
-|values|[settingValue](settingvalue.md) collection| Collection of name value pairs. Must contain and set all the settings defined in the template.|
+|values|[settingValue](settingvalue.md) collection| Collection of name-value pairs corresponding to the name and defaultValue properties in the referenced [directorySettingTemplates](directorysettingtemplate.md) object.|
## Relationships None
v1.0 Directorysettingtemplate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/directorysettingtemplate.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Directory setting templates represent system-defined settings available to the tenant. [Directory settings](directorysetting.md) can be created based on the available directorySettingTemplates, and values changed from their preset defaults. Directory setting templates cannot be created, updated or deleted. These settings can represent tenant-wide settings, or can represent specific entity settings. Currently, the only templates available apply to Office groups, and include settings such as whether users can create groups or invite guests from outside the organization to become members of a group.
+Directory setting templates represent system-defined settings available to the tenant. [Directory settings](directorysetting.md) can be created based on the available **directorySettingTemplates**, and values changed from their preset defaults. Directory setting templates cannot be created, updated or deleted. These settings can represent tenant-wide settings, or can represent specific entity settings. Currently, the only templates available for groups apply to Microsoft 365 groups, and include settings such as whether users can create groups or invite guests from outside the organization to become members of a group.
-> **Note**: The /beta version of the directorySettingTemplate resource type only applies to groups. The /v1.0 version has been renamed to groupSettingTemplate.
+For more information about the available Microsoft 365 group settings, see [Template settings](/azure/active-directory/enterprise-users/groups-settings-cmdlets).
+
+> [!TIP]
+> The `/v1.0` version of this resource is named [groupSettingTemplate](/graph/api/resources/groupsettingtemplate?view=graph-rest-1.0&preserve-view=true).
## Methods
v1.0 Educationsynchronizationprofile https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/educationsynchronizationprofile.md
Represents a set of configurations used to synchronize education entities and ro
| id | String | The unique identifier for the resource. (read-only) | | displayName | String | Name of the configuration profile for syncing identities. | | dataProvider | [educationSynchronizationDataProvider] | The data provider used for the profile. |
-| expirationDate | Date | The date the profile should be considered expired and cease syncing. When `null`. the profile will never expire. (optional) |
+| expirationDate | Date | The date the profile should be considered expired and cease syncing. Provide the date in `YYYY-MM-DD` format, following [ISO 8601](https://www.iso.org/iso-8601-date-and-time-format.html). Maximum value is 18 months from profile creation. (optional) |
| handleSpecialCharacterConstraint | Bool | Determines if School Data Sync should automatically replace unsupported special characters while syncing from source. | | identitySynchronizationConfiguration | [educationIdentitySynchronizationConfiguration] | Determines how the Profile should [create new][fullsync] or [match existing][dirsync] AAD Users. | | licensesToAssign | [educationSynchronizationLicenseAssignment] collection | License setup configuration. |
v1.0 Enums Search https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/enums-search.md
+
+ Title: "Search enum values"
+description: "Microsoft Graph search enumeration values."
+ms.localizationpriority: medium
+++
+# Search enum values
+
+Namespace: microsoft.graph.search
++
+### answerState values
+
+|Member|
+|:|
+|Published|
+|Draft|
+|Excluded|
+|unknownFutureValue|
+
+<!--
+{
+ "type": "#page.annotation",
+ "namespace": "microsoft.graph.search"
+}
+-->
v1.0 Enums https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/enums.md
Namespace: microsoft.graph
+### accessPackageCustomExtensionHandlerStatus values
+
+|Member|
+|:|
+|requestSent|
+|requestReceived|
+|unknownFutureValue|
+
+### accessPackageCustomExtensionStage values
+
+|Member|
+|:|
+|assignmentRequestCreated|
+|assignmentRequestApproved|
+|assignmentRequestGranted|
+|assignmentRequestRemoved|
+|assignmentFourteenDaysBeforeExpiration|
+|assignmentOneDayBeforeExpiration|
+|unknownFutureValue|
+
+### accessReviewHistoryStatus values
+
+| Member|
+|:--|
+|done|
+|inprogress|
+|error|
+|requested|
+|unknownFutureValue|
+
+### accessReviewHistoryDecisionFilter values
+
+| Member|
+|:--|
+|approve|
+|deny|
+|notReviewed|
+|dontKnow|
+|notNotified|
+|unknownFutureValue|
++ ### accessReviewHistoryStatus values |Member|
Namespace: microsoft.graph
### appCredentialRestrictionType values
-|Member|
-|:--|
-|passwordAddition|
-|passwordLifetime|
-|symmetricKeyAddition|
-|symmetricKeyLifetime|
-|unknownFutureValue|
+| Member |
+| : |
+| passwordAddition |
+| passwordLifetime |
+| symmetricKeyAddition |
+| symmetricKeyLifetime |
+| customPasswordAddition |
+| unknownFutureValue |
### appKeyCredentialRestrictionType values
Namespace: microsoft.graph
### searchAlterationType values
-| Member | Description |
-|:|:-|
-|suggestion|Get search results for original user query and the suggested spelling correction information for typos in the query.|
-|modification|Get search results for corrected alterate query and the spelling correction information for typos.|
+| Member |
+|:|
+|modification|
+|suggestion|
### bucketAggregationSortProperty values
Possible values for user account types (group membership), per Windows definitio
|other| |unknownFutureValue|
+### plannerContextState values
+
+|Member |
+|:|
+|active |
+|delinked |
+|unknownFutureValue |
++ ### policyScope values |Member|
v1.0 Extensionproperty https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/extensionproperty.md
Represents a directory extension that can be used to add a custom property to di
Extensions can be added to [user](user.md), [group](group.md), [organization](organization.md), [device](device.md), [application](application.md) resources. Only 100 extension values, across *all* types and *all* applications, can be written to any single Azure AD resource.
+Inherits from [directoryObject](directoryobject.md).
+ > [!IMPORTANT] > Azure AD schema extensions described here are available in Microsoft Graph for backwards compatibility reasons only. > It allows you to use Microsoft Graph to continue to manage extension properties added through Azure AD Graph (deprecated) or [Azure AD Connect](/azure/active-directory/hybrid/whatis-azure-ad-connect).
Extensions can be added to [user](user.md), [group](group.md), [organization](or
| Method | Return Type | Description | |:-|:|:|
-| [List extensions](../api/application-list-extensionproperty.md) | [extensionProperty](extensionProperty.md) collection | List extension properties on an application object. |
-| [Create extension](../api/application-post-extensionproperty.md) | [extensionProperty](extensionProperty.md) | Create an extension property on an application object. |
-| [Delete extension](../api/application-delete-extensionproperty.md) | None | Delete an extension property from an application object. |
+| [Create extensionProperties](../api/application-post-extensionproperty.md) | [extensionProperty](extensionProperty.md) | Create an extension property on an application object. |
+| [List extensionProperties](../api/application-list-extensionproperty.md) | [extensionProperty](extensionProperty.md) collection | List extension properties on an application object. |
+| [Get extensionProperty](../api/extensionproperty-get.md) | [extensionProperty](extensionProperty.md) collection | List extension properties on an application object. |
+| [Delete extensionProperty](../api/extensionproperty-delete.md) | None | Delete an extension property from an application object. |
+
+> [!TIP]
+> 1. To set a value for the extension property to an instance of a resource that is specified in **targetObjects**, use the Update operation of the resource. For example, the [Update user](../api/user-update.md) API to set the value for a user.
+> 2. To remove the extension property and its value from an instance of a resource that is specified in **targetObjects**, set the value of the extension property to `null`.
## Properties
Extensions can be added to [user](user.md), [group](group.md), [organization](or
|:-|:|:| |appDisplayName|String| Display name of the application object on which this extension property is defined. Read-only. | |dataType|String| Specifies the data type of the value the extension property can hold. Following values are supported. Not nullable. <ul><li>`Binary` - 256 bytes maximum</li><li>`Boolean`</li><li>`DateTime` - Must be specified in ISO 8601 format. Will be stored in UTC.</li><li>`Integer` - 32-bit value.</li><li>`LargeInteger` - 64-bit value.</li><li>`String` - 256 characters maximum</li></ul>|
+|deletedDateTime|DateTimeOffset|Date and time when this object was deleted. Always `null` when the object hasn't been deleted. Inherited from [directoryObject](directoryobject.md).|
|isSyncedFromOnPremises|Boolean| Indicates if this extension property was synced from on-premises active directory using Azure AD Connect. Read-only. | |name|String| Name of the extension property. Not nullable. | |targetObjects|String collection| Following values are supported. Not nullable. <ul><li>`User`</li><li>`Group`</li><li>`Organization`</li><li>`Device`</li><li>`Application`</li></ul>|
The following is a JSON representation of the resource.
<!-- { "blockType": "resource",
- "optionalProperties": [
-
- ],
+ "keyProperty": "id",
"@odata.type": "microsoft.graph.extensionProperty",
- "keyProperty": "id"
-}-->
-
-```json
+ "baseType": "microsoft.graph.directoryObject",
+ "openType": true
+}
+-->
+``` json
{
+ "@odata.type": "#microsoft.graph.extensionProperty",
+ "id": "String (identifier)",
+ "deletedDateTime": "String (timestamp)",
"appDisplayName": "String",
- "dataType": "String",
- "isSyncedFromOnPremises": true,
"name": "String",
- "targetObjects": ["String"]
+ "dataType": "String",
+ "isSyncedFromOnPremises": "Boolean",
+ "targetObjects": [
+ "String"
+ ]
} ```
v1.0 Governancepermission https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/governancepermission.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents the access permission that a [governanceSubject](../resources/governancesubject.md) has to a specific [governanceResource](../resources/governanceresource.md).
v1.0 Governanceresource https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/governanceresource.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents resources that could be managed by Privileged Identity Management (PIM). For Azure resources, it can be a subscription, a resource group, and a resource such as a virtual machine, a SQL database, etc.
v1.0 Governanceroleassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/governanceroleassignment.md
Namespace: microsoft.graph [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents the assignment of a user or group to a role.
v1.0 Governanceroleassignmentrequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/governanceroleassignmentrequest.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents the request for role assignment operations in Privileged Identity Management.
v1.0 Governanceroledefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/governanceroledefinition.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents the role definitions. For Azure resources, it can represent Azure RBAC roles, such as Owner, Reader, Contributor, etc.
v1.0 Governancerolesetting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/governancerolesetting.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents a set of configurations on each role definition that needs to be evaluated against when role assignments are created or modified. For example, role settings might include "maximum assignment duration" rule, "MFA required on activation" rule, and so on.
v1.0 Governancerulesetting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/governancerulesetting.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents the rules that the role settings are composed of.
v1.0 Governanceschedule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/governanceschedule.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents the schedule for a [governanceRoleAssignmentRequest](../resources/governanceroleassignmentrequest.md). For a role assignment request, the schedule controls when to perform the role assignment operation, when to stop the role assignment, and how frequently to do the role assignment operation.
v1.0 Group https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/group.md
This resource supports:
| [delta](../api/group-delta.md) | group collection | Get incremental changes for groups. | | [Add members](../api/group-post-members.md) | [directoryObject](directoryobject.md) | Add a user or group to this group by posting to the **members** navigation property (supported for security groups and Microsoft 365 groups only). | | [Add owners](../api/group-post-owners.md) | [directoryObject](directoryobject.md) | Add a new owner for the group by posting to the **owners** navigation property (supported for security groups and Microsoft 365 groups only). |
-| [Create setting](../api/directorysetting-post-settings.md) | [directorySetting](directorysetting.md) | Create a setting object based on a directorySettingTemplate. The POST request must provide settingValues for all the settings defined in the template. Only groups specific templates may be used for this operation. |
+| [Create setting](../api/group-post-settings.md) | [directorySetting](directorysetting.md) | Create a setting object based on a directorySettingTemplate. The POST request must provide settingValues for all the settings defined in the template. Only groups specific templates may be used for this operation. |
| [Delete setting](../api/directorysetting-delete.md) | None | Delete a setting object. | | [Get endpoint](../api/endpoint-get.md) | [endpoint](endpoint.md) | Read properties and relationships of an endpoint object. | | [Get setting](../api/directorysetting-get.md) | [directorySetting](directorysetting.md) | Read properties of a specific setting object. |
This resource supports:
| [List memberOf](../api/group-list-memberof.md) | [directoryObject](directoryobject.md) collection | Get the groups and administrative units that this group is a direct member of from the memberOf navigation property. | | [List groupLifecyclePolicies](../api/group-list-grouplifecyclepolicies.md) | [groupLifecyclePolicy](grouplifecyclepolicy.md) collection | List group lifecycle policies. | | [List owners](../api/group-list-owners.md) | [directoryObject](directoryobject.md) collection | Get the owners of the group from the **owners** navigation property. |
-| [List settings](../api/directorysetting-list.md) | [directorySetting](directorysetting.md) collection | List properties of all setting objects. |
+| [List settings](../api/group-list-settings.md) | [directorySetting](directorysetting.md) collection | List properties of all setting objects. |
| [List transitive members](../api/group-list-transitivemembers.md) | [directoryObject](directoryobject.md) collection | Get the users, groups, devices, and service principals that are members, including nested members of this group. | | [List transitive memberOf](../api/group-list-transitivememberof.md) | [directoryObject](directoryobject.md) collection | List the groups and administrative units that this group is a member of. This operation is transitive and includes the groups that this group is a nested member of. | | [Remove owner](../api/group-delete-owners.md) | None | Remove an owner from a Microsoft 365 group or a security group through the **owners** navigation property. |
v1.0 Grouplifecyclepolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/grouplifecyclepolicy.md
Here is a JSON representation of the resource.
{ "alternateNotificationEmails": "String", "groupLifetimeInDays": 180,
- "id": "Guid (identifier)",
+ "id": "String (identifier)",
"managedGroupTypes": "String" } ```
v1.0 Intune Androidforwork Androidforworkappconfigurationschemaitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-androidforwork-androidforworkappconfigurationschemaitem.md
Single configuration item inside an Android for Work application's custom config
|defaultStringValue|String|Default value for string type items, if specified by the app developer| |defaultStringArrayValue|String collection|Default value for string array type items, if specified by the app developer| |dataType|[androidForWorkAppConfigurationSchemaItemDataType](../resources/intune-androidforwork-androidforworkappconfigurationschemaitemdatatype.md)|The type of value this item describes. Possible values are: `bool`, `integer`, `string`, `choice`, `multiselect`, `bundle`, `bundleArray`, `hidden`.|
-|selections|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|List of human readable name/value pairs for the valid values that can be set for this item (Choice and Multiselect items only)|
+|selections|[keyValuePair](../resources/intune-androidforwork-keyvaluepair.md) collection|List of human readable name/value pairs for the valid values that can be set for this item (Choice and Multiselect items only)|
## Relationships None
v1.0 Intune Androidforwork Androidmanagedstoreappconfigurationschemaitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-androidforwork-androidmanagedstoreappconfigurationschemaitem.md
Single configuration item inside an Android application's custom configuration s
|defaultStringValue|String|Default value for string type items, if specified by the app developer| |defaultStringArrayValue|String collection|Default value for string array type items, if specified by the app developer| |dataType|[androidManagedStoreAppConfigurationSchemaItemDataType](../resources/intune-androidforwork-androidmanagedstoreappconfigurationschemaitemdatatype.md)|The type of value this item describes. Possible values are: `bool`, `integer`, `string`, `choice`, `multiselect`, `bundle`, `bundleArray`, `hidden`.|
-|selections|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|List of human readable name/value pairs for the valid values that can be set for this item (Choice and Multiselect items only)|
+|selections|[keyValuePair](../resources/intune-androidforwork-keyvaluepair.md) collection|List of human readable name/value pairs for the valid values that can be set for this item (Choice and Multiselect items only)|
## Relationships None
v1.0 Intune Androidforwork Keyvaluepair https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-androidforwork-keyvaluepair.md
Here is a JSON representation of the resource.
+
v1.0 Intune App Conceptual https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-app-conceptual.md
The following Graph resources are available to manage app protection polices in
- [iOS VPP app revoke licenses action result](intune-apps-iosvppapprevokelicensesactionresult.md) - [iOS VPP e-book](intune-books-iosvppebook.md) - [iOS VPP e-book assignment](intune-books-iosvppebookassignment.md)
+- [Key/value pair](intune-androidforwork-keyvaluepair.md)
- [macOS dmg app](intune-apps-macosdmgapp.md) - [macOS included app](intune-apps-macosincludedapp.md) - [macOS LOB app](intune-apps-macoslobapp.md)
v1.0 Intune Device Cfg Conceptual https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-device-cfg-conceptual.md
The following Graph resources are available to manage settings and features on d
- [Android work profile VPN configuration](intune-deviceconfig-androidworkprofilevpnconfiguration.md) - [Android work profile VPN connection type](intune-deviceconfig-androidworkprofilevpnconnectiontype.md) - [Android work profile Wi-Fi configuration](intune-deviceconfig-androidworkprofilewificonfiguration.md)
+- [Aosp device owner certificate profile base](intune-deviceconfig-aospdeviceownercertificateprofilebase.md)
- [Aosp device owner compliance policy](intune-deviceconfig-aospdeviceownercompliancepolicy.md) - [Aosp device owner device configuration](intune-deviceconfig-aospdeviceownerdeviceconfiguration.md)
+- [Aosp device owner PKCS certificate profile](intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md)
+- [Aosp device owner trusted root certificate](intune-deviceconfig-aospdeviceownertrustedrootcertificate.md)
- [App install control type](intune-deviceconfig-appinstallcontroltype.md) - [App list item](intune-deviceconfig-applistitem.md) - [App list type](intune-deviceconfig-applisttype.md)
The following Graph resources are available to manage settings and features on d
- [Key string value pair](intune-deviceconfig-keystringvaluepair.md) - [Key typed value pair](intune-deviceconfig-keytypedvaluepair.md) - [Key value](intune-deviceconfig-keyvalue.md)
+- [Key/value pair](intune-deviceconfig-keyvaluepair.md)
+- [Key/value pair](intune-deviceconfig-keyvaluepair.md)
- [Kiosk mode managed home screen PIN complexity](intune-deviceconfig-kioskmodemanagedhomescreenpincomplexity.md) - [LAN manager authentication level](intune-deviceconfig-lanmanagerauthenticationlevel.md) - [Local security options administrator elevation prompt behavior type](intune-deviceconfig-localsecurityoptionsadministratorelevationpromptbehaviortype.md)
The following Graph resources are available to manage settings and features on d
- [Restricted apps state](intune-deviceconfig-restrictedappsstate.md) - [Restricted apps violation](intune-deviceconfig-restrictedappsviolation.md) - [Retire scheduled managed device](intune-deviceconfig-retirescheduledmanageddevice.md)
+- [Run state](intune-deviceconfig-runstate.md)
- [Safe search filter type](intune-deviceconfig-safesearchfiltertype.md) - [Scheduled retire state](intune-deviceconfig-scheduledretirestate.md) - [Secure assessment account type](intune-deviceconfig-secureassessmentaccounttype.md)
v1.0 Intune Device Mgt Conceptual https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-device-mgt-conceptual.md
Namespace: microsoft.graph
- [Revoke apple VPP licenses action result](intune-devices-revokeapplevpplicensesactionresult.md) - [Role scope tag info](intune-auditing-rolescopetaginfo.md) - [Rotate BitLocker keys device action result](intune-devices-rotatebitlockerkeysdeviceactionresult.md)
+- [Run state](intune-devices-runstate.md)
- [Security baseline category state summary](intune-deviceintent-securitybaselinecategorystatesummary.md) - [Security baseline compliance state](intune-deviceintent-securitybaselinecompliancestate.md) - [Security baseline contributing policy](intune-deviceintent-securitybaselinecontributingpolicy.md)
v1.0 Intune Deviceconfig Androiddeviceownervpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androiddeviceownervpnconfiguration.md
Inherits from [vpnConfiguration](../resources/intune-deviceconfig-vpnconfigurati
|alwaysOnLockdown|Boolean|If always-on VPN connection is enabled, whether or not to lock network traffic when that VPN is disconnected.| |microsoftTunnelSiteId|String|Microsoft Tunnel site ID.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements.|
## Relationships |Relationship|Type|Description|
v1.0 Intune Deviceconfig Androidforworkvpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androidforworkvpnconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| ## Relationships
v1.0 Intune Deviceconfig Androidvpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androidvpnconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| ## Relationships
v1.0 Intune Deviceconfig Androidworkprofilevpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-androidworkprofilevpnconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|servers|[vpnServer](../resources/intune-deviceconfig-vpnserver.md) collection|List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.| |fingerprint|String|Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when connection type is Check Point Capsule VPN.| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements.|
|authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |proxyServer|[vpnProxyServer](../resources/intune-deviceconfig-vpnproxyserver.md)|Proxy server.| |targetedPackageIds|String collection|Targeted App package IDs.|
v1.0 Intune Deviceconfig Aospdeviceownercertificateprofilebase https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-aospdeviceownercertificateprofilebase.md
+
+ Title: "aospDeviceOwnerCertificateProfileBase resource type"
+description: "AOSP Device Owner certificate profile base."
+
+localization_priority: Normal
++
+# aospDeviceOwnerCertificateProfileBase resource type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+AOSP Device Owner certificate profile base.
++
+Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)
+
+## Methods
+|Method|Return Type|Description|
+|:|:|:|
+|[List aospDeviceOwnerCertificateProfileBases](../api/intune-deviceconfig-aospdeviceownercertificateprofilebase-list.md)|[aospDeviceOwnerCertificateProfileBase](../resources/intune-deviceconfig-aospdeviceownercertificateprofilebase.md) collection|List properties and relationships of the [aospDeviceOwnerCertificateProfileBase](../resources/intune-deviceconfig-aospdeviceownercertificateprofilebase.md) objects.|
+|[Get aospDeviceOwnerCertificateProfileBase](../api/intune-deviceconfig-aospdeviceownercertificateprofilebase-get.md)|[aospDeviceOwnerCertificateProfileBase](../resources/intune-deviceconfig-aospdeviceownercertificateprofilebase.md)|Read properties and relationships of the [aospDeviceOwnerCertificateProfileBase](../resources/intune-deviceconfig-aospdeviceownercertificateprofilebase.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Key of the entity. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|lastModifiedDateTime|DateTimeOffset|DateTime the object was last modified. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|roleScopeTagIds|String collection|List of Scope Tags for this Entity instance. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|supportsScopeTags|Boolean|Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsEdition|[deviceManagementApplicabilityRuleOsEdition](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosedition.md)|The OS edition applicability for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsVersion|[deviceManagementApplicabilityRuleOsVersion](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosversion.md)|The OS version applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleDeviceMode|[deviceManagementApplicabilityRuleDeviceMode](../resources/intune-deviceconfig-devicemanagementapplicabilityruledevicemode.md)|The device mode applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|createdDateTime|DateTimeOffset|DateTime the object was created. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|description|String|Admin provided description of the Device Configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|displayName|String|Admin provided name of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|version|Int32|Version of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|groupAssignments|[deviceConfigurationGroupAssignment](../resources/intune-deviceconfig-deviceconfigurationgroupassignment.md) collection|The list of group assignments for the device configuration profile. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|assignments|[deviceConfigurationAssignment](../resources/intune-deviceconfig-deviceconfigurationassignment.md) collection|The list of assignments for the device configuration profile. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceStatuses|[deviceConfigurationDeviceStatus](../resources/intune-deviceconfig-deviceconfigurationdevicestatus.md) collection|Device configuration installation status by device. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|userStatuses|[deviceConfigurationUserStatus](../resources/intune-deviceconfig-deviceconfigurationuserstatus.md) collection|Device configuration installation status by user. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceStatusOverview|[deviceConfigurationDeviceOverview](../resources/intune-deviceconfig-deviceconfigurationdeviceoverview.md)|Device Configuration devices status overview Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|userStatusOverview|[deviceConfigurationUserOverview](../resources/intune-deviceconfig-deviceconfigurationuseroverview.md)|Device Configuration users status overview Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceSettingStateSummaries|[settingStateDeviceSummary](../resources/intune-deviceconfig-settingstatedevicesummary.md) collection|Device Configuration Setting State Device Summary Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+
+## JSON Representation
+Here is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.aospDeviceOwnerCertificateProfileBase"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerCertificateProfileBase",
+ "id": "String (identifier)",
+ "lastModifiedDateTime": "String (timestamp)",
+ "roleScopeTagIds": [
+ "String"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "String"
+ ],
+ "name": "String",
+ "ruleType": "String"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "String",
+ "maxOSVersion": "String",
+ "name": "String",
+ "ruleType": "String"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "String",
+ "name": "String",
+ "ruleType": "String"
+ },
+ "createdDateTime": "String (timestamp)",
+ "description": "String",
+ "displayName": "String",
+ "version": 1024
+}
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownerpkcscertificateprofile https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md
+
+ Title: "aospDeviceOwnerPkcsCertificateProfile resource type"
+description: "AOSP Device Owner PKCS certificate profile"
+
+localization_priority: Normal
++
+# aospDeviceOwnerPkcsCertificateProfile resource type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+AOSP Device Owner PKCS certificate profile
++
+Inherits from [aospDeviceOwnerCertificateProfileBase](../resources/intune-deviceconfig-aospdeviceownercertificateprofilebase.md)
+
+## Methods
+|Method|Return Type|Description|
+|:|:|:|
+|[List aospDeviceOwnerPkcsCertificateProfiles](../api/intune-deviceconfig-aospdeviceownerpkcscertificateprofile-list.md)|[aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) collection|List properties and relationships of the [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) objects.|
+|[Get aospDeviceOwnerPkcsCertificateProfile](../api/intune-deviceconfig-aospdeviceownerpkcscertificateprofile-get.md)|[aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md)|Read properties and relationships of the [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) object.|
+|[Create aospDeviceOwnerPkcsCertificateProfile](../api/intune-deviceconfig-aospdeviceownerpkcscertificateprofile-create.md)|[aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md)|Create a new [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) object.|
+|[Delete aospDeviceOwnerPkcsCertificateProfile](../api/intune-deviceconfig-aospdeviceownerpkcscertificateprofile-delete.md)|None|Deletes a [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md).|
+|[Update aospDeviceOwnerPkcsCertificateProfile](../api/intune-deviceconfig-aospdeviceownerpkcscertificateprofile-update.md)|[aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md)|Update the properties of a [aospDeviceOwnerPkcsCertificateProfile](../resources/intune-deviceconfig-aospdeviceownerpkcscertificateprofile.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Key of the entity. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|lastModifiedDateTime|DateTimeOffset|DateTime the object was last modified. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|roleScopeTagIds|String collection|List of Scope Tags for this Entity instance. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|supportsScopeTags|Boolean|Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsEdition|[deviceManagementApplicabilityRuleOsEdition](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosedition.md)|The OS edition applicability for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsVersion|[deviceManagementApplicabilityRuleOsVersion](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosversion.md)|The OS version applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleDeviceMode|[deviceManagementApplicabilityRuleDeviceMode](../resources/intune-deviceconfig-devicemanagementapplicabilityruledevicemode.md)|The device mode applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|createdDateTime|DateTimeOffset|DateTime the object was created. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|description|String|Admin provided description of the Device Configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|displayName|String|Admin provided name of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|version|Int32|Version of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|certificationAuthority|String|PKCS Certification Authority|
+|certificationAuthorityName|String|PKCS Certification Authority Name|
+|certificationAuthorityType|[deviceManagementCertificationAuthority](../resources/intune-deviceconfig-devicemanagementcertificationauthority.md)|Certification authority type. Possible values are: `notConfigured`, `microsoft`, `digiCert`.|
+|certificateTemplateName|String|PKCS Certificate Template Name|
+|subjectAlternativeNameFormatString|String|Custom String that defines the AAD Attribute.|
+|subjectNameFormatString|String|Custom format to use with SubjectNameFormat = Custom. Example: CN={{EmailAddress}},E={{EmailAddress}},OU=Enterprise Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US|
+|certificateStore|[certificateStore](../resources/intune-shared-certificatestore.md)|Target store certificate. Possible values are: `user`, `machine`.|
+|customSubjectAlternativeNames|[customSubjectAlternativeName](../resources/intune-deviceconfig-customsubjectalternativename.md) collection|Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|groupAssignments|[deviceConfigurationGroupAssignment](../resources/intune-deviceconfig-deviceconfigurationgroupassignment.md) collection|The list of group assignments for the device configuration profile. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|assignments|[deviceConfigurationAssignment](../resources/intune-deviceconfig-deviceconfigurationassignment.md) collection|The list of assignments for the device configuration profile. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceStatuses|[deviceConfigurationDeviceStatus](../resources/intune-deviceconfig-deviceconfigurationdevicestatus.md) collection|Device configuration installation status by device. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|userStatuses|[deviceConfigurationUserStatus](../resources/intune-deviceconfig-deviceconfigurationuserstatus.md) collection|Device configuration installation status by user. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceStatusOverview|[deviceConfigurationDeviceOverview](../resources/intune-deviceconfig-deviceconfigurationdeviceoverview.md)|Device Configuration devices status overview Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|userStatusOverview|[deviceConfigurationUserOverview](../resources/intune-deviceconfig-deviceconfigurationuseroverview.md)|Device Configuration users status overview Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceSettingStateSummaries|[settingStateDeviceSummary](../resources/intune-deviceconfig-settingstatedevicesummary.md) collection|Device Configuration Setting State Device Summary Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|managedDeviceCertificateStates|[managedDeviceCertificateState](../resources/intune-deviceconfig-manageddevicecertificatestate.md) collection|Certificate state for devices. This collection can contain a maximum of 2147483647 elements.|
+
+## JSON Representation
+Here is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.aospDeviceOwnerPkcsCertificateProfile"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerPkcsCertificateProfile",
+ "id": "String (identifier)",
+ "lastModifiedDateTime": "String (timestamp)",
+ "roleScopeTagIds": [
+ "String"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "String"
+ ],
+ "name": "String",
+ "ruleType": "String"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "String",
+ "maxOSVersion": "String",
+ "name": "String",
+ "ruleType": "String"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "String",
+ "name": "String",
+ "ruleType": "String"
+ },
+ "createdDateTime": "String (timestamp)",
+ "description": "String",
+ "displayName": "String",
+ "version": 1024,
+ "certificationAuthority": "String",
+ "certificationAuthorityName": "String",
+ "certificationAuthorityType": "String",
+ "certificateTemplateName": "String",
+ "subjectAlternativeNameFormatString": "String",
+ "subjectNameFormatString": "String",
+ "certificateStore": "String",
+ "customSubjectAlternativeNames": [
+ {
+ "@odata.type": "microsoft.graph.customSubjectAlternativeName",
+ "sanType": "String",
+ "name": "String"
+ }
+ ]
+}
+```
++++
v1.0 Intune Deviceconfig Aospdeviceownertrustedrootcertificate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md
+
+ Title: "aospDeviceOwnerTrustedRootCertificate resource type"
+description: "AOSP Device Owner Trusted Root Certificate configuration profile"
+
+localization_priority: Normal
++
+# aospDeviceOwnerTrustedRootCertificate resource type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+AOSP Device Owner Trusted Root Certificate configuration profile
++
+Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)
+
+## Methods
+|Method|Return Type|Description|
+|:|:|:|
+|[List aospDeviceOwnerTrustedRootCertificates](../api/intune-deviceconfig-aospdeviceownertrustedrootcertificate-list.md)|[aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) collection|List properties and relationships of the [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) objects.|
+|[Get aospDeviceOwnerTrustedRootCertificate](../api/intune-deviceconfig-aospdeviceownertrustedrootcertificate-get.md)|[aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md)|Read properties and relationships of the [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) object.|
+|[Create aospDeviceOwnerTrustedRootCertificate](../api/intune-deviceconfig-aospdeviceownertrustedrootcertificate-create.md)|[aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md)|Create a new [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) object.|
+|[Delete aospDeviceOwnerTrustedRootCertificate](../api/intune-deviceconfig-aospdeviceownertrustedrootcertificate-delete.md)|None|Deletes a [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md).|
+|[Update aospDeviceOwnerTrustedRootCertificate](../api/intune-deviceconfig-aospdeviceownertrustedrootcertificate-update.md)|[aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md)|Update the properties of a [aospDeviceOwnerTrustedRootCertificate](../resources/intune-deviceconfig-aospdeviceownertrustedrootcertificate.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Key of the entity. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|lastModifiedDateTime|DateTimeOffset|DateTime the object was last modified. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|roleScopeTagIds|String collection|List of Scope Tags for this Entity instance. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|supportsScopeTags|Boolean|Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsEdition|[deviceManagementApplicabilityRuleOsEdition](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosedition.md)|The OS edition applicability for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleOsVersion|[deviceManagementApplicabilityRuleOsVersion](../resources/intune-deviceconfig-devicemanagementapplicabilityruleosversion.md)|The OS version applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceManagementApplicabilityRuleDeviceMode|[deviceManagementApplicabilityRuleDeviceMode](../resources/intune-deviceconfig-devicemanagementapplicabilityruledevicemode.md)|The device mode applicability rule for this Policy. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|createdDateTime|DateTimeOffset|DateTime the object was created. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|description|String|Admin provided description of the Device Configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|displayName|String|Admin provided name of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|version|Int32|Version of the device configuration. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|trustedRootCertificate|Binary|Trusted Root Certificate|
+|certFileName|String|File name to display in UI.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|groupAssignments|[deviceConfigurationGroupAssignment](../resources/intune-deviceconfig-deviceconfigurationgroupassignment.md) collection|The list of group assignments for the device configuration profile. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|assignments|[deviceConfigurationAssignment](../resources/intune-deviceconfig-deviceconfigurationassignment.md) collection|The list of assignments for the device configuration profile. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceStatuses|[deviceConfigurationDeviceStatus](../resources/intune-deviceconfig-deviceconfigurationdevicestatus.md) collection|Device configuration installation status by device. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|userStatuses|[deviceConfigurationUserStatus](../resources/intune-deviceconfig-deviceconfigurationuserstatus.md) collection|Device configuration installation status by user. Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceStatusOverview|[deviceConfigurationDeviceOverview](../resources/intune-deviceconfig-deviceconfigurationdeviceoverview.md)|Device Configuration devices status overview Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|userStatusOverview|[deviceConfigurationUserOverview](../resources/intune-deviceconfig-deviceconfigurationuseroverview.md)|Device Configuration users status overview Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+|deviceSettingStateSummaries|[settingStateDeviceSummary](../resources/intune-deviceconfig-settingstatedevicesummary.md) collection|Device Configuration Setting State Device Summary Inherited from [deviceConfiguration](../resources/intune-shared-deviceconfiguration.md)|
+
+## JSON Representation
+Here is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.aospDeviceOwnerTrustedRootCertificate"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.aospDeviceOwnerTrustedRootCertificate",
+ "id": "String (identifier)",
+ "lastModifiedDateTime": "String (timestamp)",
+ "roleScopeTagIds": [
+ "String"
+ ],
+ "supportsScopeTags": true,
+ "deviceManagementApplicabilityRuleOsEdition": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
+ "osEditionTypes": [
+ "String"
+ ],
+ "name": "String",
+ "ruleType": "String"
+ },
+ "deviceManagementApplicabilityRuleOsVersion": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
+ "minOSVersion": "String",
+ "maxOSVersion": "String",
+ "name": "String",
+ "ruleType": "String"
+ },
+ "deviceManagementApplicabilityRuleDeviceMode": {
+ "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
+ "deviceMode": "String",
+ "name": "String",
+ "ruleType": "String"
+ },
+ "createdDateTime": "String (timestamp)",
+ "description": "String",
+ "displayName": "String",
+ "version": 1024,
+ "trustedRootCertificate": "binary",
+ "certFileName": "String"
+}
+```
++++
v1.0 Intune Deviceconfig Applevpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-applevpnconfiguration.md
Inherits from [deviceConfiguration](../resources/intune-shared-deviceconfigurati
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location.| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements.|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements.|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements.|
|enableSplitTunneling|Boolean|Send all network traffic through VPN.| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device.|
v1.0 Intune Deviceconfig Devicemanagementsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-devicemanagementsettings.md
Not yet documented
|ignoreDevicesForUnsupportedSettingsEnabled|Boolean|The property to determine whether to ignore unsupported compliance settings on certian models of devices.| |enableLogCollection|Boolean|Determines whether the log collection feature should be available for use.| |enableAutopilotDiagnostics|Boolean|Determines whether the autopilot diagnostic feature is enabled or not.|
+|enableEnhancedTroubleshootingExperience|Boolean|Determines whether the enhanced troubleshooting UX is enabled or not.|
+|enableDeviceGroupMembershipReport|Boolean|Determines whether the device group membership report feature is enabled or not.|
## Relationships None
Here is a JSON representation of the resource.
"androidDeviceAdministratorEnrollmentEnabled": true, "ignoreDevicesForUnsupportedSettingsEnabled": true, "enableLogCollection": true,
- "enableAutopilotDiagnostics": true
+ "enableAutopilotDiagnostics": true,
+ "enableEnhancedTroubleshootingExperience": true,
+ "enableDeviceGroupMembershipReport": true
} ```
v1.0 Intune Deviceconfig Hardwareconfigurationdevicestate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-hardwareconfigurationdevicestate.md
Contains properties for device run state of the hardware configuration
|upn|String|User Principal Name (UPN).| |internalVersion|Int32|The Policy internal version| |lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the hardware configuration executed|
-|configurationState|[runState](../resources/intune-shared-runstate.md)|Configuration state from the lastest hardware configuration execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|configurationState|[runState](../resources/intune-deviceconfig-runstate.md)|Configuration state from the lastest hardware configuration execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|configurationOutput|String|Output of the hardware configuration execution| |configurationError|String|Error from the hardware configuration execution|
v1.0 Intune Deviceconfig Iosikev2vpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-iosikev2vpnconfiguration.md
Inherits from [iosVpnConfiguration](../resources/intune-deviceconfig-iosvpnconfi
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Iosvpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-iosvpnconfiguration.md
Inherits from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnc
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Keyvaluepair https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-keyvaluepair.md
Here is a JSON representation of the resource.
+
v1.0 Intune Deviceconfig Macosdevicefeaturesconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-macosdevicefeaturesconfiguration.md
Inherits from [appleDeviceFeaturesConfigurationBase](../resources/intune-devicec
|powerOffDisabledWhileLoggedIn|Boolean|Whether the Power Off menu item on the login window will be disabled while the user is logged in.| |logOutDisabledWhileLoggedIn|Boolean|Whether the Log Out menu item on the login window will be disabled while the user is logged in.| |screenLockDisableImmediate|Boolean|Whether to disable the immediate screen lock functions.|
-|associatedDomains|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|DEPRECATED: use appAssociatedDomains instead. Gets or sets a list that maps apps to their associated domains. The key should match the app's ID, and the value should be a string in the form of "service:domain" where domain is a fully qualified hostname (e.g. webcredentials:example.com). This collection can contain a maximum of 500 elements.|
+|associatedDomains|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|DEPRECATED: use appAssociatedDomains instead. Gets or sets a list that maps apps to their associated domains. The key should match the app's ID, and the value should be a string in the form of "service:domain" where domain is a fully qualified hostname (e.g. webcredentials:example.com). This collection can contain a maximum of 500 elements.|
|appAssociatedDomains|[macOSAssociatedDomainsItem](../resources/intune-deviceconfig-macosassociateddomainsitem.md) collection|Gets or sets a list that maps apps to their associated domains. Application identifiers must be unique. This collection can contain a maximum of 500 elements.| |singleSignOnExtension|[singleSignOnExtension](../resources/intune-deviceconfig-singlesignonextension.md)|Gets or sets a single sign-on extension profile. Deprecated: use MacOSSingleSignOnExtension instead.| |macOSSingleSignOnExtension|[macOSSingleSignOnExtension](../resources/intune-deviceconfig-macossinglesignonextension.md)|Gets or sets a single sign-on extension profile.|
v1.0 Intune Deviceconfig Macosvpnconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-macosvpnconfiguration.md
Inherits from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnc
|server|[vpnServer](../resources/intune-deviceconfig-vpnserver.md)|VPN Server on the network. Make sure end users can access this network location. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |identifier|String|Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an identifier of the form com.cisco.anyconnect.applevpn.plugin Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |customData|[keyValue](../resources/intune-deviceconfig-keyvalue.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
-|customKeyValueData|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
+|customKeyValueData|[keyValuePair](../resources/intune-deviceconfig-keyvaluepair.md) collection|Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection can contain a maximum of 25 elements. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
|enableSplitTunneling|Boolean|Send all network traffic through VPN. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)| |authenticationMethod|[vpnAuthenticationMethod](../resources/intune-deviceconfig-vpnauthenticationmethod.md)|Authentication method for this VPN connection. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md). Possible values are: `certificate`, `usernameAndPassword`, `sharedSecret`, `derivedCredential`, `azureAD`.| |enablePerApp|Boolean|Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN conneciton on the end user's iOS device. Inherited from [appleVpnConfiguration](../resources/intune-deviceconfig-applevpnconfiguration.md)|
v1.0 Intune Deviceconfig Runstate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfig-runstate.md
+
+ Title: "runState enum type"
+description: "Indicates the type of execution status of the device management script."
+
+localization_priority: Normal
++
+# runState enum type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Indicates the type of execution status of the device management script.
+
+## Members
+|Member|Value|Description|
+|:|:|:|
+|unknown|0|Unknown result.|
+|success|1|Script is run successfully.|
+|fail|2|Script failed to run.|
+|scriptError|3|Discovery script hits error.|
+|pending|4|Script is pending to execute.|
+|notApplicable|5|Script is not applicable for this device.|
++++
v1.0 Intune Deviceconfigv2 Devicemanagementconfigurationpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-deviceconfigv2-devicemanagementconfigurationpolicy.md
Device Management Configuration Policy
|description|String|Policy description| |platforms|[deviceManagementConfigurationPlatforms](../resources/intune-deviceconfigv2-devicemanagementconfigurationplatforms.md)|Platforms for this policy. Possible values are: `none`, `android`, `iOS`, `macOS`, `windows10X`, `windows10`, `linux`, `unknownFutureValue`.| |technologies|[deviceManagementConfigurationTechnologies](../resources/intune-deviceconfigv2-devicemanagementconfigurationtechnologies.md)|Technologies for this policy. Possible values are: `none`, `mdm`, `windows10XManagement`, `configManager`, `microsoftSense`, `exchangeOnline`, `linuxMdm`, `unknownFutureValue`.|
-|createdDateTime|DateTimeOffset|Policy creation date and time. This property is read-only.|
-|lastModifiedDateTime|DateTimeOffset|Policy last modification date and time. This property is read-only.|
-|settingCount|Int32|Number of settings. This property is read-only.|
+|createdDateTime|DateTimeOffset|Policy creation date and time|
+|lastModifiedDateTime|DateTimeOffset|Policy last modification date and time|
+|settingCount|Int32|Number of settings|
|creationSource|String|Policy creation source| |roleScopeTagIds|String collection|List of Scope Tags for this Entity instance.| |isAssigned|Boolean|Policy assignment status. This property is read-only.|
v1.0 Intune Devices Devicecompliancescriptdevicestate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-devicecompliancescriptdevicestate.md
Contains properties for device run state of the device compliance script.
|Property|Type|Description| |:|:|:| |id|String|Key of the device compliance script device state entity. This property is read-only.|
-|detectionState|[runState](../resources/intune-shared-runstate.md)|Detection state from the lastest device compliance script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|detectionState|[runState](../resources/intune-devices-runstate.md)|Detection state from the lastest device compliance script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the device compliance script executed| |expectedStateUpdateDateTime|DateTimeOffset|The next timestamp of when the device compliance script is expected to execute| |lastSyncDateTime|DateTimeOffset|The last time that Intune Managment Extension synced with Intune|
v1.0 Intune Devices Devicehealthscriptdevicestate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-devicehealthscriptdevicestate.md
Contains properties for device run state of the device health script.
|Property|Type|Description| |:|:|:| |id|String|Key of the device health script device state entity. This property is read-only.|
-|detectionState|[runState](../resources/intune-shared-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|detectionState|[runState](../resources/intune-devices-runstate.md)|Detection state from the lastest device health script execution. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|lastStateUpdateDateTime|DateTimeOffset|The last timestamp of when the device health script executed| |expectedStateUpdateDateTime|DateTimeOffset|The next timestamp of when the device health script is expected to execute| |lastSyncDateTime|DateTimeOffset|The last time that Intune Managment Extension synced with Intune|
v1.0 Intune Devices Devicemanagementscriptdevicestate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-devicemanagementscriptdevicestate.md
Contains properties for device run state of the device management script.
|Property|Type|Description| |:|:|:| |id|String|Key of the device management script device state entity. This property is read-only.|
-|runState|[runState](../resources/intune-shared-runstate.md)|State of latest run of the device management script. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
+|runState|[runState](../resources/intune-devices-runstate.md)|State of latest run of the device management script. Possible values are: `unknown`, `success`, `fail`, `scriptError`, `pending`, `notApplicable`.|
|resultMessage|String|Details of execution output.| |lastStateUpdateDateTime|DateTimeOffset|Latest time the device management script executes.| |errorCode|Int32|Error code corresponding to erroneous execution of the device management script.|
v1.0 Intune Devices Disktype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-disktype.md
Not yet documented
## Members |Member|Value|Description| |:|:|:|
-|hdd|1|Not yet documented|
-|ssd|2|Not yet documented|
-|unknown|3|Enum member for unknown or default diskType|
+|unknown|0|Enum member for unknown or default diskType|
+|hdd|1|Enum member for HDD devices|
+|ssd|2|Enum member for SSD devices|
+|unknownFutureValue|999|Evolvable enum member|
v1.0 Intune Devices Runstate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-runstate.md
Indicates the type of execution status of the device management script.
+
v1.0 Intune Devices Userexperienceanalyticsdeviceperformance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-devices-userexperienceanalyticsdeviceperformance.md
The user experience analytics device performance entity contains device boot per
|deviceName|String|The user experience analytics device name.| |model|String|The user experience analytics device model.| |manufacturer|String|The user experience analytics device manufacturer.|
-|diskType|[diskType](../resources/intune-devices-disktype.md)|The user experience analytics device disk type. Possible values are: `hdd`, `ssd`, `unknown`.|
+|diskType|[diskType](../resources/intune-devices-disktype.md)|The user experience analytics device disk type. Possible values are: `unknown`, `hdd`, `ssd`, `unknownFutureValue`.|
|operatingSystemVersion|String|The user experience analytics device Operating System version.| |bootScore|Int32|The user experience analytics device boot score.| |coreBootTimeInMs|Int32|The user experience analytics device core boot time in milliseconds.|
v1.0 Intune Enrollment Conceptual https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-enrollment-conceptual.md
The following Graph resources are available to manage corporate-owned devices in
- [Suggested enrollment limit](intune-enrollment-suggestedenrollmentlimit.md) - [Windows autopilot deployment profile assignment](intune-enrollment-windowsautopilotdeploymentprofileassignment.md) - [Windows autopilot device identity](intune-enrollment-windowsautopilotdeviceidentity.md)
+- [Windows autopilot device remediation state](intune-enrollment-windowsautopilotdeviceremediationstate.md)
- [Windows autopilot device type](intune-enrollment-windowsautopilotdevicetype.md) - [Windows autopilot profile assignment detailed status](intune-enrollment-windowsautopilotprofileassignmentdetailedstatus.md) - [Windows autopilot profile assignment status](intune-enrollment-windowsautopilotprofileassignmentstatus.md)
The following Graph resources are available to manage corporate-owned devices in
- [Windows device usage type](intune-enrollment-windowsdeviceusagetype.md) - [Windows enrollment status screen settings](intune-enrollment-windowsenrollmentstatusscreensettings.md) - [Windows user type](intune-enrollment-windowsusertype.md)+
v1.0 Intune Enrollment Depiosenrollmentprofile https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-enrollment-depiosenrollmentprofile.md
Inherits from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrol
|enableAuthenticationViaCompanyPortal|Boolean|Indicates to authenticate with Apple Setup Assistant instead of Company Portal. Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |requireCompanyPortalOnSetupAssistantEnrolledDevices|Boolean|Indicates that Company Portal is required on setup assistant enrolled devices Inherited from [enrollmentProfile](../resources/intune-enrollment-enrollmentprofile.md)| |isDefault|Boolean|Indicates if this is the default profile Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
-|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. See [Enroll devices in Microsoft Intune](/mem/intune/enrollment/) for additional information. Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
+|supervisedModeEnabled|Boolean|Supervised mode, True to enable, false otherwise. See [Intune device enrollment](/mem/intune/enrollment/device-enrollment) for additional information. Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
|supportDepartment|String|Support department information Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)| |isMandatory|Boolean|Indicates if the profile is mandatory Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)| |locationDisabled|Boolean|Indicates if Location service setup pane is disabled Inherited from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrollmentbaseprofile.md)|
Inherits from [depEnrollmentBaseProfile](../resources/intune-enrollment-depenrol
|userSessionTimeoutInSeconds|Int32|Indicates timeout of temporary session| |passcodeLockGracePeriodInSeconds|Int32|Indicates timeout before locked screen requires the user to enter the device passocde to unlock it| |carrierActivationUrl|String|Carrier URL for activating device eSIM.|
-|userlessSharedAadModeEnabled|Boolean|Indicates that this apple device is designated to support 'shared device mode' scenarios. This is distinct from the 'shared iPad' scenario. See [Shared iOS and iPadOS devices](/mem/intune/enrollment/device-enrollment-shared-ios).|
+|userlessSharedAadModeEnabled|Boolean|Indicates that this apple device is designated to support 'shared device mode' scenarios. This is distinct from the 'shared iPad' scenario. See [Shared iOS and iPadOS devices](/mem/intune/enrollment/device-enrollment-shared-ios)|
## Relationships None
v1.0 Intune Enrollment Windowsautopilotdeviceidentity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-enrollment-windowsautopilotdeviceidentity.md
The windowsAutopilotDeviceIdentity resource represents a Windows Autopilot Devic
|azureAdDeviceId|String|AAD Device ID| |managedDeviceId|String|Managed Device ID| |displayName|String|Display Name|
+|deviceAccountUpn|String|Surface Hub Device Account Upn|
+|deviceAccountPassword|String|Surface Hub Device Account Password|
+|deviceFriendlyName|String|Surface Hub Device Friendly Name|
+|remediationState|[windowsAutopilotDeviceRemediationState](../resources/intune-enrollment-windowsautopilotdeviceremediationstate.md)|Device Remediation State. Possible values are: `unknown`, `noRemediationRequired`, `automaticRemediationRequired`, `unknownFutureValue`.|
+|remediationStateLastModifiedDateTime|DateTimeOffset|RemediationState set time of Autopilot device.|
## Relationships |Relationship|Type|Description|
Here is a JSON representation of the resource.
"azureActiveDirectoryDeviceId": "String", "azureAdDeviceId": "String", "managedDeviceId": "String",
- "displayName": "String"
+ "displayName": "String",
+ "deviceAccountUpn": "String",
+ "deviceAccountPassword": "String",
+ "deviceFriendlyName": "String",
+ "remediationState": "String",
+ "remediationStateLastModifiedDateTime": "String (timestamp)"
} ```
v1.0 Intune Enrollment Windowsautopilotdeviceremediationstate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-enrollment-windowsautopilotdeviceremediationstate.md
+
+ Title: "windowsAutopilotDeviceRemediationState enum type"
+description: "Not yet documented"
+
+localization_priority: Normal
++
+# windowsAutopilotDeviceRemediationState enum type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Not yet documented
+
+## Members
+|Member|Value|Description|
+|:|:|:|
+|unknown|0|Unknown status.|
+|noRemediationRequired|1|No hardware change has been detected.|
+|automaticRemediationRequired|2|Hardware change detected on client. Additional remediation is required.|
+|unknownFutureValue|4|Marks the end of known enum values, and allows for additional values in the future.|
++++
v1.0 Intune Grouppolicy Grouppolicypresentationvaluelist https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-grouppolicy-grouppolicypresentationvaluelist.md
Inherits from [groupPolicyPresentationValue](../resources/intune-grouppolicy-gro
|lastModifiedDateTime|DateTimeOffset|The date and time the object was last modified. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)| |createdDateTime|DateTimeOffset|The date and time the object was created. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)| |id|String|Key of the entity. Inherited from [groupPolicyPresentationValue](../resources/intune-grouppolicy-grouppolicypresentationvalue.md)|
-|values|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|A list of pairs for the associated presentation.|
+|values|[keyValuePair](../resources/intune-grouppolicy-keyvaluepair.md) collection|A list of pairs for the associated presentation.|
## Relationships |Relationship|Type|Description|
v1.0 Intune Grouppolicy Keyvaluepair https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-grouppolicy-keyvaluepair.md
Here is a JSON representation of the resource.
+
v1.0 Intune Mam Conceptual https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-mam-conceptual.md
The following Graph resources are available to manage app protection polices in
- [iOS managed app registration](intune-mam-iosmanagedappregistration.md) - [iOS mobile app identifier](intune-mam-iosmobileappidentifier.md) - [JSON](intune-mam-json.md)
+- [Key/value pair](intune-mam-keyvaluepair.md)
- [Mac app identifier](intune-mam-macappidentifier.md) - [Managed app clipboard sharing level](intune-mam-managedappclipboardsharinglevel.md) - [Managed app configuration](intune-mam-managedappconfiguration.md)
v1.0 Intune Mam Defaultmanagedappprotection https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-mam-defaultmanagedappprotection.md
Inherits from [managedAppProtection](../resources/intune-mam-managedappprotectio
|encryptAppData|Boolean|Indicates whether managed-app data should be encrypted. (Android only)| |disableAppEncryptionIfDeviceEncryptionIsEnabled|Boolean|When this setting is enabled, app level encryption is disabled if device level encryption is enabled. (Android only)| |minimumRequiredSdkVersion|String|Versions less than the specified version will block the managed app from accessing company data. (iOS Only)|
-|customSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to the affected users, unalterned by this service|
+|customSettings|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to the affected users, unalterned by this service|
|deployedAppCount|Int32|Count of apps to which the current policy is deployed.| |minimumRequiredPatchVersion|String|Define the oldest required Android security patch level a user can have to gain secure access to the app. (Android only)| |minimumWarningPatchVersion|String|Define the oldest recommended Android security patch level a user can have for secure access to the app. (Android only)|
-|exemptedAppProtocols|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|iOS Apps in this list will be exempt from the policy and will be able to receive data from managed apps. (iOS Only)|
-|exemptedAppPackages|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Android App packages in this list will be exempt from the policy and will be able to receive data from managed apps. (Android only)|
+|exemptedAppProtocols|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|iOS Apps in this list will be exempt from the policy and will be able to receive data from managed apps. (iOS Only)|
+|exemptedAppPackages|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|Android App packages in this list will be exempt from the policy and will be able to receive data from managed apps. (Android only)|
|faceIdBlocked|Boolean|Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True. (iOS Only)| |minimumWipeSdkVersion|String|Versions less than the specified version will block the managed app from accessing company data.| |minimumWipePatchVersion|String|Android security patch level less than or equal to the specified value will wipe the managed app and the associated company data. (Android only)|
v1.0 Intune Mam Keyvaluepair https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-mam-keyvaluepair.md
Here is a JSON representation of the resource.
+
v1.0 Intune Mam Managedappconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-mam-managedappconfiguration.md
Inherits from [managedAppPolicy](../resources/intune-mam-managedapppolicy.md)
|roleScopeTagIds|String collection|List of Scope Tags for this Entity instance. Inherited from [managedAppPolicy](../resources/intune-mam-managedapppolicy.md)| |id|String|Key of the entity. Inherited from [managedAppPolicy](../resources/intune-mam-managedapppolicy.md)| |version|String|Version of the entity. Inherited from [managedAppPolicy](../resources/intune-mam-managedapppolicy.md)|
-|customSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to apps for users to whom the configuration is scoped, unalterned by this service|
+|customSettings|[keyValuePair](../resources/intune-mam-keyvaluepair.md) collection|A set of string key and string value pairs to be sent to apps for users to whom the configuration is scoped, unalterned by this service|
## Relationships None
v1.0 Intune Mstunnel Keyvaluepair https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-mstunnel-keyvaluepair.md
Here is a JSON representation of the resource.
+
v1.0 Intune Mstunnel Microsofttunnelconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-mstunnel-microsofttunnelconfiguration.md
Entity that represents a collection of Microsoft Tunnel settings
|routesExclude|String collection|Subsets of the routes that will not be routed by the server| |splitDNS|String collection|The domains that will be resolved using the provided dns servers| |listenPort|Int32|The port that both TCP and UPD will listen over on the server|
-|advancedSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Additional settings that may be applied to the server|
+|advancedSettings|[keyValuePair](../resources/intune-mstunnel-keyvaluepair.md) collection|Additional settings that may be applied to the server|
|lastUpdateDateTime|DateTimeOffset|When the MicrosoftTunnelConfiguration was last updated| |roleScopeTagIds|String collection|List of Scope Tags for this Entity instance.|
-|disableUDPConnections|Boolean|When DisableUdpConnections is set, the clients and VPN server will not use DTLS connections to tansfer data.|
+|disableUdpConnections|Boolean|When DisableUdpConnections is set, the clients and VPN server will not use DTLS connections to tansfer data.|
## Relationships None
Here is a JSON representation of the resource.
"roleScopeTagIds": [ "String" ],
- "disableUDPConnections": true
+ "disableUdpConnections": true
} ```
v1.0 Intune Onboarding Conceptual https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-onboarding-conceptual.md
The following Graph resources are available to manage enrollment in Intune:
- [Compliance management partner assignment](intune-onboarding-compliancemanagementpartnerassignment.md) - [Device and app management data](intune-onboarding-deviceandappmanagementdata.md) - [Device comanagement authority configuration](intune-onboarding-devicecomanagementauthorityconfiguration.md)
+- [Device enrollment configuration type](intune-onboarding-deviceenrollmentconfigurationtype.md)
- [Device enrollment limit configuration](intune-onboarding-deviceenrollmentlimitconfiguration.md) - [Device enrollment platform restriction](intune-onboarding-deviceenrollmentplatformrestriction.md) - [Device enrollment platform restriction configuration](intune-onboarding-deviceenrollmentplatformrestrictionconfiguration.md)
v1.0 Intune Onboarding Devicecomanagementauthorityconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-onboarding-devicecomanagementauthorityconfiguration.md
Inherits from [deviceEnrollmentConfiguration](../resources/intune-shared-devicee
|lastModifiedDateTime|DateTimeOffset|Last modified date time in UTC of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |version|Int32|The version of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |roleScopeTagIds|String collection|Optional role scope tags for the enrollment restrictions. Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)|
+|deviceEnrollmentConfigurationType|[deviceEnrollmentConfigurationType](../resources/intune-onboarding-deviceenrollmentconfigurationtype.md)|Support for Enrollment Configuration Type Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md). Possible values are: `unknown`, `limit`, `platformRestrictions`, `windowsHelloForBusiness`, `defaultLimit`, `defaultPlatformRestrictions`, `defaultWindowsHelloForBusiness`, `defaultWindows10EnrollmentCompletionPageConfiguration`, `windows10EnrollmentCompletionPageConfiguration`, `deviceComanagementAuthorityConfiguration`, `singlePlatformRestriction`, `unknownFutureValue`.|
|managedDeviceAuthority|Int32|CoManagement Authority configuration ManagedDeviceAuthority| |installConfigurationManagerAgent|Boolean|CoManagement Authority configuration InstallConfigurationManagerAgent| |configurationManagerAgentCommandLineArgument|String|CoManagement Authority configuration ConfigurationManagerAgentCommandLineArgument|
Here is a JSON representation of the resource.
"roleScopeTagIds": [ "String" ],
+ "deviceEnrollmentConfigurationType": "String",
"managedDeviceAuthority": 1024, "installConfigurationManagerAgent": true, "configurationManagerAgentCommandLineArgument": "String"
v1.0 Intune Onboarding Deviceenrollmentconfigurationtype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-onboarding-deviceenrollmentconfigurationtype.md
+
+ Title: "deviceEnrollmentConfigurationType enum type"
+description: "Describes the TemplateFamily for the Template entity"
+
+localization_priority: Normal
++
+# deviceEnrollmentConfigurationType enum type
+
+Namespace: microsoft.graph
+
+> **Important:** Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
+
+> **Note:** The Microsoft Graph API for Intune requires an [active Intune license](https://go.microsoft.com/fwlink/?linkid=839381) for the tenant.
+
+Describes the TemplateFamily for the Template entity
+
+## Members
+|Member|Value|Description|
+|:|:|:|
+|unknown|0|Default. Set to unknown if the configuration type cannot be determined.|
+|limit|1|Indicates that configuration is of type limit which refers to number of devices a user is allowed to enroll.|
+|platformRestrictions|2|Indicates that configuration is of type platform restriction which refers to types of devices a user is allowed to enroll.|
+|windowsHelloForBusiness|3|Indicates that configuration is of type Windows Hello which refers to authentication method devices would use.|
+|defaultLimit|4|Indicates that configuration is of type default limit which refers to types of devices a user is allowed to enroll by default.|
+|defaultPlatformRestrictions|5|Indicates that configuration is of type default platform restriction which refers to types of devices a user is allowed to enroll by default.|
+|defaultWindowsHelloForBusiness|6|Indicates that configuration is of type default Windows Hello which refers to authentication method devices would use by default.|
+|defaultWindows10EnrollmentCompletionPageConfiguration|7|Indicates that configuration is of type default Enrollment status page which refers to startup page displayed during OOBE in Autopilot devices by default.|
+|windows10EnrollmentCompletionPageConfiguration|8|Indicates that configuration is of type Enrollment status page which refers to startup page displayed during OOBE in Autopilot devices.|
+|deviceComanagementAuthorityConfiguration|9|Indicates that configuration is of type Comanagement Authority which refers to policies applied to Co-Managed devices.|
+|singlePlatformRestriction|10|Indicates that configuration is of type single platform restriction which refers to types of devices a user is allowed to enroll.|
+|unknownFutureValue|11|Unknown future value|
++++
v1.0 Intune Onboarding Deviceenrollmentlimitconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-onboarding-deviceenrollmentlimitconfiguration.md
Inherits from [deviceEnrollmentConfiguration](../resources/intune-shared-devicee
|lastModifiedDateTime|DateTimeOffset|Last modified date time in UTC of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |version|Int32|The version of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |roleScopeTagIds|String collection|Optional role scope tags for the enrollment restrictions. Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)|
+|deviceEnrollmentConfigurationType|[deviceEnrollmentConfigurationType](../resources/intune-onboarding-deviceenrollmentconfigurationtype.md)|Support for Enrollment Configuration Type Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md). Possible values are: `unknown`, `limit`, `platformRestrictions`, `windowsHelloForBusiness`, `defaultLimit`, `defaultPlatformRestrictions`, `defaultWindowsHelloForBusiness`, `defaultWindows10EnrollmentCompletionPageConfiguration`, `windows10EnrollmentCompletionPageConfiguration`, `deviceComanagementAuthorityConfiguration`, `singlePlatformRestriction`, `unknownFutureValue`.|
|limit|Int32|The maximum number of devices that a user can enroll| ## Relationships
Here is a JSON representation of the resource.
"roleScopeTagIds": [ "String" ],
+ "deviceEnrollmentConfigurationType": "String",
"limit": 1024 } ```
v1.0 Intune Onboarding Deviceenrollmentplatformrestrictionconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-onboarding-deviceenrollmentplatformrestrictionconfiguration.md
Inherits from [deviceEnrollmentConfiguration](../resources/intune-shared-devicee
|lastModifiedDateTime|DateTimeOffset|Last modified date time in UTC of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |version|Int32|The version of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |roleScopeTagIds|String collection|Optional role scope tags for the enrollment restrictions. Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)|
+|deviceEnrollmentConfigurationType|[deviceEnrollmentConfigurationType](../resources/intune-onboarding-deviceenrollmentconfigurationtype.md)|Support for Enrollment Configuration Type Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md). Possible values are: `unknown`, `limit`, `platformRestrictions`, `windowsHelloForBusiness`, `defaultLimit`, `defaultPlatformRestrictions`, `defaultWindowsHelloForBusiness`, `defaultWindows10EnrollmentCompletionPageConfiguration`, `windows10EnrollmentCompletionPageConfiguration`, `deviceComanagementAuthorityConfiguration`, `singlePlatformRestriction`, `unknownFutureValue`.|
|platformRestriction|[deviceEnrollmentPlatformRestriction](../resources/intune-onboarding-deviceenrollmentplatformrestriction.md)|Restrictions based on platform, platform operating system version, and device ownership|
-|platformType|[enrollmentRestrictionPlatformType](../resources/intune-onboarding-enrollmentrestrictionplatformtype.md)|Type of platform for which this restriction applies. Possible values are: `allPlatforms`, `ios`, `windows`, `windowsPhone`, `android`, `androidForWork`, `androidAosp`, `mac`.|
+|platformType|[enrollmentRestrictionPlatformType](../resources/intune-onboarding-enrollmentrestrictionplatformtype.md)|Type of platform for which this restriction applies. Possible values are: `allPlatforms`, `ios`, `windows`, `windowsPhone`, `android`, `androidForWork`, `mac`.|
## Relationships |Relationship|Type|Description|
Here is a JSON representation of the resource.
"roleScopeTagIds": [ "String" ],
+ "deviceEnrollmentConfigurationType": "String",
"platformRestriction": { "@odata.type": "microsoft.graph.deviceEnrollmentPlatformRestriction", "platformBlocked": true,
v1.0 Intune Onboarding Deviceenrollmentplatformrestrictionsconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-onboarding-deviceenrollmentplatformrestrictionsconfiguration.md
Inherits from [deviceEnrollmentConfiguration](../resources/intune-shared-devicee
|lastModifiedDateTime|DateTimeOffset|Last modified date time in UTC of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |version|Int32|The version of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |roleScopeTagIds|String collection|Optional role scope tags for the enrollment restrictions. Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)|
+|deviceEnrollmentConfigurationType|[deviceEnrollmentConfigurationType](../resources/intune-onboarding-deviceenrollmentconfigurationtype.md)|Support for Enrollment Configuration Type Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md). Possible values are: `unknown`, `limit`, `platformRestrictions`, `windowsHelloForBusiness`, `defaultLimit`, `defaultPlatformRestrictions`, `defaultWindowsHelloForBusiness`, `defaultWindows10EnrollmentCompletionPageConfiguration`, `windows10EnrollmentCompletionPageConfiguration`, `deviceComanagementAuthorityConfiguration`, `singlePlatformRestriction`, `unknownFutureValue`.|
|iosRestriction|[deviceEnrollmentPlatformRestriction](../resources/intune-onboarding-deviceenrollmentplatformrestriction.md)|Ios restrictions based on platform, platform operating system version, and device ownership| |windowsRestriction|[deviceEnrollmentPlatformRestriction](../resources/intune-onboarding-deviceenrollmentplatformrestriction.md)|Windows restrictions based on platform, platform operating system version, and device ownership| |windowsHomeSkuRestriction|[deviceEnrollmentPlatformRestriction](../resources/intune-onboarding-deviceenrollmentplatformrestriction.md)|Windows Home Sku restrictions based on platform, platform operating system version, and device ownership| |windowsMobileRestriction|[deviceEnrollmentPlatformRestriction](../resources/intune-onboarding-deviceenrollmentplatformrestriction.md)|Windows mobile restrictions based on platform, platform operating system version, and device ownership| |androidRestriction|[deviceEnrollmentPlatformRestriction](../resources/intune-onboarding-deviceenrollmentplatformrestriction.md)|Android restrictions based on platform, platform operating system version, and device ownership| |androidForWorkRestriction|[deviceEnrollmentPlatformRestriction](../resources/intune-onboarding-deviceenrollmentplatformrestriction.md)|Android for work restrictions based on platform, platform operating system version, and device ownership|
-|aospRestriction|[deviceEnrollmentPlatformRestriction](../resources/intune-onboarding-deviceenrollmentplatformrestriction.md)|AOSP restrictions based on platform, platform operating system version, and device ownership|
|macRestriction|[deviceEnrollmentPlatformRestriction](../resources/intune-onboarding-deviceenrollmentplatformrestriction.md)|Mac restrictions based on platform, platform operating system version, and device ownership| |macOSRestriction|[deviceEnrollmentPlatformRestriction](../resources/intune-onboarding-deviceenrollmentplatformrestriction.md)|Mac restrictions based on platform, platform operating system version, and device ownership|
Here is a JSON representation of the resource.
"roleScopeTagIds": [ "String" ],
+ "deviceEnrollmentConfigurationType": "String",
"iosRestriction": { "@odata.type": "microsoft.graph.deviceEnrollmentPlatformRestriction", "platformBlocked": true,
Here is a JSON representation of the resource.
"String" ] },
- "aospRestriction": {
- "@odata.type": "microsoft.graph.deviceEnrollmentPlatformRestriction",
- "platformBlocked": true,
- "personalDeviceEnrollmentBlocked": true,
- "osMinimumVersion": "String",
- "osMaximumVersion": "String",
- "blockedManufacturers": [
- "String"
- ],
- "blockedSkus": [
- "String"
- ]
- },
"macRestriction": { "@odata.type": "microsoft.graph.deviceEnrollmentPlatformRestriction", "platformBlocked": true,
v1.0 Intune Onboarding Deviceenrollmentwindowshelloforbusinessconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-onboarding-deviceenrollmentwindowshelloforbusinessconfiguration.md
Inherits from [deviceEnrollmentConfiguration](../resources/intune-shared-devicee
|lastModifiedDateTime|DateTimeOffset|Last modified date time in UTC of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |version|Int32|The version of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |roleScopeTagIds|String collection|Optional role scope tags for the enrollment restrictions. Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)|
+|deviceEnrollmentConfigurationType|[deviceEnrollmentConfigurationType](../resources/intune-onboarding-deviceenrollmentconfigurationtype.md)|Support for Enrollment Configuration Type Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md). Possible values are: `unknown`, `limit`, `platformRestrictions`, `windowsHelloForBusiness`, `defaultLimit`, `defaultPlatformRestrictions`, `defaultWindowsHelloForBusiness`, `defaultWindows10EnrollmentCompletionPageConfiguration`, `windows10EnrollmentCompletionPageConfiguration`, `deviceComanagementAuthorityConfiguration`, `singlePlatformRestriction`, `unknownFutureValue`.|
|pinMinimumLength|Int32|Controls the minimum number of characters required for the Windows Hello for Business PIN. This value must be between 4 and 127, inclusive, and less than or equal to the value set for the maximum PIN.| |pinMaximumLength|Int32|Controls the maximum number of characters allowed for the Windows Hello for Business PIN. This value must be between 4 and 127, inclusive. This value must be greater than or equal to the value set for the minimum PIN.| |pinUppercaseCharactersUsage|[windowsHelloForBusinessPinUsage](../resources/intune-onboarding-windowshelloforbusinesspinusage.md)|Controls the ability to use uppercase letters in the Windows Hello for Business PIN. Allowed permits the use of uppercase letter(s), whereas Required ensures they are present. If set to Not Allowed, uppercase letters will not be permitted. Possible values are: `allowed`, `required`, `disallowed`.|
Here is a JSON representation of the resource.
"roleScopeTagIds": [ "String" ],
+ "deviceEnrollmentConfigurationType": "String",
"pinMinimumLength": 1024, "pinMaximumLength": 1024, "pinUppercaseCharactersUsage": "String",
v1.0 Intune Onboarding Enrollmentrestrictionplatformtype https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-onboarding-enrollmentrestrictionplatformtype.md
This enum indicates the platform type for which the enrollment restriction appli
|windowsPhone|3|Windows Phone devices| |android|4|Android devices| |androidForWork|5|Android for Work devices|
-|androidAosp|6|Android AOSP devices|
|mac|7|macOS devices|
v1.0 Intune Onboarding Windows10enrollmentcompletionpageconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-onboarding-windows10enrollmentcompletionpageconfiguration.md
Inherits from [deviceEnrollmentConfiguration](../resources/intune-shared-devicee
|lastModifiedDateTime|DateTimeOffset|Last modified date time in UTC of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |version|Int32|The version of the device enrollment configuration Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)| |roleScopeTagIds|String collection|Optional role scope tags for the enrollment restrictions. Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md)|
+|deviceEnrollmentConfigurationType|[deviceEnrollmentConfigurationType](../resources/intune-onboarding-deviceenrollmentconfigurationtype.md)|Support for Enrollment Configuration Type Inherited from [deviceEnrollmentConfiguration](../resources/intune-shared-deviceenrollmentconfiguration.md). Possible values are: `unknown`, `limit`, `platformRestrictions`, `windowsHelloForBusiness`, `defaultLimit`, `defaultPlatformRestrictions`, `defaultWindowsHelloForBusiness`, `defaultWindows10EnrollmentCompletionPageConfiguration`, `windows10EnrollmentCompletionPageConfiguration`, `deviceComanagementAuthorityConfiguration`, `singlePlatformRestriction`, `unknownFutureValue`.|
|showInstallationProgress|Boolean|Show or hide installation progress to user| |blockDeviceSetupRetryByUser|Boolean|Allow the user to retry the setup on installation failure| |allowDeviceResetOnInstallFailure|Boolean|Allow or block device reset on installation failure|
Here is a JSON representation of the resource.
"roleScopeTagIds": [ "String" ],
+ "deviceEnrollmentConfigurationType": "String",
"showInstallationProgress": true, "blockDeviceSetupRetryByUser": true, "allowDeviceResetOnInstallFailure": true,
v1.0 Intune Partnerintegration Keyvaluepair https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-partnerintegration-keyvaluepair.md
Here is a JSON representation of the resource.
+
v1.0 Intune Partnerintegration Securityconfigurationtask https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-partnerintegration-securityconfigurationtask.md
Inherits from [deviceAppManagementTask](../resources/intune-partnerintegration-d
|endpointSecurityPolicyProfile|[endpointSecurityConfigurationProfileType](../resources/intune-partnerintegration-endpointsecurityconfigurationprofiletype.md)|The endpoint security policy profile. Possible values are: `unknown`, `antivirus`, `windowsSecurity`, `bitLocker`, `fileVault`, `firewall`, `firewallRules`, `endpointDetectionAndResponse`, `deviceControl`, `appAndBrowserIsolation`, `exploitProtection`, `webProtection`, `applicationControl`, `attackSurfaceReductionRules`, `accountProtection`.| |insights|String|Information about the mitigation.| |managedDeviceCount|Int32|The number of vulnerable devices.|
-|intendedSettings|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|The intended settings and their values.|
+|intendedSettings|[keyValuePair](../resources/intune-partnerintegration-keyvaluepair.md) collection|The intended settings and their values.|
## Relationships |Relationship|Type|Description|
v1.0 Intune Policyset Assignmentfilterevaluaterequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-assignmentfilterevaluaterequest.md
Request for assignment filter evaluation for devices.
|rule|String|Rule definition of the Assignment Filter.| |top|Int32|Limit of records per request. Default value is 100, if provided less than 0 or greater than 100| |skip|Int32|Number of records to skip. Default value is 0|
+|orderBy|String collection|Order the devices should be sorted in. Default is ascending on device name.|
## Relationships None
Here is a JSON representation of the resource.
"platform": "String", "rule": "String", "top": 1024,
- "skip": 1024
+ "skip": 1024,
+ "orderBy": [
+ "String"
+ ]
} ```
v1.0 Intune Policyset Assignmentfilterstatusdetails https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-assignmentfilterstatusdetails.md
Represent status details for device and payload and all associated applied filte
|managedDeviceId|String|Unique identifier for the device object.| |payloadId|String|Unique identifier for payload object.| |userId|String|Unique identifier for UserId object. Can be null|
-|deviceProperties|[keyValuePair](../resources/intune-shared-keyvaluepair.md) collection|Device properties used for filter evaluation during device check-in time.|
+|deviceProperties|[keyValuePair](../resources/intune-policyset-keyvaluepair.md) collection|Device properties used for filter evaluation during device check-in time.|
|evalutionSummaries|[assignmentFilterEvaluationSummary](../resources/intune-policyset-assignmentfilterevaluationsummary.md) collection|Evaluation result summaries for each filter associated to device and payload| ## Relationships
v1.0 Intune Policyset Keyvaluepair https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-policyset-keyvaluepair.md
Here is a JSON representation of the resource.
+
v1.0 Intune Rbac Operationapprovalpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-rbac-operationapprovalpolicy.md
Operation Approval Policy
|description|String|The description of this OperationApprovalPolicy| |lastModifiedDateTime|DateTimeOffset|The last modified date and time of this OperationApprovalPolicy. This property is read-only.| |policyType|[operationApprovalPolicyType](../resources/intune-rbac-operationapprovalpolicytype.md)|The policy type for this OperationApprovalPolicy. Possible values are: `deviceActions`, `deviceWipe`, `deviceRetire`, `deviceRetireNonCompliant`, `deviceDelete`, `deviceLock`, `deviceErase`, `deviceDisableActivationLock`, `windowsEnrollment`, `compliancePolicies`, `configurationPolicies`, `appProtectionPolicies`, `policySets`, `filters`, `endpointSecurity`, `apps`, `scripts`, `roles`, `deviceResetPasscode`, `unknownFutureValue`.|
-|policyPlatform|[operationApprovalPolicyPlatform](../resources/intune-rbac-operationapprovalpolicyplatform.md)|The applicable platform(s) for this OperationApprovalPolicy. Possible values are: `notApplicable`, `androidDeviceAdministrator`, `androidEnterprise`, `iOSiPadOS`, `macOS`, `windows10AndLater`, `windows81AndLater`, `windows10X`.|
|approverGroupIds|String collection|The group IDs for the approvers for this OperationApprovalPolicy| ## Relationships
Here is a JSON representation of the resource.
"description": "String", "lastModifiedDateTime": "String (timestamp)", "policyType": "String",
- "policyPlatform": "String",
"approverGroupIds": [ "String" ]
v1.0 Intune Shared Conceptual https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/intune-shared-conceptual.md
The following Graph resources are shared between Intune workflows:
- [Key size](intune-shared-keysize.md) - [Key storage provider option](intune-shared-keystorageprovideroption.md) - [Key usages](intune-shared-keyusages.md)-- [Key/value pair](intune-shared-keyvaluepair.md) - [macOS LOB app assignment settings](intune-shared-macoslobappassignmentsettings.md) - [macOS VPP app assignment settings](intune-shared-macosvppappassignmentsettings.md) - [Managed device owner type](intune-shared-manageddeviceownertype.md)
The following Graph resources are shared between Intune workflows:
- [Report root](intune-shared-reportroot.md) - [RGB color](intune-shared-rgbcolor.md) - [Run as account type](intune-shared-runasaccounttype.md)-- [Run state](intune-shared-runstate.md) - [Saved UI state generation options](intune-shared-saveduistategenerationoptions.md) - [Setting source type](intune-shared-settingsourcetype.md) - [Subject alternative name type](intune-shared-subjectalternativenametype.md)
v1.0 List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/list.md
description: "The list resource represents a list in a site." Previously updated : 09/11/2017 Title: List
+ Title: List resource
ms.localizationpriority: medium ms.prod: "sharepoint" doc_type: resourcePageType + # List resource Namespace: microsoft.graph
All examples below are relative to a site, for example, `https://graph.microsoft
[List columns]: ../api/list-list-columns.md [Create column]: ../api/list-post-columns.md
-## JSON representation
-
-Here is a JSON representation of a **list** resource.
-
-<!-- { "blockType": "resource",
- "@odata.type": "microsoft.graph.list",
- "keyProperty": "id",
- "optionalProperties": [ "items", "drive"] } -->
-
-```json
-{
- "activities": [{"@odata.type": "microsoft.graph.itemActivity"}],
- "columns": [ { "@odata.type": "microsoft.graph.columnDefinition" }],
- "contentTypes": [ { "@odata.type": "microsoft.graph.contentType" }],
- "displayName": "title of list",
- "drive": { "@odata.type": "microsoft.graph.drive" },
- "items": [ { "@odata.type": "microsoft.graph.listItem" } ],
- "list": {
- "@odata.type": "microsoft.graph.listInfo",
- "hidden": false,
- "template": "documentLibrary | genericList | survey | links | announcements | contacts ..."
- },
- "system": false,
- "subscriptions": [ {"@odata.type": "microsoft.graph.subscription"} ],
-
- /* inherited from baseItem */
- "id": "string",
- "name": "name of list",
- "createdBy": { "@odata.type": "microsoft.graph.identitySet" },
- "createdDateTime": "timestamp",
- "description": "description of list",
- "eTag": "string",
- "lastModifiedBy": { "@odata.type": "microsoft.graph.identitySet" },
- "lastModifiedDateTime": "timestamp",
- "webUrl": "url to visit the list in a browser"
-}
-```
- ## Properties The **list** resource has the following properties.
The **list** resource has the following relationships to other resources.
[systemFacet]: systemfacet.md [subscription]: subscription.md
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- { "blockType": "resource",
+ "@odata.type": "microsoft.graph.list",
+ "keyProperty": "id",
+ "optionalProperties": [ "items", "drive"] } -->
+
+```json
+{
+ "activities": [{"@odata.type": "microsoft.graph.itemActivity"}],
+ "columns": [ { "@odata.type": "microsoft.graph.columnDefinition" }],
+ "contentTypes": [ { "@odata.type": "microsoft.graph.contentType" }],
+ "displayName": "title of list",
+ "drive": { "@odata.type": "microsoft.graph.drive" },
+ "items": [ { "@odata.type": "microsoft.graph.listItem" } ],
+ "list": {
+ "@odata.type": "microsoft.graph.listInfo",
+ "hidden": false,
+ "template": "documentLibrary | genericList | survey | links | announcements | contacts ..."
+ },
+ "system": false,
+ "subscriptions": [ {"@odata.type": "microsoft.graph.subscription"} ],
+
+ /* inherited from baseItem */
+ "id": "string",
+ "name": "name of list",
+ "createdBy": { "@odata.type": "microsoft.graph.identitySet" },
+ "createdDateTime": "timestamp",
+ "description": "description of list",
+ "eTag": "string",
+ "lastModifiedBy": { "@odata.type": "microsoft.graph.identitySet" },
+ "lastModifiedDateTime": "timestamp",
+ "webUrl": "url to visit the list in a browser"
+}
+```
+ <!-- { "type": "#page.annotation",
v1.0 Logicapptriggerendpointconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/logicapptriggerendpointconfiguration.md
+
+ Title: "logicAppTriggerEndpointConfiguration resource type"
+description: "The configuration details for the logic app's endpoint that is associated with a custom access package workflow extension."
+
+ms.localizationpriority: medium
++
+# logicAppTriggerEndpointConfiguration resource type
+
+Namespace: microsoft.graph
++
+The configuration details for the logic app's endpoint that is associated with a custom access package workflow extension. Derived from the [customExtensionEndpointConfiguration](customextensionendpointconfiguration.md) abstract type.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|logicAppWorkflowName|String|The name of the logic app.|
+|resourceGroupName|String|The Azure resource group name for the logic app.|
+|subscriptionId|String|Identifier of the Azure subscription for the logic app.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "baseType": "microsoft.graph.customExtensionEndpointConfiguration"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId": "String",
+ "resourceGroupName": "String",
+ "logicAppWorkflowName": "String"
+}
+```
v1.0 Managedtenants Auditevent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/managedtenants-auditevent.md
+
+ Title: "auditEvent resource type"
+description: "Represents an audit event for managed tenants in Microsoft 365 Lighthouse."
+
+ms.localizationpriority: medium
++
+# auditEvent resource type
+
+Namespace: microsoft.graph.managedTenants
++
+Represents an audit event for managed tenants in Microsoft 365 Lighthouse.
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List auditEvents](../api/managedtenants-managedtenant-list-auditevents.md)|[microsoft.graph.managedTenants.auditEvent](../resources/managedtenants-auditevent.md) collection|Get a list of the [auditEvent](../resources/managedtenants-auditevent.md) objects and their properties.|
+|[Get auditEvent](../api/managedtenants-auditevent-get.md)|[microsoft.graph.managedTenants.auditEvent](../resources/managedtenants-auditevent.md)|Read the properties and relationships of an [auditEvent](../resources/managedtenants-auditevent.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|activity|String|A string which uniquely represents the operation that occurred. Required. Read-only.|
+|activityDateTime|DateTimeOffset|The time when the activity ocurred. Required. Read-only.|
+|activityId|String|The identifier of the activity request that made the audit event. Required. Read-only.|
+|category|String|A category which represents a logical grouping of activities. Required. Read-only.|
+|httpVerb|String|The HTTP verb that was used when making the API request. Required. Read-only.|
+|id|String|The unique identifier of the audit event. Required. Read-only.|
+|initiatedByAppId|String|The identifier of the app that was used to make the request. Required. Read-only.|
+|initiatedByUpn|String|The UPN of the user who initiated the activity. Required. Read-only.|
+|initiatedByUserId|String|The identifier of the user who initiated the activity. Required. Read-only.|
+|ipAddress|String|The IP address of where the activity was initiated. This may be an IPv4 or IPv6 address. Required. Read-only.|
+|requestBody|String|The raw HTTP request body. Some sensitive information may be removed.|
+|requestUrl|String|The raw HTTP request URL. Required. Read-only.|
+|tenantIds|String|The collection of Azure Active Directory tenant identifiers for the [managed tenants](../resources/managedtenants-tenant.md) that were impacted by this change. This is formatted as a list of comma-separated values. Required. Read-only.|
+|tenantNames|String|The collection of tenant names that were impacted by this change. This is formatted as a list of comma-separated values. Required. Read-only.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.managedTenants.auditEvent",
+ "openType": true
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.managedTenants.auditEvent",
+ "activity": "String",
+ "activityDateTime": "String (timestamp)",
+ "activityId": "String",
+ "category": "String",
+ "httpVerb": "String",
+ "id": "String (identifier)",
+ "initiatedByAppId": "String",
+ "initiatedByUpn": "String",
+ "initiatedByUserId": "String",
+ "ipAddress": "String",
+ "requestBody": "String",
+ "requestUrl": "String",
+ "tenantIds": "String",
+ "tenantNames": "String"
+}
+```
+
v1.0 Managedtenants Managedtenant https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/managedtenants-managedtenant.md
None.
|Relationship|Type|Description| |:|:|:| |aggregatedPolicyCompliances|[microsoft.graph.managedTenants.aggregatedPolicyCompliance](../resources/managedtenants-aggregatedpolicycompliance.md) collection|Aggregate view of device compliance policies across managed tenants.|
+|auditEvents|[microsoft.graph.managedTenants.auditEvent](../resources/managedtenants-auditevent.md) collection|The collection of audit events across managed tenants.|
|cloudPcConnections|[microsoft.graph.managedTenants.cloudPcConnection](../resources/managedtenants-cloudpcconnection.md) collection|The collection of cloud PC connections across managed tenants.| |cloudPcDevices|[microsoft.graph.managedTenants.cloudPcDevice](../resources/managedtenants-cloudpcdevice.md) collection|The collection of cloud PC devices across managed tenants.| |cloudPcsOverview|[microsoft.graph.managedTenants.cloudPcOverview](../resources/managedtenants-cloudpcoverview.md) collection|Overview of cloud PC information across managed tenants.|
v1.0 Onlinemeeting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onlinemeeting.md
Namespace: microsoft.graph
Contains information about a meeting, including the URL used to join a meeting, the attendees list, and the description.
+This resource supports subscribing to [change notifications](/graph/webhooks).
+ ## Methods | Method | Return Type |Description |
v1.0 Onpremisesextensionattributes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/onpremisesextensionattributes.md
Namespace: microsoft.graph
The return type of the **onPremisesExtensionAttributes** property of the [user](user.md) object and **extensionAttributes** property of the [device](device.md) object. Returns fifteen custom extension attribute properties.
-On the [user](user.md) entity and for an **onPremisesSyncEnabled** user, the source of authority for this set of properties is the on-premises Active Directory which is synchronized to Azure AD, and is read-only. For a cloud-only user (where **onPremisesSyncEnabled** is `false`), these properties can be set during [creation](../api/user-post-users.md) or [update](../api/user-update.md). If a cloud-only user was previously synced from on-premises Active Directory, these properties cannot be managed via the Microsoft Graph API. Instead, they can be managed through the Exchange Admin Center or the Exchange Online V2 module in PowerShell.
+On the [user](user.md) entity and for an **onPremisesSyncEnabled** user, the source of authority for this set of properties is the on-premises Active Directory which is synchronized to Azure AD, and is read-only. For a cloud-only user (where **onPremisesSyncEnabled** is `false` or `null`), these properties can be set during [creation](../api/user-post-users.md) or [update](../api/user-update.md). If a cloud-only user was previously synced from on-premises Active Directory, these properties cannot be managed via the Microsoft Graph API. Instead, they can be managed through the Exchange Admin Center or the Exchange Online V2 module in PowerShell.
The **extensionAttributes** property of the [device](device.md) entity is managed only in Azure AD during device [creation](../api/device-post-devices.md) or [update](../api/device-update.md).
v1.0 Passwordcredentialconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/passwordcredentialconfiguration.md
Password credential configuration object that contains properties to configure r
## Properties
-| Property | Type | Description |
-| :- | : | :-- |
-| restrictionType | appCredentialRestrictionType | The type of restriction being applied. The possible values are: `passwordAddition`, `passwordLifetime`, `symmetricKeyAddition`, `symmetricKeyLifetime`, `unknownFutureValue`. Each value of restrictionType can be used only once per policy. |
-| maxLifeTime | Duration | Value that can be used as the maximum number for setting password expiration time in days, hours, minutes or seconds. Defined in ISO 8601 format for Durations. For example, "P4DT12H30M5S" represents a duration of four days, twelve hours, thirty minutes, and five seconds. This property is required when restriction type is set to `passwordLifetime`. |
-| restrictForAppsCreatedAfterDateTime | DateTimeOffset | Enforces the policy for an app created on or after the enforcement date. For existing applications, the enforcement date would be back dated. To apply to all applications, enforcement datetime would be null. |
+| Property | Type | Description |
+| :- | : | : |
+| restrictionType | appCredentialRestrictionType | The type of restriction being applied. The possible values are: `passwordAddition`, `passwordLifetime`, `symmetricKeyAddition`, `symmetricKeyLifetime`,`customPasswordAddition`, `unknownFutureValue`. Each value of restrictionType can be used only once per policy. |
+| maxLifeTime | Duration | Value that can be used as the maximum number for setting password expiration time in days, hours, minutes or seconds. Defined in ISO 8601 format for Durations. For example, "P4DT12H30M5S" represents a duration of four days, twelve hours, thirty minutes, and five seconds. This property is required when restriction type is set to `passwordLifetime`. |
+| restrictForAppsCreatedAfterDateTime | DateTimeOffset | Enforces the policy for an app created on or after the enforcement date. For existing applications, the enforcement date would be backdated. To apply to all applications, this date would be `null`. |
## Relationships
v1.0 Permissionscope https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/permissionscope.md
Here is a JSON representation of the resource
```json {
- "id": "guid",
- "adminConsentDisplayName": "string",
- "adminConsentDescription": "string",
- "userConsentDisplayName": "string",
- "userConsentDescription": "string",
- "value": "string",
- "type": "string",
+ "id": "Guid",
+ "adminConsentDisplayName": "String",
+ "adminConsentDescription": "String",
+ "userConsentDisplayName": "String",
+ "userConsentDescription": "String",
+ "value": "String",
+ "type": "String",
"isEnabled": true } ```
v1.0 Personaltaskproperties https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/personaltaskproperties.md
- Title: "personalTaskProperties resource type"
-description: Contains personal properties of a task"
-
-doc_type: resourcePageType
--
-# personalTaskProperties resource type
-
-Namespace: microsoft.graph
--
-Contains personal properties of a [task](task.md). When sharing or assigning a **task**, these properties will not be seen by other users.
-
-## Properties
-|Property|Type|Description|
-|:|:|:|
-|reminderDatetime|[dateTimeTimeZone](../resources/datetimetimezone.md)|The date and time for a reminder alert of the **task** to occur.|
-
-## Relationships
-None.
-
-## JSON representation
-The following is a JSON representation of the resource.
-<!-- {
- "blockType": "resource",
- "@odata.type": "microsoft.graph.personalTaskProperties"
-}
>
-``` json
-{
- "@odata.type": "#microsoft.graph.personalTaskProperties",
- "reminderDatetime": {
- "@odata.type": "microsoft.graph.dateTimeTimeZone"
- }
-}
-```
-
v1.0 Plannerplancontextdetails https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/plannerplancontextdetails.md
The **plannerPlanContextDetails** resource contains additional information about
|customLinkText|String|Nullable. Specifies the text to use in a user experience to display a link the the associated [plannerPlanContext](plannerplancontext.md). If null, applications should display the link with a custom text based on the **displayLinkType** property.| |displayLinkType|plannerPlanContextType|Specifies how an application should display the link to the associated **plannerPlanContext**. Applications may choose to provide customized text, description, icons, or other experiences based on the type of the link. Possible values are: `teamsTab`, `sharePointPage`, `meetingNotes`, `other`, `unknownFutureValue`.| |url|String|URL of the user experience represented by the associated **plannerPlanContext**. |
+|state|plannerContextState| Indicates the state of the associated **plannerPlanContext**. |
+
+### plannerContextState values
+
+|Value |Description|
+|:|:-|
+|active | The context has no problems. |
+|delinked | A formerly linked **plannerPlanContext** is no longer linked to the plan. |
+|unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
## JSON representation
The following is a JSON representation of the resource.
<!-- { "blockType": "resource",
- "optionalProperties": [
-
- ],
"@odata.type": "microsoft.graph.plannerPlanContextDetails" }--> ```json {
- "url": "http://www.microsoft.com",
- "customLinkText": "Visit Microsoft's home page.",
- "displayLinkType": "other"
+ "url": "string",
+ "customLinkText": "string",
+ "displayLinkType": "string",
+ "state": "string"
} ```
v1.0 Plannertaskdetails https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/plannertaskdetails.md
Title: "plannerTaskDetails resource type"
-description: "The **plannerTaskDetails** resource represents the additional information about a task. Each task object has a details object."
+description: "Represents the additional information about a task. Each task object has a details object."
ms.localizationpriority: medium ms.prod: "planner"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-The **plannerTaskDetails** resource represents the additional information about a task. Each [task](plannertask.md) object has a details object.
+Represents the additional information about a task. Each [task](plannertask.md) object has a details object.
## Methods
The **plannerTaskDetails** resource represents the additional information about
| Property | Type |Description| |:|:--|:-| |checklist|[plannerChecklistItems](plannerchecklistitems.md)|The collection of checklist items on the task.|
-|description|String|Description of the task|
+|description|String|Description of the task.|
|id|String| Read-only. ID of the task details. It is 28 characters long and case-sensitive. [Format validation](tasks-identifiers-disclaimer.md) is done on the service.| |previewType|string|This sets the type of preview that shows up on the task. Possible values are: `automatic`, `noPreview`, `checklist`, `description`, `reference`. When set to `automatic` the displayed preview is chosen by the app viewing the task.| |references|[plannerExternalReferences](plannerexternalreferences.md)|The collection of references on the task.| ## Relationships
-None
+None.
## JSON representation
-Here is a JSON representation of the resource.
+The following is a JSON representation of the resource.
<!-- { "blockType": "resource",
Here is a JSON representation of the resource.
"previewType": "string", "references": {"@odata.type": "microsoft.graph.plannerExternalReferences"} }- ``` <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
v1.0 Presence https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/presence.md
This resource supports subscribing to [change notifications](/graph/webhooks).
## Properties
-| Relationship | Type | Description |
+| Property | Type | Description |
| : | :-- | : | | id | string | The user object id | | availability | string collection | The base presence information for a user. Possible values are `Available`, `AvailableIdle`, `Away`, `BeRightBack`, `Busy`, `BusyIdle`, `DoNotDisturb`, `Offline`, `PresenceUnknown` |
v1.0 Privilegedapproval https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedapproval.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents an approval that is requested in Privileged Identity Management (PIM) for getting into a role.
v1.0 Privilegedidentitymanagement Directory https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedidentitymanagement-directory.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] The following methods are provided by PIM for Azure AD roles. The service is built on top of OData. To filter the results from a query, use the standard OData `$filter` expressions in the URIs.
The following methods are provided by PIM for Azure AD roles. The service is bui
|[Update privilegedApproval](../api/privilegedapproval-update.md) | [privilegedApproval](privilegedapproval.md) |Update privilegedApproval object. | |[myrequests](../api/privilegedapproval-myrequests.md) | [privilegedApproval](privilegedapproval.md) collection|Get the requestor's approval requests. | + <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!--
v1.0 Privilegedidentitymanagement Resources https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedidentitymanagement-resources.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] You can use [Azure Active Directory (Azure AD) Privileged Identity Management (PIM)](/azure/active-directory/privileged-identity-management/pim-configure) for Azure resources to set up just-in-time access workflow for your Azure infrastructure roles at a management group, subscription, resource group, and resource level. These include built-in roles like Owner and Contributor as well as custom RBAC roles.
You can use [Azure Active Directory (Azure AD) Privileged Identity Management (P
| List and export all role assignments for a resource. | [governanceRoleAssignment](governanceroleassignment.md) | [Export role assignments](/azure/active-directory/privileged-identity-management/azure-pim-resource-rbac#export-role-assignments-with-children) | | Create or remove an eligible or active role assignment, activate/deactivate an eligible assignment, view a list of pending requests, approve or deny a pending request or cancel your own pending request. | [governanceRoleAssignmentRequest](governanceroleassignmentrequest.md) | [Role Assignment](/azure/active-directory/privileged-identity-management/pim-resource-roles-assign-roles)<br/>[Role activation](/azure/active-directory/privileged-identity-management/pim-resource-roles-activate-your-roles)<br/>[Approve requests](/azure/active-directory/privileged-identity-management/azure-ad-pim-approval-workflow) | + <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!--
v1.0 Privilegedidentitymanagement Root https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedidentitymanagement-root.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] >[!CAUTION]
->The Privileged Identity Management (PIM) API for **Azure AD roles** is deprecated and stopped returning data on May 31, 2021. Please use the [role management](/graph/api/resources/rolemanagement?view=graph-rest-beta&preserve-view=true) API.
+>The Privileged Identity Management (PIM) API for **Azure AD roles** is deprecated and stopped returning data on May 31, 2021. Use the [role management](/graph/api/resources/rolemanagement?view=graph-rest-beta&preserve-view=true) API and see the [migration guidance below](#migrate-from-pim-v2-to-pim-v3-apis).
>
->The Privileged Identity Management (PIM) API for **Azure resource roles** will be deprecated soon. Use the new [Azure REST PIM API for Azure resource roles](/rest/api/authorization/role-eligibility-schedule-requests).
+>The Privileged Identity Management (PIM) API for **Azure resources** will be deprecated soon. Use the new [Azure REST PIM API for Azure resources](/rest/api/authorization/role-eligibility-schedule-requests). To migrate, see the migration guidance below.
-[Azure Active Directory (Azure AD) Privileged Identity Management (PIM)](/azure/active-directory/privileged-identity-management/pim-configure) is a service that enables you to manage, control, and monitor access to important resources in your organization. This includes access to resources in Azure AD, Azure resources, and other Microsoft Online Services like Microsoft 365 or Microsoft Intune.
+[Privileged Identity Management (PIM)](/azure/active-directory/privileged-identity-management/pim-configure) is a service that enables you to manage, control, and monitor access to important resources in your organization. This scope includes access to resources in Azure AD, Azure resources, and other Microsoft services like Microsoft 365 or Microsoft Intune.
-Microsoft Graph provides the following APIs to manage Azure AD roles and Azure resource roles:
+There have been several iterations of the PIM API over the past few years. This iteration is the second iteration (here referred to as PIM v2) and it's succeeded by PIM v3. For more information about the history of the PIM API, see [PIM API history](/azure/active-directory/privileged-identity-management/pim-apis#pim-api-history).
-- [APIs for Azure AD roles](privilegedidentitymanagement-directory.md)-- [APIs for Azure resource roles](privilegedidentitymanagement-resources.md)
+Microsoft Graph provides the following PIM v2 APIs to manage Azure AD roles and Azure resource roles. We recommend that you migrate from PIM v2 to PIM v3.
+- [APIs for Azure AD roles](privilegedidentitymanagement-directory.md) (deprecated)
+- [APIs for Azure resources](privilegedidentitymanagement-resources.md)
+
+## Migrate from PIM v2 to PIM v3 APIs
++ <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC -->
v1.0 Privilegedoperationevent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedoperationevent.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents an audit event that is generated by Privileged Identity Management for the role operations, such as an administrator manages privileged roles, a user activates his role, and a user deactivates his role.
v1.0 Privilegedrole https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedrole.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents an [Azure AD built-in administrator role](/azure/active-directory/roles/permissions-reference), for example, **Global Administrator, Billing Administrator, Service Administrator, User Administrator**, and **Password Administrator**.
v1.0 Privilegedroleassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedroleassignment.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents a privileged role assignment for a particular user.
v1.0 Privilegedroleassignmentrequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/privilegedroleassignmentrequest.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] Represents the request for role assignment operations in Privileged Identity Management (PIM).
v1.0 Rbacapplication https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/rbacapplication.md
Role management container for unified role definitions and role assignments for
|:-|:|:| | [Create unifiedRoleAssignment](../api/rbacapplication-post-roleassignments.md) | [unifiedRoleAssignment](unifiedroleassignment.md) | Create a new unifiedRoleAssignment by posting to the roleAssignments collection. | | [List roleAssignments](../api/rbacapplication-list-roleassignments.md) | [unifiedRoleAssignment](unifiedroleassignment.md) collection | Get a unifiedRoleAssignment object collection. Only specific instances can be queried, by filtering on roleDefitionId or principalId. |
+| [List transitiveRoleAssignments](../api/rbacapplication-list-transitiveroleassignments.md) | [unifiedRoleAssignment](unifiedroleassignment.md) collection | Get direct and transitive unifiedRoleAssignments assigned to a specific principal. Specifying principalId is required. |
| [Create unifiedRoleDefinition](../api/rbacapplication-post-roledefinitions.md) | [unifiedRoleDefinition](unifiedroledefinition.md) | Create a new unifiedRoleDefinition by posting to the roleDefinitions collection. | | [List roleDefinitions](../api/rbacapplication-list-roledefinitions.md) | [unifiedRoleDefinition](unifiedroledefinition.md) collection | Get a unifiedRoleDefinition object collection. | | [roleSchedules](../api/rbacapplication-roleschedules.md) | [unifiedRoleScheduleBase](unifiedroleschedulebase.md) collection | Function to retrieve a collection of unifiedRoleScheduleBase objects. |
None
## Relationships |Relationship|Type|Description| |:|:|:|
+|resourceNamespaces|[unifiedRbacResourceNamespace](../resources/unifiedrbacresourcenamespace.md) collection|Resource that represents a collection of related actions.|
|roleAssignments|[unifiedRoleAssignment](../resources/unifiedroleassignment.md) collection| Resource to grant access to users or groups. | |roleDefinitions|[unifiedRoleDefinition](../resources/unifiedroledefinition.md) collection| Resource representing the roles allowed by RBAC providers and the permissions assigned to the roles. | |roleAssignmentApprovals|[approval](../resources/approval.md) collection| Decisions associated with a role assignment approval.|
None
|roleEligibilityScheduleInstances|[unifiedRoleEligibilityScheduleInstance](../resources/unifiedRoleEligibilityScheduleInstance.md) collection| Instances of eligible role assignments through Azure AD Privileged Identity Management. | |roleEligibilityScheduleRequests|[unifiedRoleEligibilityScheduleRequest](../resources/unifiedRoleEligibilityScheduleRequest.md) collection| Requests for eligible role assignments through Azure AD Privileged Identity Management. | |roleEligibilitySchedules|[unifiedRoleEligibilitySchedule](../resources/unifiedRoleEligibilitySchedule.md) collection| Schedule for eligible role assignments through Azure AD Privileged Identity Management. |-
+|transitiveRoleAssignments|[unifiedRoleAssignment](../resources/unifiedroleassignment.md) collection| Resource to grant access to users or groups that are transitive. |
## JSON representation
v1.0 Rbacapplicationmultiple https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/rbacapplicationmultiple.md
None
|Relationship|Type|Description| |:|:|:|
+|resourceNamespaces|[unifiedRbacResourceNamespace](../resources/unifiedrbacresourcenamespace.md) collection|Resource that represents a collection of related actions.|
|roleAssignments|[unifiedRoleAssignmentMultiple](../resources/unifiedroleassignmentmultiple.md) collection| Resource to grant access to users or groups. | |roleDefinitions|[unifiedRoleDefinition](../resources/unifiedroledefinition.md) collection| Resource representing the roles allowed by RBAC providers and the permissions assigned to the roles. |
v1.0 Resourceaccess https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/resourceaccess.md
Namespace: microsoft.graph
Object used to specify an OAuth 2.0 permission scope or an app role that an application requires, through the **resourceAccess** property of the [requiredResourceAccess](requiredresourceaccess.md) resource type. ## Properties+ | Property | Type |Description| |:|:--|:-|
-|id|GUID|The unique identifier for one of the [oauth2PermissionScopes](permissionscope.md) or [appRole](approle.md) instances that the resource application exposes.|
-|type|String|Specifies whether the **id** property references an [oauth2PermissionScopes](permissionscope.md) or an [appRole](approle.md). The possible values are: `Scope` (for OAuth 2.0 permission scopes) or `Role` (for app roles).|
+|id|Guid|The unique identifier of an [app role](approle.md) or [delegated permission](permissionScope.md) exposed by the resource application. For delegated permissions, this should match the **id** property of one of the [delegated permissions](permissionscope.md) in the **oauth2PermissionScopes** collection of the resource application's [service principal](serviceprincipal.md). For app roles (application permissions), this should match the **id** property of an [app role](approle.md) in the **appRoles** collection of the resource application's [service principal](serviceprincipal.md).|
+|type|String|Specifies whether the **id** property references a [delegated permission](permissionscope.md) or an [app role](approle.md) (application permission). The possible values are: `Scope` (for delegated permissions) or `Role` (for app roles).|
## JSON representation
The following is a JSON representation of the resource.
```json {
- "id": "GUID",
+ "id": "Guid",
"type": "String" }
v1.0 Resourcedata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/resourcedata.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents the resouce data attached to the change notification sent to the subscriber.
+Represents the resouce data attached to the change notification sent to the subscriber. This resource is an open type and allows other properties to be passed in.
For details, see [Use the Microsoft Graph API to get change notifications](webhooks.md).
None.
## Properties
-For Outlook resources, **resourceData** contains the following fields:
+None except for Outlook resources where **resourceData** contains the following fields:
| Property | Type | Description | |:|:--|:|
-| @odata.type | string | The OData entity type in Microsoft Graph that describes the represented object. |
-| @odata.id | string | The OData identifier of the object. |
-| @odata.etag | string | The HTTP entity tag that represents the version of the object. |
-| id | string | The identifier of the object. |
+| @odata.type | String | The OData entity type in Microsoft Graph that describes the represented object. |
+| @odata.id | String | The OData identifier of the object. |
+| @odata.etag | String | The HTTP entity tag that represents the version of the object. |
+| id | String | The identifier of the object. |
-> **Note:** The `id` value provided in **resourceData** is valid at the time the change notification was generated. Some actions, such as moving a message to another folder, might result in the `id` no longer being valid when the change notification is processed.
+> **Note:** The **id** value provided in **resourceData** is valid at the time the change notification was generated. Some actions, such as moving a message to another folder, might result in the `id` no longer being valid when the change notification is processed.
## Relationships
The following is a JSON representation of the resource.
<!-- { "blockType": "resource", "optionalProperties": [-
+ "@odata.type",
+ "@odata.id",
+ "@odata.etag",
+ "id"
], "@odata.type": "microsoft.graph.resourceData" }--> ```json {
- "id": "1565293727947",
- "@odata.type": "#Microsoft.Graph.ChatMessage",
- "@odata.id": "teams('88cbc8fc-164b-44f0-b6a6-b59b4a1559d3')/channels('19:8d9da062ec7647d4bb1976126e788b47@thread.tacv2')/messages('1565293727947')/replies('1565293727947')"
+ "@odata.type": "#microsoft.graph.resourceData"
} ```
v1.0 Riskdetection https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/riskdetection.md
For more information about risk events, see [Azure Active Directory Identity Pro
|id|string|Unique ID of the risk detection. | |requestId|string|Request ID of the sign-in associated with the risk detection. This property is null if the risk detection is not associated with a sign-in.| |correlationId|string|Correlation ID of the sign-in associated with the risk detection. This property is null if the risk detection is not associated with a sign-in. |
-|riskEventType|string|The type of risk event detected. The possible values are `unlikelyTravel`, `anonymizedIPAddress`, `maliciousIPAddress`, `unfamiliarFeatures`, `malwareInfectedIPAddress`, `suspiciousIPAddress`, `leakedCredentials`, `investigationsThreatIntelligence`, `generic`,`adminConfirmedUserCompromised`, `mcasImpossibleTravel`, `mcasSuspiciousInboxManipulationRules`, `investigationsThreatIntelligenceSigninLinked`, `maliciousIPAddressValidCredentialsBlockedIP`, and `unknownFutureValue`. |
+|riskEventType|string|The type of risk event detected. The possible values are `unlikelyTravel`, `anonymizedIPAddress`, `maliciousIPAddress`, `unfamiliarFeatures`, `malwareInfectedIPAddress`, `suspiciousIPAddress`, `leakedCredentials`, `investigationsThreatIntelligence`, `generic`,`adminConfirmedUserCompromised`, `mcasImpossibleTravel`, `mcasSuspiciousInboxManipulationRules`, `investigationsThreatIntelligenceSigninLinked`, `maliciousIPAddressValidCredentialsBlockedIP`, and `unknownFutureValue`. <br/> For more information about each value, see [riskEventType values](#riskeventtype-values).|
|riskState|riskState|The state of a detected risky user or sign-in. The possible values are `none`, `confirmedSafe`, `remediated`, `dismissed`, `atRisk`, `confirmedCompromised`, and `unknownFutureValue`. | |riskLevel|riskLevel|Level of the detected risk. The possible values are `low`, `medium`, `high`, `hidden`, `none`, `unknownFutureValue`. <br />**Note:** Details for this property are only available for Azure AD Premium P2 customers. P1 customers will be returned `hidden`.| |riskDetail|riskDetail|Details of the detected risk. The possible values are `none`, `adminGeneratedTemporaryPassword`, `userPerformedSecuredPasswordChange`, `userPerformedSecuredPasswordReset`, `adminConfirmedSigninSafe`, `aiConfirmedSigninSafe`, `userPassedMFADrivenByRiskBasedPolicy`, `adminDismissedAllRiskForUser`, `adminConfirmedSigninCompromised`, `hidden`, `adminConfirmedUserCompromised`, `unknownFutureValue`. <br />**Note:** Details for this property are only available for Azure AD Premium P2 customers. P1 customers will be returned `hidden`.|
For more information about risk events, see [Azure Active Directory Identity Pro
|additionalInfo|string|Additional information associated with the risk detection in JSON format. | |riskType (deprecated)|riskEventType|List of risk event types.<br />**Note:** This property is deprecated. Use **riskEventType** instead. |
+### riskEventType values
+
+| Member | Description |
+|--|--|
+| unlikelyTravel | Identifies two sign-ins originating from geographically distant locations, where at least one of the locations may also be atypical for the user, given past behavior. |
+| anonymizedIPAddress | Indicates sign-ins from an anonymous IP address, for example, using an anonymous browser or VPN. |
+| maliciousIPAddress | Indicates sign-ins from IP addresses known to be malicious. Deprecated and no longer generated for new detections. |
+| unfamiliarFeatures | Indicates sign-ins with characteristics that deviate from past sign-in properties. |
+| malwareInfectedIPAddress | Indicates sign-ins from IP addresses infected with malware |
+| suspiciousIPAddress | Identifies logins from IP addresses that are known to be malicious at the time of the sign in. |
+| leakedCredentials | Indicates that the user's valid credentials have been leaked. This sharing is typically done by posting publicly on the dark web, paste sites, or by trading and selling the credentials on the black market. When the Microsoft leaked credentials service acquires user credentials from the dark web, paste sites, or other sources, they are checked against Azure AD users' current valid credentials to find valid matches. |
+| investigationsThreatIntelligence | Indicates a sign-in activity that is unusual for the given user or is consistent with known attack patterns based on Microsoft's internal and external threat intelligence sources. |
+| generic | Indicates that the user was not enabled for Identity Protection. |
+| adminConfirmedUserCompromised | Indicates that an administrator has [confirmed the user is compromised](../api/riskyusers-confirmcompromised.md). |
+| mcasImpossibleTravel | Discovered by Microsoft Defender for Cloud Apps (MDCA). Identifies two user activities (a single or multiple sessions) originating from geographically distant locations within a time period shorter than the time it would have taken the user to travel from the first location to the second, indicating that a different user is using the same credentials. |
+| mcasSuspiciousInboxManipulationRules | Discovered by Microsoft Defender for Cloud Apps (MDCA). Identifies suspicious email forwarding rules, for example, if a user created an inbox rule that forwards a copy of all emails to an external address.|
+| investigationsThreatIntelligenceSigninLinked | Identifies activity that is unusual with known attack patterns based on threat intelligence |
+| maliciousIPAddressValidCredentialsBlockedIP | Indicates that sign-in was made with valid credentials from a malicious IP address. |
+| unknownFutureValue | Evolvable enumeration sentinel value. Do not use. |
++ ## JSON representation The following is a JSON representation of the resource.
v1.0 Schedule https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/schedule.md
Title: "schedule resource type" description: "A collection of schedulingGroups, shifts, timeOffReasons and timesOff within a team."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: resourcePageType
v1.0 Schedulinggroup https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/schedulinggroup.md
Title: "schedulingGroup resource type" description: "A logical grouping of members in the schedule (usually by role)."-+ ms.localizationpriority: high ms.prod: "microsoft-teams" doc_type: resourcePageType
v1.0 Schemaextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/schemaextension.md
See the [schema extension example](/graph/extensibility-schema-groups) to learn
| Property | Type |Description| |:|:--|:-| |description|String|Description for the schema extension. Supports `$filter` (`eq`).|
-|id|String|The unique identifier for the schema extension definition. <br>You can assign a value in one of two ways: <ul><li>Concatenate the name of one of your verified domains with a name for the schema extension to form a unique string in this format, \{_&#65279;domainName_\}\_\{_&#65279;schemaName_\}. As an example, `contoso_mySchema`. </li><li>Provide a schema name, and let Microsoft Graph use that schema name to complete the **id** assignment in this format: ext\{_&#65279;8-random-alphanumeric-chars_\}\_\{_&#65279;schema-name_\}. An example would be `extkvbmkofy_mySchema`.</li></ul>This property cannot be changed after creation. Supports `$filter` (`eq`). |
+|id|String|The unique identifier for the schema extension definition. <br>You can assign a value in one of two ways: <ul><li>Concatenate the name of one of your verified domains with a name for the schema extension to form a unique string in this format, \{_&#65279;domainName_\}\_\{_&#65279;schemaName_\}. As an example, `contoso_mySchema`. </li><li>Provide a schema name, and let Microsoft Graph use that schema name to complete the **id** assignment in this format: ext\{_&#65279;8-random-alphanumeric-chars_\}\_\{_&#65279;schema-name_\}. An example would be `extkvbmkofy_mySchema`.</li></ul>This property cannot be changed after creation. Supports `$filter` (`eq`). <br/><br> **Note:** We recommend that your **id** starts with an alphabetic letter between A-Z because query capabilities might be limited for IDs that begin with integers. |
|owner|String| The `appId` of the application that is the owner of the schema extension. This property can be supplied on creation, to set the owner. If not supplied, then the calling application's `appId` will be set as the owner. In either case, the signed-in user must be the owner of the application. So, for example, if creating a new schema extension definition using Graph Explorer, you **must** supply the owner property. Once set, this property is read-only and cannot be changed. Supports `$filter` (`eq`).| |properties|[extensionSchemaProperty](extensionschemaproperty.md) collection|The collection of property names and types that make up the schema extension definition.| |status|String|The lifecycle state of the schema extension. Possible states are **InDevelopment**, **Available**, and **Deprecated**. Automatically set to **InDevelopment** on creation. [Schema extensions](/graph/extensibility-overview#schema-extensions) provides more information on the possible state transitions and behaviors. Supports `$filter` (`eq`).|
v1.0 Search Acronym https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/search-acronym.md
+
+ Title: "acronym resource type"
+description: "An acronym is an administrative answer in Microsoft Search results to define common acronyms in a organization."
+
+ms.localizationpriority: medium
++
+# acronym resource type
+
+Namespace: microsoft.graph.search
++
+An acronym is an administrative answer in Microsoft Search results to define common acronyms in an organization.
+
+Inherits from [searchAnswer](../resources/search-searchAnswer.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List acronyms](../api/search-searchentity-list-acronyms.md)|[microsoft.graph.search.acronym](../resources/search-acronym.md) collection|Get a list of the [acronym](../resources/search-acronym.md) objects and their properties.|
+|[Create acronym](../api/search-searchentity-post-acronyms.md)|[microsoft.graph.search.acronym](../resources/search-acronym.md)|Create a new [acronym](../resources/search-acronym.md) object.|
+|[Get acronym](../api/search-acronym-get.md)|[microsoft.graph.search.acronym](../resources/search-acronym.md)|Read the properties and relationships of an [acronym](../resources/search-acronym.md) object.|
+|[Update acronym](../api/search-acronym-update.md)|[microsoft.graph.search.acronym](../resources/search-acronym.md)|Update the properties of an [acronym](../resources/search-acronym.md) object.|
+|[Delete acronym](../api/search-acronym-delete.md)|None|Deletes an [acronym](../resources/search-acronym.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|description|String|A brief description of the acronym that gives users more info about the acronym and what it stands for. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|displayName|String|The actual short form or acronym. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|id|String|The unique identifier (GUID) for the acronym. Inherited from [entity](../resources/entity.md).|
+|lastModifiedBy|[microsoft.graph.identitySet](../resources/identityset.md)|Details of the user that created or last modified the acronym. Inherited from [searchAnswer](../resources/search-searchAnswer.md). Read-only.|
+|lastModifiedDateTime|DateTimeOffset|Timestamp of when the acronym is created or edited. Inherited from [searchAnswer](../resources/search-searchAnswer.md). Read-only.|
+|standsFor|String collection|What the acronym stands for.|
+|state|microsoft.graph.search.answerState|State of the acronym. Possible values are: `published`, `draft`, `excluded`, or `unknownFutureValue`.|
+|webUrl|String|The URL of the page or website where users can go for more information about the acronym. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.search.acronym",
+ "baseType": "microsoft.graph.search.searchAnswer",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.search.acronym",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "description": "String",
+ "webUrl": "String",
+ "lastModifiedBy": {
+ "@odata.type": "microsoft.graph.identitySet"
+ },
+ "lastModifiedDateTime": "String (timestamp)",
+ "standsFor": [
+ "String"
+ ],
+ "state": "String"
+}
+```
+
v1.0 Search Answerkeyword https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/search-answerkeyword.md
+
+ Title: "answerKeyword resource type"
+description: "Answer keywords allow users to define words and phrases that will trigger an administrative search answer to appear in search results."
+
+ms.localizationpriority: medium
++
+# answerKeyword resource type
+
+Namespace: microsoft.graph.search
++
+An answer keyword is used to configure words and phrases that will trigger an administrative search answer to appear in search results.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|keywords|String collection|A collection of keywords used to trigger the search answer.|
+|matchSimilarKeywords|Boolean|If `true`, indicates that the search term contains similar words to the keywords that should trigger the search answer.|
+|reservedKeywords|String collection|Unique keywords that will guarantee the search answer is triggered.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.search.answerKeyword"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.search.answerKeyword",
+ "keywords": [
+ "String"
+ ],
+ "reservedKeywords": [
+ "String"
+ ],
+ "matchSimilarKeywords": "Boolean"
+}
+```
+
v1.0 Search Answervariant https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/search-answervariant.md
+
+ Title: "answerVariant resource type"
+description: "An answer variant can be used to change certain properties of a search answer based on country or platform."
+
+ms.localizationpriority: medium
++
+# answerVariant resource type
+
+Namespace: microsoft.graph.search
++
+An answer variant can be used to change certain fields of a search answer based on country or platform.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|description|String|Answer variation description shown on search results page.|
+|displayName|String|Answer variation name displayed in search results.|
+|webUrl|String|Answer variation URL link. When users click this answer variation in search results, they will go to this URL.|
+|languageTags|String collection|List of countries or regions able to view this search answer.|
+|platforms|microsoft.graph.platform collection|List of devices and operating systems able to view this answer variation. Possible values are: `unknown`, `ios`, `android`, `windows`, `windowsMobile`, `macOS`.|
++
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.search.answerVariant"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.search.answerVariant",
+ "displayName": "String",
+ "webUrl": "String",
+ "description": "String",
+ "languageTags": ["String"],
+ "platforms": ["String"]
+}
+```
+
v1.0 Search Api Answers Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/search-api-answers-overview.md
+
+ Title: "Use the Microsoft Search API to manage administrative answers"
+description: "Use Microsoft Graph to manage administrative search answers in the Microsoft Search experience."
+ms.localizationpriority: high
+++
+# Use the Microsoft Search API to manage administrative answers
++
+You can use Microsoft Graph to manage administrative search answer results in the [Microsoft Search](/microsoftsearch/overview-microsoft-search) experience.
+
+Requests to manage administrative search answers are performed by global administrators, search administrators, search editors, or are performed on behalf of an application without the presence of a signed-in user, identified using an [access token with application permission](/graph/auth-v2-service).
+
+## Common use cases
+
+The use cases for the APIs in this section involve managing administrative answers such as acronyms, bookmarks, and QnAs for an organization.
+
+| Use cases | REST resources |
+|:-|:--|
+| **Search answer actions** | |
+| Create, update, or delete a search answer | [acronym](search-acronym.md), [bookmark](search-bookmark.md), [qna](search-qna.md) |
+
+## Supported language tags
+A language tag of a [bookmark](search-bookmark.md) or [qna](search-qna.md) represents a geographically specific language in which that search answer (**bookmark** or **qna**) can be viewed. A language tag follows the pattern {language}-{REGION}. For more information on the pattern, see [RFC 4646](https://datatracker.ietf.org/doc/html/rfc4646).
+
+The following table lists the language tags, locales, and the corresponding country or region that you can set in the [Microsoft 365 admin center](https://admin.microsoft.com/) to publish a search answer. The **Locale** column describes the language as used in that country or region.
+
+| Supported language tag | Locale | Choice of country or region in Microsoft 365 admin center |
+| -- | - | - |
+|`es-AR`| Spanish (Argentina) | Argentina |
+|`en-AU`| English (Australia) | Australia |
+|`de-AT`| German (Austria) |Austria |
+|`fr-BE`| French (Belgium) |Belgium - French |
+|`nl-BE`| Dutch (Belgium) | Belgium - Dutch |
+|`en-CA`| English (Canada) | Canada - English |
+|`fr-CA`| French (Canada) | Canada - French |
+|`fr-FR`| French (France) | France |
+|`de-DE`| German (Germany) | Germany |
+|`zh-HK`| Chinese (Hong Kong) | Hong Kong |
+|`en-IN`| English (India) | India |
+|`it-IT`| Italian (Italy) | Italy |
+|`pt-BR`| Portuguese (Brazil) | Brazil |
+|`en-ID`| English (Indonesia) | Indonesia |
+|`ja-JP`| Japanese (Japan) | Japan |
+|`ko-KR`| Korean (South Korea) | Korea |
+|`en-MY`| English (Malaysia) | Malaysia |
+|`es-MX`| Spanish (Mexico) | Mexico |
+|`nl-NL`| Dutch (Netherlands) | Netherlands |
+|`nb-NO`| Norwegian Bokmål (Norway) | Norway |
+|`zh-CN`| Chinese (China) | People's Republic of China |
+|`pl-PL`| Polish (Poland) | Poland |
+|`ru-RU`| Russian (Russia) | Russia |
+|`ar-SA`| Arabic (Saudi Arabia) | Saudi Arabia |
+|`sv-SE`| Swedish (Sweden) | Sweden |
+|`es-ES`| Spanish (Spain) | Spain |
+|`fr-CH`| French (Switzerland) | Switzerland - French |
+|`de-CH`| German (Switzerland) | Switzerland - German |
+|`en-ZA`| English (South Africa) | South Africa |
+|`zh-TW`| Chinese (Taiwan) | Taiwan |
+|`tr-TR`| Turkish (Turkey) | Turkey |
+|`en-GB`| English (United Kingdom) | United Kingdom |
+|`en-US`| English (United States) | United States - English |
+|`es-US`| Spanish (United States) | United States - Spanish |
+
+## What's new
+Find out about the [latest new features and updates](/graph/whats-new-overview) for this API set.
+
+## Next steps
+
+- See the [Microsoft Search API overview](/graph/search-concept-overview).
+- Drill down on the methods, properties, and relationships of the answer type resources: [bookmarks](search-bookmark.md), [acronyms](search-acronym.md), and [QnAs](search-qna.md).
+
v1.0 Search Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/search-api-overview.md
Search requests run in the context of the signed-in user, identified using an [a
## Common use cases
-The Microsoft Search API provides a [query](../api/search-query.md) method to search across your data in Microsoft Search, where you pass a [searchRequest](searchRequest.md) in the request body, defining the specifics of your search.
+The Microsoft Search API provides a [query](../api/search-query.md) method to search across your data in Microsoft Search, where you pass a [searchRequest](searchrequest.md) in the request body, defining the specifics of your search.
-This section lists the common use cases of the **query** method, based on the properties and parameters you set in the **query** [searchRequest](searchRequest.md) body.
+This section lists the common use cases of the **query** method, based on the properties and parameters you set in the **query** [searchRequest](searchrequest.md) body.
Search requests run on behalf of the user. Search results are scoped to enforce any access control applied to the items. For example, in the context of files, permissions on the files are evaluated as part of the search request. Users cannot access more items in a search than they can otherwise obtain from a corresponding GET operation with the same permissions and access control.
See [refine search results](/graph/search-concept-aggregation) for examples that
## Request spelling correction
-Spelling correction is a popular way to handle mismatches between typos in a user query and the correct words in matched contents. When typos are detected in the original user query, you can get the search result either for the original user query or the corrected alternate query. You can also get the spelling correction information for typos in the **queryAlterationResponse** property of the [searchresponse](searchresponse.md).
+Spelling correction is a popular way to handle mismatches between typos in a user query and the correct words in matched contents. When typos are detected in the original user query, you can get the search result either for the original user query or the corrected alternate query. You can also get the spelling correction information for typos in the **queryAlterationResponse** property of the [searchResponse](searchresponse.md).
In the [searchRequest](./searchrequest.md), specify the **queryAlterationOptions** that should be applied to the query for spelling corrections. For details about the **queryAlterationOptions** property, see [searchAlterationOptions](./searchalterationoptions.md).
For examples that show how to use spelling corrections, see [Request spelling co
The search API allows you to render search results from [connectors](/microsoftsearch/connectors-overview), by using the display layout or result template configured by the IT admin for each connector. The result templates are [Adaptive Cards](https://adaptivecards.io/), which are a semantically meaningful combination of layout and data.
-To get the result template in the [searchresponse](searchresponse.md), you have to set **true** the **enableResultTemplate** property, defined in the [resultTemplateOptions](./resulttemplateoption.md), in the [searchRequest](./searchrequest.md). The response includes a **resultTemplateId** for every [search hit](./searchhit.md), which maps to one of the display layouts included in the **resultTemplates** dictionary that is included in the response.
+To get the result template in the [searchResponse](searchresponse.md), you have to set **true** the **enableResultTemplate** property, defined in the [resultTemplateOptions](./resulttemplateoption.md), in the [searchRequest](./searchrequest.md). The response includes a **resultTemplateId** for every [search hit](./searchhit.md), which maps to one of the display layouts included in the **resultTemplates** dictionary that is included in the response.
See [Use search display layout](/graph/search-concept-display-layout) for examples.
v1.0 Search Bookmark https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/search-bookmark.md
+
+ Title: "bookmark resource type"
+description: "A bookmark is an administrative answer in Microsoft Search results for common search queries in an organization. A bookmark has many properties which allow administrators to make common resources more accessible in their organization."
+
+ms.localizationpriority: medium
++
+# bookmark resource type
+
+Namespace: microsoft.graph.search
++
+A bookmark is an administrative answer in Microsoft Search results for common search queries in an organization. A bookmark has many properties which allow administrators to make common resources more accessible in their organization.
+
+Inherits from [searchAnswer](../resources/search-searchAnswer.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List bookmarks](../api/search-searchentity-list-bookmarks.md)|[microsoft.graph.search.bookmark](../resources/search-bookmark.md) collection|Get a list of the [bookmark](../resources/search-bookmark.md) objects and their properties.|
+|[Create bookmark](../api/search-searchentity-post-bookmarks.md)|[microsoft.graph.search.bookmark](../resources/search-bookmark.md)|Create a new [bookmark](../resources/search-bookmark.md) object.|
+|[Get bookmark](../api/search-bookmark-get.md)|[microsoft.graph.search.bookmark](../resources/search-bookmark.md)|Read the properties and relationships of a [bookmark](../resources/search-bookmark.md) object.|
+|[Update bookmark](../api/search-bookmark-update.md)|[microsoft.graph.search.bookmark](../resources/search-bookmark.md)|Update the properties of a [bookmark](../resources/search-bookmark.md) object.|
+|[Delete bookmark](../api/search-bookmark-delete.md)|None|Deletes a [bookmark](../resources/search-bookmark.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|The unique identifier (GUID) for the bookmark. Inherited from [entity](../resources/entity.md).|
+|displayName|String|Bookmark name displayed in search results. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|description|String|Bookmark description shown on search results page. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|webUrl|String|Bookmark URL link. When users click this bookmark in search results, they will go to this URL. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|lastModifiedBy|[microsoft.graph.identitySet](../resources/identityset.md)|Details of the user that created or last modified the bookmark. Inherited from [searchAnswer](../resources/search-searchAnswer.md). Read-only.|
+|lastModifiedDateTime|DateTimeOffset|Timestamp of when the bookmark is created or edited. Inherited from [searchAnswer](../resources/search-searchAnswer.md). Read-only. |
+|categories|String collection|Categories commonly used to describe this bookmark. For example, IT and HR.|
+|availabilityStartDateTime|DateTimeOffset|Timestamp of when the bookmark will start to appear as a search result. Set as `null` for always available.|
+|availabilityEndDateTime|DateTimeOffset|Timestamp of when the bookmark will stop to appear as a search result. Set as `null` for always available.|
+|languageTags|String collection|A list of language names that are geographically specific and that this bookmark can be viewed in. Each language tag value follows the pattern {language}-{REGION}. As an example, `en-US` is English as used in the United States. See [supported language tags](search-api-answers-overview.md#supported-language-tags) for the list of possible values.|
+|platforms|microsoft.graph.devicePlatformType collection|List of devices and operating systems able to view this bookmark. Possible values are: `unknown`, `android`, `androidForWork`, `ios`, `macOS`, `windowsPhone81`, `windowsPhone81AndLater`, `windows10AndLater`, `androidWorkProfile`, `androidASOP`.|
+|targetedVariations|[microsoft.graph.search.answerVariant](../resources/search-answerVariant.md) collection|Variations of a bookmark for different countries or devices. Use when you need to show different content to users based on their device, country/region, or both. The date and group settings will apply to all variations.|
+|powerAppIds|String collection|List of Power Apps associated with this bookmark. If users add existing Power Apps to a bookmark, they can complete tasks, such as to enter vacation time or to report expenses on the search results page.|
+|keywords|[microsoft.graph.search.answerKeyword](../resources/search-answerKeyword.md)|Keywords that trigger this bookmark to appear in search results.|
+|state|microsoft.graph.search.answerState|State of the bookmark. Possible values are: `published`, `draft`, `excluded`, or `unknownFutureValue`.|
+|isSuggested|Boolean|True if this bookmark was suggested to the admin by a user or was mined and suggested by Microsoft. Read-only.|
+|groupIds|String collection|List of security groups able to view this bookmark.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.search.bookmark",
+ "baseType": "microsoft.graph.search.searchAnswer",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.search.bookmark",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "description": "String",
+ "webUrl": "String",
+ "lastModifiedBy": {
+ "@odata.type": "microsoft.graph.identitySet"
+ },
+ "lastModifiedDateTime": "String (timestamp)",
+ "categories": [
+ "String"
+ ],
+ "availabilityStartDateTime": "String (timestamp)",
+ "availabilityEndDateTime": "String (timestamp)",
+ "languageTags": [
+ "String"
+ ],
+ "platforms": [
+ "String"
+ ],
+ "targetedVariations": [
+ {
+ "@odata.type": "microsoft.graph.search.answerVariant"
+ }
+ ],
+ "powerAppIds": [
+ "String"
+ ],
+ "keywords": {
+ "@odata.type": "microsoft.graph.search.answerKeyword"
+ },
+ "state": "String",
+ "isSuggested": "Boolean",
+ "groupIds": [
+ "String"
+ ]
+}
+```
+
v1.0 Search Qna https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/search-qna.md
+
+ Title: "qna resource type"
+description: "Represents a question and answer (Q&A) in Microsoft Search."
+
+ms.localizationpriority: medium
++
+# qna resource type
+
+Namespace: microsoft.graph.search
++
+Q&As are administrative answer results in the search results page which provide answers for specific search keywords. Q&As allow administrators to answer the user's questions directly in search instead of providing a link to a webpage. A Q&A has many properties which allow administrators to make common resources more accessible in their organization.
+
+Inherits from [searchAnswer](../resources/search-searchAnswer.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List qnas](../api/search-searchentity-list-qnas.md)|[microsoft.graph.search.qna](../resources/search-qna.md) collection|Get a list of the [qna](../resources/search-qna.md) objects and their properties.|
+|[Create qna](../api/search-searchentity-post-qnas.md)|[microsoft.graph.search.qna](../resources/search-qna.md)|Create a new [qna](../resources/search-qna.md) object.|
+|[Get qna](../api/search-qna-get.md)|[microsoft.graph.search.qna](../resources/search-qna.md)|Read the properties and relationships of a [qna](../resources/search-qna.md) object.|
+|[Update qna](../api/search-qna-update.md)|[microsoft.graph.search.qna](../resources/search-qna.md)|Update the properties of a [qna](../resources/search-qna.md) object.|
+|[Delete qna](../api/search-qna-delete.md)|None|Deletes a [qna](../resources/search-qna.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|The unique identifier (GUID) for the qna. Inherited from [entity](../resources/entity.md).|
+|displayName|String|Question displayed in search results. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|description|String|Answer displayed in search results. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|webUrl|String|Qna URL link. When users click this qna in search results, they will go to this URL. Inherited from [searchAnswer](../resources/search-searchAnswer.md).|
+|lastModifiedBy|[microsoft.graph.identitySet](../resources/identityset.md)|Details of the user that created or last modified the qna. Inherited from [searchAnswer](../resources/search-searchAnswer.md). Read-only. |
+|lastModifiedDateTime|DateTimeOffset| Timestamp of when the qna is created or edited. Inherited from [searchAnswer](../resources/search-searchAnswer.md). Read-only.|
+|availabilityStartDateTime|DateTimeOffset|Timestamp of when the qna will start to appear as a search result. Set as `null` for always available.|
+|availabilityEndDateTime|DateTimeOffset|Timestamp of when the qna will stop to appear as a search result. Set as `null` for always available.|
+|languageTags|String collection|A list of language names that are geographically specific and that this QnA can be viewed in. Each language tag value follows the pattern {language}-{REGION}. As an example, `en-US` is English as used in the United States. See [supported language tags](search-api-answers-overview.md#supported-language-tags) for the list of possible values. |
+|platforms|microsoft.graph.devicePlatformType collection|List of devices and operating systems able to view this qna. Possible values are: `unknown`, `android`, `androidForWork`, `ios`, `macOS`, `windowsPhone81`, `windowsPhone81AndLater`, `windows10AndLater`, `androidWorkProfile`, `androidASOP`.|
+|targetedVariations|[microsoft.graph.search.answerVariant](../resources/search-answerVariant.md) collection|Variations of a qna for different countries or devices. Use when you need to show different content to users based on their device, country/region, or both. The date and group settings will apply to all variations.|
+|keywords|[microsoft.graph.search.answerKeyword](../resources/search-answerKeyword.md)|Keywords that trigger this qna to appear in search results.|
+|state|microsoft.graph.search.answerState|State of the qna. Possible values are: `published`, `draft`, `excluded`, or `unknownFutureValue`.|
+|isSuggested|Boolean| True if this qna was suggested to the admin by a user or was mined and suggested by Microsoft. Read-only.|
+|groupIds|String collection|List of security groups able to view this qna.|
++
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.search.qna",
+ "baseType": "microsoft.graph.search.searchAnswer",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.search.qna",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "description": "String",
+ "webUrl": "String",
+ "lastModifiedBy": {
+ "@odata.type": "microsoft.graph.identitySet"
+ },
+ "lastModifiedDateTime": "String (timestamp)",
+ "availabilityStartDateTime": "String (timestamp)",
+ "availabilityEndDateTime": "String (timestamp)",
+ "languageTags": [
+ "String"
+ ],
+ "platforms": [
+ "String"
+ ],
+ "targetedVariations": [
+ {
+ "@odata.type": "microsoft.graph.search.answerVariant"
+ }
+ ],
+ "keywords": {
+ "@odata.type": "microsoft.graph.search.answerKeyword"
+ },
+ "state": "String",
+ "isSuggested": "Boolean",
+ "groupIds": [
+ "String"
+ ]
+}
+```
+
v1.0 Search Searchanswer https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/search-searchanswer.md
+
+ Title: "searchAnswer resource type"
+description: "The search answer is a base type for other search answers."
+
+ms.localizationpriority: medium
++
+# searchAnswer resource type
+
+Namespace: microsoft.graph.search
++
+The search answer is a base type for other search answers, such as [acronym](../resources/search-acronym.md), [bookmark](../resources/search-bookmark.md), and [QnA](../resources/search-qna.md) resources. Includes properties that apply to other search answer entities.
++
+Inherits from [entity](../resources/entity.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|The unique identifier (GUID) for the search answer. Inherited from [entity](../resources/entity.md).|
+|displayName|String|Search answer name displayed in search results.|
+|description|String|Search answer description shown on search results page.|
+|webUrl|String|Search answer URL link. When users click this search answer in search results, they will go to this URL.|
+|lastModifiedBy|[microsoft.graph.identitySet](../resources/identityset.md)|Details of the user that created or last modified the search answer. Read-only.|
+|lastModifiedDateTime|DateTimeOffset|Timestamp of when the search answer is created or edited. Read-only.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.search.searchAnswer",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.search.searchAnswer",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "description": "String",
+ "webUrl": "String",
+ "lastModifiedBy": {
+ "@odata.type": "microsoft.graph.identitySet"
+ },
+ "lastModifiedDateTime": "String (timestamp)"
+}
+```
+
v1.0 Searchalterationoptions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/searchalterationoptions.md
Provides the search alteration options for spelling correction.
| Property | Type | Description | |:-|:|:|
-|enableSuggestion|Boolean|Indicates whether spelling suggestions are enabled. If enabled, user will get the search results for original search query and suggesting spelling correction in **queryAlterationResponse** property of the [response](/graph/api/resources/searchresponse?view=graph-rest-beta&preserve-view=true) for typos in query. Optional.|
|enableModification|Boolean|Indicates whether spelling modifications are enabled. If enabled, user will get the search results for corrected query **when there are no results** for the original query with typos and get the spelling modification information in **queryAlterationResponse** property of the [response](/graph/api/resources/searchresponse?view=graph-rest-beta&preserve-view=true). Optional.|
+|enableSuggestion|Boolean|Indicates whether spelling suggestions are enabled. If enabled, the user will get the search results for the original search query and suggestions for spelling correction in the **queryAlterationResponse** property of the [response](/graph/api/resources/searchresponse?view=graph-rest-beta&preserve-view=true) for the typos in the query. Optional.|
## JSON representation
The following is a JSON representation of the resource.
```json {
- "enableSuggestion": true,
- "enableModification": true
+ "enableModification": "Boolean",
+ "enableSuggestion": "Boolean"
} ```
v1.0 Searchentity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/searchentity.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-A top-level object that represents the Microsoft Search API endpoint. This resource serves as an anchor to the [query](../api/search-query.md) action.
+A top level object that represents the Microsoft Search API endpoint.
+
+It serves as an anchor to the [query](../api/search-query.md) action and search answer relationships such as [acronyms](../resources/search-acronym.md), [bookmarks](../resources/search-bookmark.md), and [qnas](../resources/search-qna.md).
[!INCLUDE [search-api-preview](../../includes/search-api-preview-signup.md)]
A top-level object that represents the Microsoft Search API endpoint. This resou
None. ## Relationships
-None.
+| Relationship | Type |Description|
+|:|:--|:-|
+| acronyms | [microsoft.graph.search.acronym](../resources/search-acronym.md) collection | Administrative answer in Microsoft Search results to define common acronyms in a organization. |
+| bookmarks | [microsoft.graph.search.bookmark](../resources/search-bookmark.md) collection | Administrative answer in Microsoft Search results for common search queries in an organization. |
+| qnas | [microsoft.graph.search.qna](../resources/search-qna.md) collection | Administrative answer in Microsoft Search results which provide answers for specific search keywords in an organization. |
+ ## JSON representation The following is a JSON representation of the resource.
v1.0 Service Communications Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/service-communications-api-overview.md
The service communications API can open up new ways for you to engage with users
- [Overview for accessing service health and communications in Microsoft Graph](/graph/service-communications-concept-overview) - Try the API in the [Graph Explorer](https://developer.microsoft.com/graph/graph-explorer).
-Need more ideas? See [how some of our partners are using Microsoft Graph](https://developer.microsoft.com/en-us/graph/partners).
+Need more ideas? See [how some of our partners are using Microsoft Graph](https://developer.microsoft.com/graph/partners).
v1.0 Serviceannouncement https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/serviceannouncement.md
A top-level container for service communications resources.
None. ## Relationships
-|Property|Type|Description|
+|Relationship|Type|Description|
|-|-|-| |messages|Collection([serviceUpdateMessage](serviceupdatemessage.md))|A collection of service messages for tenant. This property is a contained navigation property, it is nullable and readonly.| |healthOverviews|Collection([serviceHealth](servicehealth.md))|A collection of service health information for tenant. This property is a contained navigation property, it is nullable and readonly.|
v1.0 Serviceplaninfo https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/serviceplaninfo.md
Here is a JSON representation of the resource
```json {
- "appliesTo": "string",
- "provisioningStatus": "string",
- "servicePlanId": "guid",
- "servicePlanName": "string"
+ "appliesTo": "String",
+ "provisioningStatus": "String",
+ "servicePlanId": "Guid",
+ "servicePlanName": "String"
} ```
v1.0 Serviceprincipal https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/serviceprincipal.md
This resource supports using [delta query](/graph/delta-query-overview) to track
|appDisplayName|String|The display name exposed by the associated application.| |appId|String|The unique identifier for the associated application (its **appId** property). Supports `$filter` (`eq`, `ne`, `not`, `in`, `startsWith`).| |applicationTemplateId|String|Unique identifier of the applicationTemplate that the servicePrincipal was created from. Read-only. Supports `$filter` (`eq`, `ne`, `NOT`, `startsWith`).|
-|appOwnerOrganizationId|String|Contains the tenant id where the application is registered. This is applicable only to service principals backed by applications.Supports `$filter` (`eq`, `ne`, `NOT`, `ge`, `le`).|
+|appOwnerOrganizationId|Guid|Contains the tenant id where the application is registered. This is applicable only to service principals backed by applications.Supports `$filter` (`eq`, `ne`, `NOT`, `ge`, `le`).|
|appRoleAssignmentRequired|Boolean|Specifies whether users or other service principals need to be granted an app role assignment for this service principal before users can sign in or apps can get tokens. The default value is `false`. Not nullable. <br><br>Supports `$filter` (`eq`, `ne`, `NOT`). | |appRoles|[appRole](approle.md) collection|The roles exposed by the application which this service principal represents. For more information see the **appRoles** property definition on the [application](application.md) entity. Not nullable. | |customSecurityAttributes|[customSecurityAttributeValue](../resources/customsecurityattributevalue.md)|An open complex type that holds the value of a custom security attribute that is assigned to a directory object. Nullable. <br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `startsWith`).|
This resource supports using [delta query](/graph/delta-query-overview) to track
{ "accountEnabled": true, "addIns": [{"@odata.type": "microsoft.graph.addIn"}],
- "alternativeNames": "string",
- "appDisplayName": "string",
- "appId": "string",
- "appOwnerOrganizationId": "guid",
- "applicationTemplateId": "string",
+ "alternativeNames": "String",
+ "appDisplayName": "String",
+ "appId": "String",
+ "appOwnerOrganizationId": "Guid",
+ "applicationTemplateId": "String",
"appRoleAssignmentRequired": true, "appRoles": [{"@odata.type": "microsoft.graph.appRole"}], "customSecurityAttributes": { "@odata.type": "microsoft.graph.customSecurityAttributeValue" },
- "disabledByMicrosoftStatus": "string",
- "displayName": "string",
- "errorUrl": "string",
- "homepage": "string",
- "id": "string (identifier)",
+ "disabledByMicrosoftStatus": "String",
+ "displayName": "String",
+ "errorUrl": "String",
+ "homepage": "String",
+ "id": "String (identifier)",
"info": {"@odata.type": "microsoft.graph.informationalUrl"}, "keyCredentials": [{"@odata.type": "microsoft.graph.keyCredential"}],
- "loginUrl": "string",
- "logoutUrl": "string",
+ "loginUrl": "String",
+ "logoutUrl": "String",
"notes": "String",
- "notificationEmailAddresses": ["string"],
+ "notificationEmailAddresses": ["String"],
"publishedPermissionScopes": [{"@odata.type": "microsoft.graph.permissionScope"}], "passwordCredentials": [{"@odata.type": "microsoft.graph.passwordCredential"}], "passwordSingleSignOnSettings": {"@odata.type": "microsoft.graph.passwordSingleSignOnSettings"},
- "preferredSingleSignOnMode": "string",
+ "preferredSingleSignOnMode": "String",
"preferredTokenSigningKeyEndDateTime": "DateTime",
- "preferredTokenSigningKeyThumbprint": "string",
- "replyUrls": ["string"],
- "samlMetadataUrl": "string",
+ "preferredTokenSigningKeyThumbprint": "String",
+ "replyUrls": ["String"],
+ "samlMetadataUrl": "String",
"samlSingleSignOnSettings": "microsoft.DirectoryServices.SamlSingleSignOnSettings",
- "servicePrincipalNames": ["string"],
- "servicePrincipalType": "string",
+ "servicePrincipalNames": ["String"],
+ "servicePrincipalType": "String",
"signInAudience": "String",
- "tags": ["string"],
+ "tags": ["String"],
"tokenEncryptionKeyId": "String", "useCustomTokenSigningKey": false, "verifiedPublisher": {"@odata.type": "microsoft.graph.verifiedPublisher"}
v1.0 Shift https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/shift.md
Title: "shift resource type" description: "A shift is a unit of scheduled work in the schedule."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: resourcePageType
v1.0 Shiftactivity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/shiftactivity.md
Title: "shiftActivity resource type" description: "Represents an activity in a shift."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: resourcePageType
v1.0 Shiftitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/shiftitem.md
Title: "shiftItem resource type" description: "A shiftItem represents a version of the shift."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: resourcePageType
v1.0 Subscribedsku https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/subscribedsku.md
The following is a JSON representation of the resource
```json {
- "appliesTo": "string",
- "capabilityStatus": "string",
+ "appliesTo": "String",
+ "capabilityStatus": "String",
"consumedUnits": 1024,
- "id": "string (identifier)",
+ "id": "String (identifier)",
"prepaidUnits": {"@odata.type": "microsoft.graph.licenseUnitsDetail"}, "servicePlans": [{"@odata.type": "microsoft.graph.servicePlanInfo"}],
- "skuId": "guid",
- "skuPartNumber": "string"
+ "skuId": "Guid",
+ "skuPartNumber": "String"
} ```
v1.0 Subscription https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/subscription.md
A subscription allows a client app to receive change notifications about changes
- A [group][] in Azure Active Directory. - A [list][] under a SharePoint [site][]. - A [message][], [event][], or [contact][] in Outlook.
+- An [online meeting][] in Microsoft Teams.*
- The [presence][] of a user in Microsoft Teams.* - A [team](./team.md) in Microsoft Teams.* - A [printer][] (when a print job for the printer gets to JobFetchable state - ready to be fetched for printing) and a [printTaskDefinition][] in Universal Print. For more information, see [Subscribe to change notifications from cloud printing APIs](/graph/universal-print-webhook-notifications).
For the possible resource path values for each supported resource and to learn h
| Property | Type | Description | Supported Resources | |:|:--|:|:--|
-| applicationId | String | Identifier of the application used to create the subscription. Read-only. | All |
+| applicationId | String | Optional. Identifier of the application used to create the subscription. Read-only. | All |
| changeType | String | Required. Indicates the type of change in the subscribed resource that will raise a change notification. The supported values are: `created`, `updated`, `deleted`. Multiple values can be combined using a comma-separated list. <br><br>**Note:** <li> Drive root item and list change notifications support only the `updated` changeType. <li>[User](../resources/user.md) and [group](../resources/user.md) change notifications support `updated` and `deleted` changeType. | All | | clientState | String | Optional. Specifies the value of the **clientState** property sent by the service in each change notification. The maximum length is 255 characters. The client can check that the change notification came from the service by comparing the value of the **clientState** property sent with the subscription with the value of the **clientState** property received with each change notification. | All |
-| creatorId | String | Identifier of the user or service principal that created the subscription. If the app used delegated permissions to create the subscription, this field contains the ID of the signed-in user the app called on behalf of. If the app used application permissions, this field contains the ID of the service principal corresponding to the app. Read-only. | All |
-| encryptionCertificate | String | A base64-encoded representation of a certificate with a public key used to encrypt resource data in change notifications. Optional but required when **includeResourceData** is `true`. | All |
+| creatorId | String | Optional. Identifier of the user or service principal that created the subscription. If the app used delegated permissions to create the subscription, this field contains the ID of the signed-in user the app called on behalf of. If the app used application permissions, this field contains the ID of the service principal corresponding to the app. Read-only. | All |
+| encryptionCertificate | String | Optional. A base64-encoded representation of a certificate with a public key used to encrypt resource data in change notifications. Optional but required when **includeResourceData** is `true`. | All |
| encryptionCertificateId | String | Optional. A custom app-provided identifier to help identify the certificate needed to decrypt resource data. Required when **includeResourceData** is `true`. | All | | expirationDateTime | DateTimeOffset | Required. Specifies the date and time when the webhook subscription expires. The time is in UTC, and can be an amount of time from subscription creation that varies for the resource subscribed to. For the maximum supported subscription length of time, see [the table below](#maximum-length-of-subscription-per-resource-type). | All |
-| id | String | Unique identifier for the subscription. Read-only. | All |
+| id | String | Optional. Unique identifier for the subscription. Read-only. | All |
| includeResourceData | Boolean | Optional. When set to `true`, change notifications [include resource data](/graph/webhooks-with-resource-data) (such as content of a chat message). | All |
-| latestSupportedTlsVersion | String | Specifies the latest version of Transport Layer Security (TLS) that the notification endpoint, specified by **notificationUrl**, supports. The possible values are: `v1_0`, `v1_1`, `v1_2`, `v1_3`. </br></br>For subscribers whose notification endpoint supports a version lower than the currently recommended version (TLS 1.2), specifying this property by a set [timeline](https://developer.microsoft.com/graph/blogs/microsoft-graph-subscriptions-deprecating-tls-1-0-and-1-1/) allows them to temporarily use their deprecated version of TLS before completing their upgrade to TLS 1.2. For these subscribers, not setting this property per the timeline would result in subscription operations failing. </br></br>For subscribers whose notification endpoint already supports TLS 1.2, setting this property is optional. In such cases, Microsoft Graph defaults the property to `v1_2`. | All |
+| latestSupportedTlsVersion | String | Optional. Specifies the latest version of Transport Layer Security (TLS) that the notification endpoint, specified by **notificationUrl**, supports. The possible values are: `v1_0`, `v1_1`, `v1_2`, `v1_3`. </br></br>For subscribers whose notification endpoint supports a version lower than the currently recommended version (TLS 1.2), specifying this property by a set [timeline](https://developer.microsoft.com/graph/blogs/microsoft-graph-subscriptions-deprecating-tls-1-0-and-1-1/) allows them to temporarily use their deprecated version of TLS before completing their upgrade to TLS 1.2. For these subscribers, not setting this property per the timeline would result in subscription operations failing. </br></br>For subscribers whose notification endpoint already supports TLS 1.2, setting this property is optional. In such cases, Microsoft Graph defaults the property to `v1_2`. | All |
| lifecycleNotificationUrl | String | Optional. The URL of the endpoint that receives lifecycle notifications, including `subscriptionRemoved` and `missed` notifications. This URL must make use of the HTTPS protocol. | All |
-| notificationContentType | String | Desired **content-type** for Microsoft Graph change notifications for supported resource types. The default content-type is `application/json`. | All |
-| notificationQueryOptions | String | OData query options for specifying the value for the targeting resource. Clients receive notifications when the resource reaches the state matching the query options provided here. With this new property in the subscription creation payload along with all existing properties, Webhooks will deliver notifications whenever a resource reaches the desired state mentioned in the **notificationQueryOptions** property. For example, when the print job is completed or when a print job resource `isFetchable` property value becomes `true` etc. | [Universal Print Service](/graph/universal-print-webhook-notifications) |
+| notificationContentType | String | Optional. Desired **content-type** for Microsoft Graph change notifications for supported resource types. The default content-type is `application/json`. | All |
+| notificationQueryOptions | String |Optional. OData query options for specifying the value for the targeting resource. Clients receive notifications when the resource reaches the state matching the query options provided here. With this new property in the subscription creation payload along with all existing properties, Webhooks will deliver notifications whenever a resource reaches the desired state mentioned in the **notificationQueryOptions** property. For example, when the print job is completed or when a print job resource `isFetchable` property value becomes `true` etc. | [Universal Print Service](/graph/universal-print-webhook-notifications) |
| notificationUrl | String | Required. The URL of the endpoint that receives the change notifications. This URL must make use of the HTTPS protocol. | All |
+| notificationUrlAppId| String | Optional. The app ID that the subscription service can use to generate the validation token. This allows the client to validate the authenticity of the notification received. | All |
| resource | String | Required. Specifies the resource that will be monitored for changes. Do not include the base URL (`https://graph.microsoft.com/bet) for each supported resource. | All | ### Maximum length of subscription per resource type
For the possible resource path values for each supported resource and to learn h
| Teams **chat** | 60 minutes (1 hour) | | Teams **chatMessage** | 60 minutes (1 hour) | | Teams **conversationMember** | 60 minutes (1 hour) |
+| Teams **onlineMeeting** | 4320 minutes (3 days) |
| Teams **team** | 60 minutes (1 hour) | | Group **conversation** | 4230 minutes (under 3 days) | | OneDrive **driveItem** | 42300 minutes (under 30 days) | | SharePoint **list** | 42300 minutes (under 30 days) | | Outlook **message**, **event**, **contact** | 4230 minutes (under 3 days) | | **user**, **group**, other directory resources | 41760 minutes (under 29 days) |
+| **onlineMeeting** | 4230 minutes (under 3 days) |
| **presence** | 60 minutes (1 hour) | | Print **printer** | 4230 minutes (under 3 days) | | Print **printTaskDefinition** | 4230 minutes (under 3 days) |
Here is a JSON representation of the resource.
] }-->
-```json
+``` json
{
+ "@odata.type": "#microsoft.graph.subscription",
+ "id": "String (identifier)",
+ "resource": "String",
"changeType": "String",
+ "clientState": "String",
"notificationUrl": "String",
- "lifecycleNotificationUrl": "String",
- "resource": "String",
- "applicationId" : "String",
"expirationDateTime": "String (timestamp)",
- "id": "String (identifier)",
- "clientState": "String",
+ "applicationId": "String",
"creatorId": "String", "includeResourceData": "Boolean",
+ "lifecycleNotificationUrl": "String",
"encryptionCertificate": "String", "encryptionCertificateId": "String", "latestSupportedTlsVersion": "String",
+ "notificationQueryOptions": "String",
"notificationContentType": "String",
- "notificationQueryOptions": "String"
+ "notificationUrlAppId": "String"
} ```
Here is a JSON representation of the resource.
[printer]: ./printer.md [printTaskDefinition]: ./printtaskdefinition.md [baseTask]: ./basetask.md
+[online meeting]: ./onlinemeeting.md
<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC -->
v1.0 Task https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/task.md
Inherits from [baseTask](../resources/basetask.md).
## Properties |Property|Type|Description| |:|:|:|
-|body|[itemBody](../resources/itembody.md)|The task body that typically contains information about the task. Inherited from [baseTask](../resources/basetask.md).|
+|textbody|[itemBody](../resources/itembody.md)|The task body in text format that typically contains information about the task. Inherited from [baseTask](../resources/basetask.md).|
|bodyLastModifiedDateTime|DateTimeOffset|The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. Inherited from [baseTask](../resources/basetask.md).| |completedDateTime|DateTimeOffset|The date when the task was finished. Inherited from [baseTask](../resources/basetask.md).| |createdDateTime|DateTimeOffset|The date and time when the task was created. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. Inherited from [baseTask](../resources/basetask.md).|
Inherits from [baseTask](../resources/basetask.md).
|id|String|Unique identifier for the task. By default, this value will not change if a task is moved from one list to another. Inherited from [baseTask](../resources/basetask.md).| |importance|importance|The importance of the task. Possible values are: `low`, `normal`, `high`. Inherited from [baseTask](../resources/basetask.md). The possible values are: `low`, `normal`, `high`.| |lastModifiedDateTime|DateTimeOffset|The date and time when the task was last modified. By default, it is in UTC. You can provide a custom time zone in the request header. The property value uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2020 would look like this: '2020-01-01T00:00:00Z'. Inherited from [baseTask](../resources/basetask.md).|
-|personalProperties|[personalTaskProperties](../resources/personaltaskproperties.md)|Properties that are personal to a user such as reminderDateTime. Inherited from [baseTask](../resources/basetask.md).|
+|viewpoint|[taskViewpoint](../resources/taskviewpoint.md)|Properties that are personal to a user such as **reminderDateTime** and **categories**. Inherited from [baseTask](../resources/basetask.md).|
|recurrence|[patternedRecurrence](../resources/patternedrecurrence.md)|The recurrence pattern for the task. Inherited from [baseTask](../resources/basetask.md).| |startDateTime|[dateTimeTimeZone](../resources/datetimetimezone.md)|The date in the specified time zone when the task is to begin. Inherited from [baseTask](../resources/basetask.md).| |status|taskStatus_v2|Indicates the state or progress of the task. Possible values are: `notStarted`, `inProgress`, `completed`,`unknownFutureValue`. Inherited from [baseTask](../resources/basetask.md).|
The following is a JSON representation of the resource.
``` json { "@odata.type": "#microsoft.graph.task",
- "body": {
- "@odata.type": "microsoft.graph.itemBody"
- },
+ "textBody": "String",
"createdDateTime": "String (timestamp)", "lastModifiedDateTime": "String (timestamp)", "bodyLastModifiedDateTime": "String (timestamp)",
The following is a JSON representation of the resource.
}, "displayName": "String", "status": "String",
- "personalProperties": {
- "@odata.type": "microsoft.graph.personalTaskProperties"
+ "viewpoint": {
+ "@odata.type": "microsoft.graph.taskViewpoint"
}, "id": "String (identifier)" }
v1.0 Tasks Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/tasks-overview.md
Title: "Use the Microsoft To Do Tasks API"
+ Title: "Use the To Do API in Microsoft Graph"
description: "You can use the Microsoft Graph API to create an app that connects with tasks and task lists in Microsoft To Do." ms.localizationpriority: high
ms.prod: "outlook"
doc_type: conceptualPageType
-# Use the Microsoft To Do API
+# Use the To Do API in Microsoft Graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Use the Microsoft Graph To Do Tasks API to create an app that connects with users' task in their mailbox. Build a variety of experiences with tasks, such as the following:
+Use the Microsoft Graph To Do API to create an app that connects with users' task in their mailbox. Build a variety of experiences with tasks, such as the following:
* Create tasks from your appΓÇÖs workflow, for example, from email or notifications, and save them in To Do. Use the [linkedResource](linkedresource.md) entity to store the link back to your app. * Sync your appΓÇÖs existing tasks with To Do and create a single task view for better prioritization and manageability.
Use the Microsoft Graph To Do Tasks API to create an app that connects with user
Currently, the API supports only permissions delegated by the signed-in user.
-Before starting with the To Do Tasks API, take a look at the resources and how they relate to one another.
+Before starting with the To Do API, take a look at the resources and how they relate to one another.
-![Screenshot highlighting To Do tasks API entities. Screenshot shows list of task lists on the left, tasks within a specific task list in the center and, on the right, checklist items and linked resource along with other task properties.](/graph/images/tasks-api-entities.png)
+![Screenshot highlighting To Do API entities. Screenshot shows list of task lists on the left, tasks within a specific task list in the center and, on the right, checklist items and linked resource along with other task properties.](/graph/images/tasks-api-entities.png)
## Task list
-A [TaskList](./basetasklist.md) represents a logical container of [Task](./basetask.md) resources. You can currently create tasks only in a task list. Tasks created without specifying list get created in the default Tasks list. To [get all your task lists](../api/basetasklist-get.md), make the following HTTP request:
+A [taskList](./basetasklist.md) represents a logical container of [task](./basetask.md) resources. You can currently create tasks only in a task list. Tasks created without specifying list get created in the default Tasks list. To [get all your task lists](../api/basetasklist-get.md), make the following HTTP request:
``` http GET /me/tasks/lists
GET /me/tasks/lists
## Task
-A [Task](./basetask.md) represents a task, i.e. a piece of work or personal item that can be tracked and completed. To get your tasks from a task list, make the following HTTP request:
+A [task](./basetask.md) represents a task, that is, a piece of work or personal item that can be tracked and completed. To get your tasks from a task list, make the following HTTP request:
``` http GET /me/tasks/lists/{taskListId}/tasks ```
-## Checklist Item
+## Checklist item
-A [ChecklistItem](linkedresource_v2.md) represents an item that helps break down complex task in much smaller steps. To get a checklistItems from a task, make the following HTTP request:
+A [checklistItem](checklistitem.md) represents an item that helps break down complex task in much smaller steps. To get a **checklistItem** from a task, make the following HTTP request:
``` http GET /me/tasks/lists/{taskListId}/tasks/{taskId}/checklistItems/{checklistItems} ``` ## Linked resource
-A [linkedResource](linkedresource_v2.md) represents any item from a partner application related to the task, e.g. an item like email from where a task was created. You can use it to store information and the link back to the related item in your app. To get a linked resource from a task, make the following HTTP request:
+A [linkedResource](linkedresource_v2.md) represents any item from a partner application related to the task; for example, an email from where a task was created. You can use it to store information and the link back to the related item in your app. To get a linked resource from a task, make the following HTTP request:
``` http GET /me/tasks/lists/{taskListId}/tasks/{taskId}/linkedresources/{linkedResourceId} ```
v1.0 Taskviewpoint https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/taskviewpoint.md
+
+ Title: "taskViewpoint resource type"
+description: Contains personal properties of a task"
+
+ms.localizationpriority: medium
++
+# taskViewpoint resource type
+
+Namespace: microsoft.graph
++
+Contains personal properties of a [task](task.md). When sharing or assigning a **task**, these properties will not be seen by other users.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|reminderDateTime|[dateTimeTimeZone](../resources/datetimetimezone.md)|The date and time for a reminder alert of the **task** to occur.|
+|categories|String collection|The categories associated with the task. Each category corresponds to the **displayName** property of an [outlookCategory](../resources/outlookcategory.md) that the user has defined.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.taskViewpoint"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.taskViewpoint",
+ "reminderDatetime": {
+ "@odata.type": "microsoft.graph.dateTimeTimeZone"
+ },
+ "categories": ["string"]
+}
+```
+
v1.0 Team https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/team.md
Namespace: microsoft.graph
A team in Microsoft Teams is a collection of [channel](channel.md) objects. A channel represents a topic, and therefore a logical isolation of discussion, within a team.
-Every team is associated with a [group](../resources/group.md). The group has the same ID as the team - for example, `/groups/{id}/team` is the same as `/teams/{id}`. For more information about working with groups and members in teams, see [Use the Microsoft Graph REST API to work with Microsoft Teams](teams-api-overview.md).
+Every team is associated with a [Microsoft 365 group](../resources/group.md). The group has the same ID as the team - for example, `/groups/{id}/team` is the same as `/teams/{id}`. For more information about working with groups and members in teams, see [Use the Microsoft Graph REST API to work with Microsoft Teams](teams-api-overview.md).
## Methods | Method | Return Type |Description| |:|:--|:-| |[Create team](../api/team-post.md) | [teamsAsyncOperation](teamsasyncoperation.md) | Create a team from scratch. |
-|[Create team from group](../api/team-put-teams.md) | [team](team.md) | Create a new team, or add a team to an existing group.|
+|[Create team from group](../api/team-put-teams.md) | [team](team.md) | Create a new team, or add a team to an existing Microsoft 365 group.|
|[Get team](../api/team-get.md) | [team](team.md) | Retrieve the properties and relationships of the specified team.| |[Update team](../api/team-update.md) | [team](team.md) |Update the properties of the specified team. | |[Delete team](../api/group-delete.md) | None |Delete the team and its associated group. |
v1.0 Timeoff https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/timeoff.md
Title: "timeOff resource type" description: "A unit of non-work in the schedule."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: resourcePageType
v1.0 Timeoffitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/timeoffitem.md
Title: "timeOffItem resource type" description: "Represents a version of the timeOff."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: resourcePageType
v1.0 Timeoffreason https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/timeoffreason.md
Title: "timeOffReason resource type" description: "A valid reason to take time-off in the schedule."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: resourcePageType
v1.0 Unifiedrbacresourceaction https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/unifiedrbacresourceaction.md
+
+ Title: "unifiedRbacResourceAction resource type"
+description: "Represents an operation that an authorized principal is allowed to perform."
+
+ms.localizationpriority: medium
++
+# unifiedRbacResourceAction resource type
+
+Namespace: microsoft.graph
++
+Represents an operation that an authorized principal is allowed to perform.
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List unifiedRbacResourceActions](../api/unifiedrbacresourcenamespace-list-resourceactions.md)|[unifiedRbacResourceAction](../resources/unifiedrbacresourceaction.md) collection|Get a list of the [unifiedRbacResourceAction](../resources/unifiedrbacresourceaction.md) objects and their properties.|
+|[Get unifiedRbacResourceAction](../api/unifiedrbacresourceaction-get.md)|[unifiedRbacResourceAction](../resources/unifiedrbacresourceaction.md)|Read the properties and relationships of an [unifiedRbacResourceAction](../resources/unifiedrbacresourceaction.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|actionVerb|String|HTTP method for the action, such as `DELETE`, `GET`, `PATCH`, `POST`, `PUT`, or `null`. Supports `$filter` (`eq`) but not for `null` values. |
+|description|String|Description for the action. Supports `$filter` (`eq`). |
+|id|String|Unique identifier for an action within the resource namespace, such as `microsoft.insights-programs-update-patch`. Cannot include slash character (`/`). Case insensitive. Required. Supports `$filter` (`eq`). |
+|name|String|Name for the action within the resource namespace, such as `microsoft.insights/programs/update`. Can include slash character (`/`). Case insensitive. Required. Supports `$filter` (`eq`). |
+|resourceScopeId|String|Not implemented.|
+
+## Relationships
+
+None.
+
+<!-- The resourceScope relationship hasn't been implemented but is in the public schema. To unhide this and its related entities and methods once it's implemented.
+|Relationship|Type|Description|
+|:|:|:|
+|resourceScope| [unifiedRbacResourceScope](unifiedrbacresourcescope.md) |Not implemented.|
+-->
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.unifiedRbacResourceAction",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.unifiedRbacResourceAction",
+ "id": "String (identifier)",
+ "actionVerb": "String",
+ "description": "String",
+ "name": "String",
+ "resourceScopeId": "String"
+}
+```
v1.0 Unifiedrbacresourcenamespace https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/unifiedrbacresourcenamespace.md
+
+ Title: "unifiedRbacResourceNamespace resource type"
+description: "Represents the namespace of the area to which the role permission belongs to."
+
+ms.localizationpriority: medium
++
+# unifiedRbacResourceNamespace resource type
+
+Namespace: microsoft.graph
++
+Represents the namespace of the area or service such as Azure AD, Intune, and Exchange that defines role permissions.
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List unifiedRbacResourceNamespaces](../api/rbacapplicationmultiple-list-resourcenamespaces.md)|[unifiedRbacResourceNamespace](../resources/unifiedrbacresourcenamespace.md) collection|Get a list of the [unifiedRbacResourceNamespace](../resources/unifiedrbacresourcenamespace.md) objects and their properties.|
+|[Get unifiedRbacResourceNamespace](../api/unifiedrbacresourcenamespace-get.md)|[unifiedRbacResourceNamespace](../resources/unifiedrbacresourcenamespace.md)|Read the properties and relationships of an [unifiedRbacResourceNamespace](../resources/unifiedrbacresourcenamespace.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Unique identifier of the resource namespace that defines permissions, such as `microsoft.aad.b2c`. Required.|
+|name|String|Name of the resource namespace. Typically, the same name as the **id** property, such as `microsoft.aad.b2c`. Required. Supports `$filter` (`eq`, `startsWith`).|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|resourceActions|[unifiedRbacResourceAction](unifiedrbacresourceaction.md) collection|Operations that an authorized principal are allowed to perform.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.unifiedRbacResourceNamespace",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.unifiedRbacResourceNamespace",
+ "id": "String (identifier)",
+ "name": "String"
+}
+```
v1.0 Unifiedroleassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/unifiedroleassignment.md
Providing either a directoryScopeId or an appScopeId is required.
| Method | Return Type | Description | |:-|:|:| | [List unifiedRoleAssignment](../api/rbacapplication-list-roleassignments.md) | [unifiedRoleAssignment](unifiedroleassignment.md) | Read a list of unifiedRoleAssignment objects and their properties. |
+| [List transitiveRoleAssignments](../api/rbacapplication-list-transitiveroleassignments.md) | [unifiedRoleAssignment](unifiedroleassignment.md) collection | Get direct and transitive unifiedRoleAssignments assigned to a specific principal. Specifying principalId is required. |
| [Get unifiedRoleAssignment](../api/unifiedroleassignment-get.md) | [unifiedRoleAssignment](unifiedroleassignment.md) | Read properties and relationships of unifiedRoleAssignment object. | | [Create unifiedRoleAssignment](../api/rbacapplication-post-roleassignments.md) | [unifiedRoleAssignment](unifiedroleassignment.md) | Create a new unifiedRoleAssignment by posting to the roleAssignment collection. | | [Delete unifiedRoleAssignment](../api/unifiedroleassignment-delete.md) | None | Delete unifiedRoleAssignment object. |
v1.0 User https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/user.md
For example: Cameron is administrator of a directory for an elementary school in
|teamwork|[userTeamwork](userteamwork.md)| A container for Microsoft Teams features available for the user. Read-only. Nullable.| |todo|[todo](todo.md)|Represents the To Do services available to a user. | |transitiveReports|[directoryObject](directoryobject.md) collection | The transitive reports for a user. Read-only.|
-|usageRight|[usageRight](usageright.md) collection|Represents the usage rights a user has been granted. |
+|usageRights|[usageRight](usageright.md) collection|Represents the usage rights a user has been granted. |
## JSON representation
v1.0 Usersettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/usersettings.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Settings that represent a userΓÇÖs preferences for [regional locale and languages](../resources/regionalandlanguagesettings.md), for [shift scheduling](../resources/shiftpreferences.md), for Delve and for [item insights](../resources/officegraphinsights.md).
+Settings that represent a userΓÇÖs preferences for the following:
+- Access to Delve
+- [Item insights](../resources/officegraphinsights.md)
+- [Regional locale and languages](../resources/regionalandlanguagesettings.md)
+- [Shift scheduling](../resources/shiftpreferences.md)
+- [Suggestions to merge duplicate contacts](../resources/contactmergesuggestions.md).
+
+Manage Delve accessibility:
+ - Checking whether a user and the user's organization have access to Office Delve.
+ - Disabling or enabling documents in Office Delve for specific users.
+
+Configure the visibility of [itemInsights](../resources/iteminsights.md) and [meeting hours insights](https://support.microsoft.com/office/update-your-meeting-hours-using-the-profile-card-0613d113-d7c1-4faa-bb11-c8ba30a78ef1). ItemInsights are derived between users and other items (such as documents or sites) in Microsoft 365:
+ - Checking whether a user's item and meeting hours insights are enabled.
+ - Disabling or enabling item and meeting hours insights for specific user.
Manage user's locale-based preferences: - Determining what language and regional formatting a user prefers to view applications with.
Manage user's work shift preferences:
- Checking whether a user can be assigned to shifts in a schedule. - Updating a user's shift preferences.
-Manage Delve accessibility:
- - Checking whether a user and the user's organization have access to Office Delve.
- - Disabling or enabling documents in Office Delve for specific users.
+Configure [contactMergeSuggestions](../resources/contactmergesuggestions.md):
+ - Determining whether suggestion to merge duplicate contacts for a user is enabled.
+ - Disabling or enabling suggestion to merge duplicate contacts for a user.
-Configure the visibility of [itemInsights](../resources/iteminsights.md) and [meeting hours insights](https://support.microsoft.com/office/update-your-meeting-hours-using-the-profile-card-0613d113-d7c1-4faa-bb11-c8ba30a78ef1). ItemInsights are derived between users and other items (such as documents or sites) in Microsoft 365:
- - Checking whether a user's item and meeting hours insights are enabled.
- - Disabling or enabling item and meeting hours insights for specific user.
-
-To learn how to get or update user settings, see [Get settings](../api/usersettings-get.md) and [Update settings](../api/usersettings-update.md).
+Inherits from [entity](entity.md). To learn how to get or update user settings, see [Get settings](../api/usersettings-get.md) and [Update settings](../api/usersettings-update.md).
> [!NOTE]
-> This endpoint works only with users. You can't use this endpoint with contacts.
+> This endpoint works only with the [user](user.md) resource.
## Methods | Method | Return Type |Description|
To learn how to get or update user settings, see [Get settings](../api/usersetti
|:|:--|:-| |contributionToContentDiscoveryDisabled|Boolean|When set to true, documents in the user's Office Delve are disabled. Users can control this setting in [Office Delve](https://support.office.com/article/are-my-documents-safe-in-office-delve-f5f409a2-37ed-4452-8f61-681e5e1836f3?ui=en-US&rs=en-US&ad=US#bkmk_optout). | |contributionToContentDiscoveryAsOrganizationDisabled|Boolean|Reflects the [Office Delve organization level setting](https://support.office.com/article/office-delve-for-office-365-admins-54f87a42-15a4-44b4-9df0-d36287d9531b#bkmk_delveonoff). When set to true, the organization doesn't have access to Office Delve. This setting is read-only and can only be changed by administrators in the [SharePoint admin center](https://support.office.com/article/about-the-office-365-admin-center-758befc4-0888-4009-9f14-0d147402fd23?ui=en-US&rs=en-US&ad=US).|
+|id|String|Unique identifier of the user setting. Read-only. Inherited from [entity](entity.md).|
## Relationships | Relationship | Type | Description | |:|:--|:-|
-|shiftPreferences|[shiftPreferences](shiftpreferences.md)| The shift preferences for the user. |
-|regionalAndLanguageSettings|[regionalAndLanguageSettings](regionalandlanguagesettings.md)| The user's preferences for languages, regional locale and date/time formatting. |
+|contactMergeSuggestions|[contactMergeSuggestions](contactmergesuggestions.md)| The user's settings for the visibility of merge suggestion for the duplicate contacts in the user's contact list.|
|itemInsights|[userInsightsSettings](userinsightssettings.md)| The user's settings for the visibility of meeting hour insights, and insights derived between a user and other items in Microsoft 365, such as documents or sites. [Get userInsightsSettings](../api/userinsightssettings-get.md) through this navigation property. |
+|regionalAndLanguageSettings|[regionalAndLanguageSettings](regionalandlanguagesettings.md)| The user's preferences for languages, regional locale and date/time formatting. |
+|shiftPreferences|[shiftPreferences](shiftpreferences.md)| The shift preferences for the user. |
++ ## JSON representation
v1.0 Virtualendpoint https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/virtualendpoint.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents a container for APIs to manage Cloud PC.
+Represents a container for APIs to manage Cloud PCs.
-Use the Cloud PC API to provision and manage virtual desktops for employees in an organization. Use it in conjunction with the [Intune API](../resources/intune-graph-overview.md) to manage physical and virtual endpoints.
+Use the Cloud PC API to provision and manage virtual desktops for employees in an organization, or along with the [Intune API](../resources/intune-graph-overview.md) to manage physical and virtual endpoints.
## Methods
Use the Cloud PC API to provision and manage virtual desktops for employees in a
|[List auditEvents](../api/virtualendpoint-list-auditevents.md)|[cloudPcAuditEvent](../resources/cloudpcauditevent.md) collection|List properties and relationships of the [cloudPcAuditEvent](../resources/cloudpcauditevent.md) objects.| |[List supportedRegions](../api/virtualendpoint-list-supportedregions.md)|[cloudPcSupportedRegion](../resources/cloudpcsupportedregion.md) collection|List properties and relationships of the [cloudPcSupportedRegion](../resources/cloudpcsupportedregion.md) objects.| |[List servicePlans](../api/virtualendpoint-list-serviceplans.md)|[cloudPcServicePlan](../resources/cloudpcserviceplan.md) collection|List properties and relationships of the [cloudPcServicePlan](../resources/cloudpcserviceplan.md) objects.|
+|[List snapshots](../api/virtualendpoint-list-snapshots.md)|[cloudPcSnapshot](../resources/cloudpcsnapshot.md) collection|Get a list of [cloudPcSnapshot](../resources/cloudpcsnapshot.md) objects and their properties.|
## Properties |Property|Type|Description| |:|:|:|
-|id|String|The unique identifier for the virtual endpoint id. Read-only.|
+|id|String|The unique identifier for the virtual endpoint. Read-only.|
## Relationships |Relationship|Type|Description| |:|:|:|
+|auditEvents|[cloudPcAuditEvent](../resources/cloudpcauditevent.md) collection|Cloud PC audit event.|
|cloudPCs|[cloudPC](../resources/cloudpc.md) collection|Cloud managed virtual desktops.| |deviceImages|[cloudPcDeviceImage](../resources/cloudpcdeviceimage.md) collection|The image resource on Cloud PC.| |galleryImages|[cloudPcGalleryImage](../resources/cloudpcgalleryimage.md) collection|The gallery image resource on Cloud PC.| |onPremisesConnections|[cloudPcOnPremisesConnection](../resources/cloudpconpremisesconnection.md) collection|A defined collection of Azure resource information that can be used to establish on-premises network connectivity for Cloud PCs.|
+|organizationSettings|[cloudPcOrganizationSettings](../resources/cloudpcorganizationsettings.md) |The Cloud PC organization settings for a tenant. |
|provisioningPolicies|[cloudPcProvisioningPolicy](../resources/cloudpcprovisioningpolicy.md) collection|Cloud PC provisioning policy.|
-|userSettings|[cloudPcUserSetting](../resources/cloudpcusersetting.md) collection|Cloud PC user settings. |
-|auditEvents|[cloudPcAuditEvent](../resources/cloudpcauditevent.md) collection|Cloud PC audit event.|
-|supportedRegions|[cloudPcSupportedRegion](../resources/cloudpcsupportedregion.md) collection|Cloud PC supported regions.|
|servicePlans|[cloudPcServicePlan](../resources/cloudpcserviceplan.md) collection|Cloud PC service plans.|
-|organizationSettings|[cloudPcOrganizationSettings](../resources/cloudpcorganizationsettings.md) |The Cloud PC organization settings for a tenant. |
-
+|snapshots|[cloudPcSnapshot](../resources/cloudpcsnapshot.md) collection|Cloud PC snapshots.|
+|supportedRegions|[cloudPcSupportedRegion](../resources/cloudpcsupportedregion.md) collection|Cloud PC supported regions.|
+|userSettings|[cloudPcUserSetting](../resources/cloudpcusersetting.md) collection|Cloud PC user settings. |
## JSON representation The following is a JSON representation of the resource.
v1.0 Webhooks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/webhooks.md
Using the Microsoft Graph API, an app can subscribe to changes on the following
| [group][] | Changes to all groups:<br>`/groups` <br>Changes to a specific group:<br>`/groups/{id}`<br>Changes to owners of a specific group:<br>`/groups/{id}/owners`<br>Changes to members of a specific group:<br>`/groups/{id}/members` | No | | [list][] under a SharePoint [site][] | `/sites/{id}/lists/{id}` | No | | Microsoft 365 group [conversation][] | Changes to a group's conversations:<br>`groups/{id}/conversations` | No |
-| Outlook [event][] | Changes to all events in a user's mailbox:<br>`/users/{id}/events` | No |
-| Outlook [message][] | Changes to all messages in a user's mailbox: <br>`/users/{id}/messages`<br>Changes to messages in a user's Inbox:<br>`/users/{id}/mailFolders('inbox')/messages` | No |
-| Outlook personal [contact][] | Changes to all personal contacts in a user's mailbox:<br>`/users/{id}/contacts` | No |
+| Outlook [event][] | Changes to all events in a user's mailbox:<br>`/users/{id}/events` | Yes |
+| Outlook [message][] | Changes to all messages in a user's mailbox: <br>`/users/{id}/messages`<br>Changes to messages in a user's Inbox:<br>`/users/{id}/mailFolders('inbox')/messages` | Yes |
+| Outlook personal [contact][] | Changes to all personal contacts in a user's mailbox:<br>`/users/{id}/contacts` | Yes |
| Security [alert][] | Changes to a specific alert:<br>`/security/alerts/{id}` <br>Changes to filtered alerts:<br> `/security/alerts/?$filter`| No | | Teams [callRecord][] | Changes to _all_ call records: `/communications/callRecords` | No | | Teams [channel][] | Changes to channels in all teams:<br>`/teams/getAllChannels` <br>Changes to channel in a specific team:<br>`/teams/{id}/channels` | Yes | | Teams [chat][] | Changes to any chat in the tenant:<br>`/chats` <br>Changes to a specific chat:<br>`/chats/{id}` | Yes | | Teams [chatmessage][] | Changes to chat messages in all channels in all teams:<br>`/teams/getAllMessages` <br>Changes to chat messages in a specific channel:<br>`/teams/{id}/channels/{id}/messages`<br>Changes to chat messages in all chats:<br>`/chats/getAllMessages` <br>Changes to chat messages in a specific chat:<br>`/chats/{id}/messages`<br>Changes to chat messages in all chats a particular user is part of:<br>`/users/{id}/chats/getAllMessages` | Yes | | Teams [conversationMember][] | Changes to membership in a specific team:<br>`/teams/{id}/members` <br> Changes to membership in a specific chat:<br>`/chats/{id}/members` <br> Changes to membership in all chats:<br>`/chats/getAllMembers` <br> Changes to membership in all channels under a specific team:<br>`teams/{id}/channels/getAllMembers` | Yes |
+| Teams [onlineMeeting][] | Changes to an online meeting: <br>`/communications/onlinemeeting/{meeting-id}` | Yes |
| Teams [presence][] | Changes to a single user's presence: `/communications/presences/{id}` <br> Changes to multiple user presences:<br> `/communications/presences?$filter=id in ({id},{id}...)` | Yes | | Teams [team][] | Changes to any team in the tenant:<br>`/teams` <br>Changes to a specific team:<br>`/teams/{id}` | Yes | | [baseTask][] | Changes to all task in a specific task list:<br>`/me/tasks/lists/{baseTaskListId}/tasks`<br>Changes to all tasks:<br>`/me/tasks/lists/alltasks` | No |
In general, subscription operations require read permission to the resource. For
| :- | : | | Delegated - work or school account | [alert][], [channel][], [chat][], [contact][], [conversation][], [conversationMember][], [driveItem][], [list][], [event][], [group][], [message][], [user][], [presence][], [chatMessage][] (preview), [team][], [baseTask][] | | Delegated - personal Microsoft account | [contact][], [driveItem][], [list][], [event][], [message][], [baseTask][] |
-| Application | [alert][], [channel][], [chat][], [contact][], [driveItem][], [list][], [event][], [group][], [message][], [user][], [callRecord][], [chatMessage][], [conversationMember][], [printer][], [printTaskDefinition][], [team][] |
+| Application | [alert][], [channel][], [chat][], [contact][], [driveItem][], [list][], [event][], [group][], [message][], [user][], [callRecord][], [chatMessage][], [conversationMember][], [onlinemeeting][], [printer][], [printTaskDefinition][], [team][] |
## See also
In general, subscription operations require read permission to the resource. For
[printTaskDefinition]: ./printtaskdefinition.md [team]: ./team.md [baseTask]: ./baseTask.md
+[onlineMeeting]: ./onlinemeeting.md
v1.0 Windowsapplication https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/windowsapplication.md
+
+ Title: "windowsApplication resource type"
+description: "Represents settings for apps running Microsoft Windows and published in the Microsoft Store or Xbox games store."
+ms.localizationpriority: medium
+++
+# webApplication resource type
+
+Namespace: microsoft.graph
++
+Represents settings for apps running Microsoft Windows and published in the Microsoft Store or Xbox games store.
+
+## Properties
+
+| Property | Type | Description |
+|:|:--|:|
+| packageSid | String | The package security identifier that Microsoft has assigned the application. Optional. Read-only. |
+| redirectUris | String collection | Specifies the URLs where user tokens are sent for sign-in or the redirect URIs where OAuth 2.0 authorization codes and access tokens are sent. Only available for applications that support the `PersonalMicrosoftAccount` **signInAudience**. |
+
+## JSON representation
+Here is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+
+ ],
+ "@odata.type": "microsoft.graph.windowsApplication"
+}-->
+
+```json
+{
+ "packageSid": "String",
+ "redirectUris": ["String"]
+}
+
+```
v1.0 Windowshelloforbusinessauthenticationmethod https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/windowshelloforbusinessauthenticationmethod.md
Inherits from [authenticationMethod](../resources/authenticationmethod.md).
## Relationships |Relationship|Type|Description| |:|:|:|
-|device|[device](../resources/device.md)|The registered device on which this Windows Hello for Business key resides.|
+|device|[device](../resources/device.md)|The registered device on which this Windows Hello for Business key resides. Supports `$expand`. <br/><br/>When you get a user's Windows Hello for Business registration information, this property is returned only on a single GET and when you specify `?$expand`. For example, GET `/users/admin@contoso.com/authentication/windowsHelloForBusinessMethods/_jpuR-TGZtk6aQCLF3BQjA2?$expand=device`.|
## JSON representation The following is a JSON representation of the resource.
v1.0 X509certificateauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/x509certificateauthenticationmethodconfiguration.md
Inherits from [authenticationMethodConfiguration](../resources/authenticationmet
|:|:|:| |[Get x509CertificateAuthenticationMethodConfiguration](../api/x509certificateauthenticationmethodconfiguration-get.md)|[x509CertificateAuthenticationMethodConfiguration](../resources/x509certificateauthenticationmethodconfiguration.md)|Read the properties and relationships of a x509CertificateAuthenticationMethodConfiguration object.| |[Update x509CertificateAuthenticationMethodConfiguration](../api/x509certificateauthenticationmethodconfiguration-update.md)|[x509CertificateAuthenticationMethodConfiguration](../resources/x509certificateauthenticationmethodconfiguration.md)|Update the properties of a x509CertificateAuthenticationMethodConfiguration object.|
-|[Delete x509CertificateAuthenticationMethodConfiguration](../api/x509certificateauthenticationmethodconfiguration-delete.md)|None| Restore the x509CertificateAuthenticationMethodConfiguration object to its default configuration.|
+|[Delete x509CertificateAuthenticationMethodConfiguration](../api/x509certificateauthenticationmethodconfiguration-delete.md)|None| Delete the tenant-customized x509CertificateAuthenticationMethodConfiguration object and restore the default configuration.|
## Properties
v1.0 Accesspackageassignmentrequest Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/accesspackageassignmentrequest-get.md
Content-Type: application/json
"state": "delivered", "status": "Delivered", "createdDateTime": "2019-10-25T22:55:11.623Z",
- "completedDate": "2019-10-26T22:55:11.623Z",
+ "completedDateTime": "2019-10-26T22:55:11.623Z",
"schedule": { "@odata.type": "microsoft.graph.entitlementManagementSchedule" }
v1.0 Accessreviewhistorydefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/accessreviewhistorydefinition-get.md
+
+ Title: "Get accessReviewHistoryDefinition"
+description: "Retrieve an accessReviewHistoryDefinition object."
+
+ms.localizationpriority: medium
++
+# Get accessReviewHistoryDefinition
+
+Namespace: microsoft.graph
+
+Retrieve an [accessReviewHistoryDefinition](../resources/accessreviewhistorydefinition.md) object by its identifier. All the properties of the access review history definition object are returned. If the definition is 30 days or older, a `404 Not Found` error is returned.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|AccessReview.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|AccessReview.ReadWrite.All|
+
+The signed-in user must also be the creator of the associated review history definition, a Global Administrator directory role member, or a Global Reader directory role member to retrieve the definition.
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+GET /identityGovernance/accessReviews/historyDefinitions/{definition-id}
+```
+## Optional query parameters
+
+This method supports the `$select` and `$expand` OData query parameters to help customize the response. Including `?$expand=instances` will include in the response object the instances associated with the [accessReviewHistoryDefinition](../resources/accessreviewhistorydefinition.md) object. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [accessReviewHistoryDefinition](../resources/accessreviewhistorydefinition.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_accessreviewhistorydefinition"
+}
+-->
+
+``` http
+GET https://graph.microsoft.com/v1.0/identityGovernance/accessReviews/historyDefinitions/b2cb022f-b7e1-40f3-9854-c65a40861c38
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
++++
+### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessReviewHistoryDefinition"
+}
+-->
+
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.accessReviewHistoryDefinition",
+ "id": "b2cb022f-b7e1-40f3-9854-c65a40861c38",
+ "displayName": "Last quarter's group reviews April 2021",
+ "reviewHistoryPeriodStartDateTime": "2021-01-01T00:00:00Z",
+ "reviewHistoryPeriodEndDateTime": "2021-04-05T00:00:00Z",
+ "decisions": [
+ "approve",
+ "deny",
+ "dontKnow",
+ "notReviewed",
+ "notNotified"
+ ],
+ "status": "done",
+ "createdDateTime": "2021-04-14T00:22:48.9392594Z",
+ "createdBy": {
+ "id": "957f1027-c0ee-460d-9269-b8444459e0fe",
+ "displayName": "MOD Administrator",
+ "userPrincipalName": "admin@contoso.com"
+ },
+ "scopes": [
+ {
+ "@odata.type": "#microsoft.graph.accessReviewQueryScope",
+ "queryType": "MicrosoftGraph",
+ "query": "/identityGovernance/accessReviews/definitions?$filter=contains(scope/query, 'accessPackageAssignments')",
+ "queryRoot": null
+ },
+ {
+ "@odata.type": "#microsoft.graph.accessReviewQueryScope",
+ "queryType": "MicrosoftGraph",
+ "query": "/identityGovernance/accessReviews/definitions?$filter=contains(scope/query, '/groups')",
+ "queryRoot": null
+ }
+ ]
+}
+```
v1.0 Accessreviewhistorydefinition List Instances https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/accessreviewhistorydefinition-list-instances.md
+
+ Title: "List instances (of an accessReviewHistoryDefinition)"
+description: "Retrieve the instances of an access review history definition."
+
+ms.localizationpriority: medium
++
+# List instances (of an accessReviewHistoryDefinition)
+
+Namespace: microsoft.graph
+
+Retrieve the [instances](../resources/accessreviewhistoryinstance.md) of an [access review history definition](../resources/accessreviewhistorydefinition.md) created in the last 30 days.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|AccessReview.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|AccessReview.ReadWrite.All|
+
+If the signed-in user is not a global administrator or a global reader, only the definitions that the signed-in user created will be returned.
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+GET /identityGovernance/accessReviews/historyDefinitions/{accessReviewHistoryDefinitionId}/instances
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [accessReviewHistoryInstance](../resources/accessreviewhistoryinstance.md) objects in the response body.
+
+## Examples
+
+### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_accessreviewhistoryinstance"
+}
+-->
+
+``` http
+GET https://graph.microsoft.com/v1.0/identityGovernance/accessReviews/historyDefinitions/90e28cb7-4b9a-48f7-ba4e-a2756fda01b2/instances
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
++++
+### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.accessReviewHistoryInstance)"
+}
+-->
+
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#accessReviewInstances",
+ "@odata.count": 1,
+ "value": [
+ {
+ "id": "61a617dd-238f-4037-8fa5-d800e515f5bc",
+ "status": "done",
+ "reviewHistoryPeriodStartDate": "2021-02-01T00:00:00Z",
+ "reviewHistoryPeriodEndDate": "2021-03-01T00:00:00Z",
+ "fulfilledDateTime": "2021-03-01T01:38:15.7998393Z",
+ "downloadUri": "https://dfermconsolreportusc.blob.core.windows.net/df-erm-reports/Last quarter's reviews - via graph 2-22be232e-a93d-42a3-8ac5-313cfd29a0eb.csv?sv=2015-04-05&ss=b&srt=o&sp=rl&st=2021-03-01T19:39:38.0000000Z&se=2021-03-02T19:41:38.0000000Z&spr=https&sig=84rlGCIgU4ToMn%2FFLncBXq95O8a8RsFlwQY1Knl%2Fo%2FI%3D"
+ }
+ ]
+}
+```
v1.0 Accessreviewhistoryinstance Generatedownloaduri https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/accessreviewhistoryinstance-generatedownloaduri.md
+
+ Title: "accessReviewHistoryInstance: generateDownloadUri"
+description: "Generate a URI that can be used to retrieve review history data."
+
+ms.localizationpriority: medium
++
+# accessReviewHistoryInstance: generateDownloadUri
+
+Namespace: microsoft.graph
+
+Generates a URI for an [accessReviewHistoryInstance](../resources/accessReviewHistoryInstance.md) object the **status** for which is `done`. Each URI can be used to retrieve the instance's review history data. Each URI is valid for 24 hours and can be retrieved by fetching the **downloadUri** property from the [accessReviewHistoryInstance](../resources/accessReviewHistoryInstance.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|AccessReview.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|AccessReview.ReadWrite.All|
+
+To generate the link, the signed-in user must be either the creator of the associated review history definition, or assigned the *Global Administrator* or *Global Reader* [directory roles](/azure/active-directory/roles/permissions-reference).
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+POST /identityGovernance/accessReviews/historyDefinitions/{accessReviewHistoryDefinitionId}/instances/{accessReviewHistoryInstanceId}/generateDownloadUri
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this action returns a `200 OK` response code and an [accessReviewHistoryInstances](../resources/accessReviewHistoryInstance.md) in the response body.
+
+## Examples
+
+### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "accessreviewhistoryinstance_generatedownloaduri"
+}
+-->
+
+``` http
+POST https://graph.microsoft.com/v1.0/identityGovernance/accessReviews/historyDefinitions/b2cb022f-b7e1-40f3-9854-c65a40861c38/instances/b2cb022f-b7e1-40f3-9854-c65a40861c38/generateDownloadUri
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
++++
+### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessReviewHistoryInstance"
+}
+-->
+
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.accessReviewHistoryInstance",
+ "id": "b2cb022f-b7e1-40f3-9854-c65a40861c38",
+ "reviewHistoryPeriodStartDateTime": "2000-06-19T08:00:00Z",
+ "reviewHistoryPeriodEndDateTime": "2100-06-19T07:00:00Z",
+ "status": "done",
+ "runDateTime": "2022-01-20T17:46:54.6085806Z",
+ "fulfilledDateTime": "2022-01-20T10:00:24.9114365-08:00",
+ "downloadUri": "https://dfermconsolreportusc.blob.core.windows.net/df-erm-reports/Last months reviews for ELM-e642e792-9884-413d-9299-982b37bfe369.csv?skoid=fa04d013-9f36-4d7d-8b8e-7276fb3bd36e&sktid=33e01921-4d64-4f8c-a055-5bdaffd5e33d&skt=2022-01-20T18:03:59Z&ske=2022-01-20T18:05:59Z&sks=b&skv=2020-04-08&sv=2020-04-08&st=2022-01-20T18:04:01Z&se=2022-01-21T18:04:01Z&sr=b&sp=r&sig=...",
+ "expiration": "2022-02-19T10:00:24.9114365-08:00"
+}
+```
v1.0 Accessreviewset List Historydefinitions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/accessreviewset-list-historydefinitions.md
+
+ Title: "List historyDefinitions"
+description: "Get a list of the accessReviewHistoryDefinition objects."
+
+ms.localizationpriority: medium
++
+# List historyDefinitions
+
+Namespace: microsoft.graph
+
+Retrieve the [accessReviewHistoryDefinition](../resources/accessreviewhistorydefinition.md) objects created in the last 30 days, including all nested properties.
+
+>[!NOTE]
+>The default page size for this API is 100 **accessReviewHistoryDefinitions** objects. To improve efficiency and avoid timeouts due to large result sets, apply pagination using the `$skip` and `$top` query parameters. For more information, see [Paging Microsoft Graph data in your app](/graph/paging).
+>
+>If no query parameters are provided and there are more than 100 results, Microsoft Graph will automatically paginate results at 100 results per page.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|AccessReview.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|AccessReview.ReadWrite.All|
+
+If the signed-in user is not a Global Admin directory role member or a Global Reader directory role member, only the definitions that the signed-in user created will be returned.
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+GET /identityGovernance/accessReviews/historyDefinitions
+```
+
+## Optional query parameters
+
+This method supports the `$top`, `$filter`, `$expand`, and `$skip` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters). Including `?$expand=instances` will return the [accessReviewHistoryDefinitions](../resources/accessreviewhistorydefinition.md) objects along with their associated instances.
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [accessReviewHistoryDefinition](../resources/accessreviewhistorydefinition.md) objects in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "list_accessreviewhistorydefinition"
+}
+-->
+
+``` http
+GET https://graph.microsoft.com/v1.0/identityGovernance/accessReviews/historyDefinitions
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
++++
+### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessReviewHistoryDefinition",
+ "isCollection": "true"
+}
+-->
+
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.count": 1,
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.accessReviewHistoryDefinition",
+ "id": "67e3de15-d263-45a9-8f4f-71271b495db7",
+ "displayName": "Last year's ELM assignment reviews - one time",
+ "reviewHistoryPeriodStartDateTime": "2021-01-01T00:00:00Z",
+ "reviewHistoryPeriodEndDateTime": "2021-04-05T00:00:00Z",
+ "decisions": [
+ "approve",
+ "deny",
+ "dontKnow",
+ "notReviewed",
+ "notNotified"
+ ],
+ "status": "done",
+ "createdDateTime": "2021-04-14T00:22:48.9392594Z",
+ "createdBy": {
+ "id": "957f1027-c0ee-460d-9269-b8444459e0fe",
+ "displayName": "MOD Administrator",
+ "userPrincipalName": "admin@contoso.com"
+ },
+ "scopes": [
+ {
+ "@odata.type": "#microsoft.graph.accessReviewQueryScope",
+ "queryType": "MicrosoftGraph",
+ "query": "/identityGovernance/accessReviews/definitions?$filter=contains(scope/query, 'accessPackageAssignments')",
+ "queryRoot": null
+ }
+ ]
+ }
+ ]
+}
+```
v1.0 Accessreviewset Post Historydefinitions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/accessreviewset-post-historydefinitions.md
+
+ Title: "Create historyDefinitions"
+description: "Create a new accessReviewHistoryDefinition object."
+
+ms.localizationpriority: medium
++
+# Create historyDefinitions
+
+Namespace: microsoft.graph
+
+Create a new [accessReviewHistoryDefinition](../resources/accessreviewhistorydefinition.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|AccessReview.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|AccessReview.ReadWrite.All|
+
+The signed-in user must also be in a directory role that permits them to read an access review to retrieve any data. For more details, see the role and permission requirements for [access reviews](../resources/accessreviewsv2-overview.md).
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+
+``` http
+POST /identityGovernance/accessReviews/historyDefinitions
+```
+
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+In the request body, supply a JSON representation of the [accessReviewHistoryDefinition](../resources/accessreviewhistorydefinition.md) object.
+
+The following table shows the required properties used to create an [accessReviewHistoryDefinition](../resources/accessreviewhistorydefinition.md).
+
+|Property|Type|Description|
+|:|:|:|
+|displayName | String | Name for the access review history data collection. Required. |
+|reviewHistoryPeriodStartDateTime | DateTimeOffset | A timestamp. Reviews starting on or after this date will be included in the fetched history data. Only required if **scheduleSettings** is not defined. |
+|reviewHistoryPeriodEndDateTime | DateTimeOffset | A timestamp. Reviews starting on or before this date will be included in the fetched history data. Only required if **scheduleSettings** is not defined. |
+|scopes|[accessReviewQueryScope](../resources/accessreviewqueryscope.md) collection| Used to filter which reviews are included in the fetched history data. Fetches reviews whose scope matches with this provided scope. Required. <br> For more, see [Supported scope queries for accessReviewHistoryDefinition](#supported-scope-queries-for-accessreviewhistorydefinition). |
+| scheduleSettings |[accessReviewHistoryScheduleSettings](../resources/accessReviewHistoryScheduleSettings.md)| The settings for a recurring access review history definition series. Only required if **reviewHistoryPeriodStartDateTime** or **reviewHistoryPeriodEndDateTime** are not defined.|
+
+### Supported scope queries for accessReviewHistoryDefinition
+
+The **scopes** property of [accessReviewHistoryDefinition](../resources/accessreviewhistorydefinition.md) is based on **accessReviewQueryScope**, a resource that allows you to configure different resources in it's **query** property. These resources then represent the scope of the history definition and dictate the type of review history data that is included in the downloadable CSV file which is generated when the history definition's [accessReviewHistoryInstances](../resources/accessreviewhistoryinstance.md) are created.
+
+Use the following format for the **query** property:
+
+```http
+/identityGovernance/accessReviews/definitions?$filter=contains(scope/query, '{object}')
+```
+
+The value of `{object}` is one of the resources that can be configured in an **accessReviewScheduleDefinition**. For example, the following includes every accessReviewScheduleDefinition review result on individual groups (and excludes definitions scoped to all Microsoft 365 groups with guest users).
+
+```http
+/identityGovernance/accessReviews/definitions?$filter=contains(scope/query, '/groups')
+```
+
+For more supported values, see Use the [$filter query parameter on accessReviewScheduleDefinition](accessreviewset-list-definitions.md#use-the-filter-query-parameter).
+
+## Response
+
+If successful, this method returns a `201 Created` response code and an [accessReviewHistoryDefinition](../resources/accessreviewhistorydefinition.md) object in the response body.
+
+## Examples
+
+The following example shows how to create an access review history definition scoped to access reviews on access packages and groups, running between the start date of 01/01/2021 and end date of 04/05/2021.
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_accessreviewhistorydefinition_from_"
+}
+-->
+
+``` http
+POST https://graph.microsoft.com/v1.0/identityGovernance/accessReviews/historyDefinitions
+Content-Type: application/json
+
+{
+ "displayName": "Last quarter's group reviews April 2021",
+ "decisions": [
+ "approve",
+ "deny",
+ "dontKnow",
+ "notReviewed",
+ "notNotified"
+ ],
+ "scheduleSettings": {
+ "reportRange": "P1M",
+ "recurrence": {
+ "pattern": {
+ "type": "monthly",
+ "interval": 1
+ },
+ "range": {
+ "type": "noEnd",
+ "startDate": "2018-08-03T21:02:30.667Z",
+ "count": 0
+ }
+ }
+ },
+ "scopes": [
+ {
+ "@odata.type": "#microsoft.graph.accessReviewQueryScope",
+ "queryType": "MicrosoftGraph",
+ "query": "/identityGovernance/accessReviews/definitions?$filter=contains(scope/query, 'accessPackageAssignments')",
+ "queryRoot": null
+ },
+ {
+ "@odata.type": "#microsoft.graph.accessReviewQueryScope",
+ "queryType": "MicrosoftGraph",
+ "query": "/identityGovernance/accessReviews/definitions?$filter=contains(scope/query, '/groups')",
+ "queryRoot": null
+ }
+ ]
+}
+```
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
++++
+### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessReviewHistoryDefinition"
+}
+-->
+
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.accessReviewHistoryDefinition",
+ "id": "b2cb022f-b7e1-40f3-9854-c65a40861c38",
+ "displayName": "Last quarter's group reviews April 2021",
+ "scheduleSettings": {
+ "reportRange": "P1M",
+ "recurrence": {
+ "pattern": {
+ "type": "monthly",
+ "interval": 1
+ },
+ "range": {
+ "type": "noEnd",
+ "startDate": "2018-08-03T21:02:30.667Z",
+ "count": 0
+ }
+ }
+ },
+ "decisions": [
+ "approve",
+ "deny",
+ "dontKnow",
+ "notReviewed",
+ "notNotified"
+ ],
+ "status": "requested",
+ "createdDateTime": "2021-04-14T00:22:48.9392594Z",
+ "createdBy": {
+ "id": "957f1027-c0ee-460d-9269-b8444459e0fe",
+ "displayName": "MOD Administrator",
+ "userPrincipalName": "admin@contoso.com"
+ },
+ "scopes": [
+ {
+ "@odata.type": "#microsoft.graph.accessReviewQueryScope",
+ "queryType": "MicrosoftGraph",
+ "query": "/identityGovernance/accessReviews/definitions?$filter=contains(scope/query, 'accessPackageAssignments')",
+ "queryRoot": null
+ },
+ {
+ "@odata.type": "#microsoft.graph.accessReviewQueryScope",
+ "queryType": "MicrosoftGraph",
+ "query": "/identityGovernance/accessReviews/definitions?$filter=contains(scope/query, '/groups')",
+ "queryRoot": null
+ }
+ ]
+}
+```
v1.0 Administrativeunit Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/administrativeunit-get.md
Do not supply a request body for this method.
If successful, this method returns a `200 OK` response code and [administrativeUnit](../resources/administrativeunit.md) object in the response body. ## Example
-##### Request
+### Request
Here is an example of the request.
Here is an example of the request.
"name": "get_administrativeunit" }--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/directory/administrativeUnits/{id}
+GET https://graph.microsoft.com/v1.0/directory/administrativeUnits/4d7ea995-bc0f-45c0-8c3e-132e93bf95f8
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/get-administrativeunit-csharp-snippets.md)]
GET https://graph.microsoft.com/v1.0/directory/administrativeUnits/{id}
-
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+Here is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
HTTP/1.1 200 OK
Content-type: application/json {
- "displayName": "displayName-value",
- "description": "description-value",
- "visibility": "visibility-value",
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directory/administrativeUnits/$entity",
+ "id": "4d7ea995-bc0f-45c0-8c3e-132e93bf95f8",
+ "deletedDateTime": null,
+ "displayName": "Seattle District Technical Schools",
+ "description": "Seattle district technical schools administration",
+ "membershipRule": null,
+ "membershipType": null,
+ "membershipRuleProcessingState": null,
+ "visibility": "HiddenMembership"
} ```
v1.0 Administrativeunit List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/administrativeunit-list.md
- Title: "List administrativeUnits"
-description: "Retrieve a list of administrativeUnit objects."
-
-doc_type: apiPageType
--
-# List administrativeUnits
-
-Namespace: microsoft.graph
-
-Retrieve a list of [administrativeUnit](../resources/administrativeunit.md) objects.
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | AdministrativeUnit.Read.All, Directory.Read.All, AdministrativeUnit.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | AdministrativeUnit.Read.All, Directory.Read.All, AdministrativeUnit.ReadWrite.All, Directory.ReadWrite.All |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-GET /directory/administrativeUnits
-```
-## Optional query parameters
-This method supports the `$count`, `$select`, `$search`, `$filter` (`eq`), and `$expand` [OData query parameters](/graph/query-parameters) to help customize the response.
-
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required.|
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and collection of [administrativeUnit](../resources/administrativeunit.md) objects in the response body.
-## Example
-##### Request
-Here is an example of the request.
--
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_administrativeunits"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/directory/administrativeUnits
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
------
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.administrativeUnit",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "value": [
- {
- "displayName": "displayName-value",
- "description": "description-value",
- "visibility": "visibility-value",
- "id": "id-value"
- }
- ]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "List administrativeUnits",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Administrativeunit Post Administrativeunits https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/administrativeunit-post-administrativeunits.md
- Title: "Create administrativeUnit"
-description: "Use this API to create a new administrativeUnit."
-
-doc_type: apiPageType
--
-# Create administrativeUnit
-
-Namespace: microsoft.graph
-
-Use this API to create a new [administrativeUnit](../resources/administrativeunit.md).
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | AdministrativeUnit.ReadWrite.All, Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | AdministrativeUnit.ReadWrite.All |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /directory/administrativeUnits
-
-```
-## Request headers
-| Name |Description|
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-| Content-type | application/json. Required. |
-
-## Request body
-In the request body, supply a JSON representation of an [administrativeUnit](../resources/administrativeunit.md) object.
-
-Because the **administrativeUnit** resource supports [extensions](/graph/extensibility-overview), you can use the `POST` operation and add custom properties with your own data to the administrative unit while creating it.
-
-## Response
-
-If successful, this method returns a `201 Created` response code and an [administrativeUnit](../resources/administrativeunit.md) object in the response body.
-
-## Example
-
-### Request
-
-The following is an example of the request.
--
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "create_administrativeunit_from_administrativeunits"
-}-->
-```http
-POST https://graph.microsoft.com/v1.0/directory/administrativeUnits
-Content-type: application/json
-
-{
- "displayName": "Seattle District Technical Schools",
- "description": "Seattle district technical schools administration",
- "visibility": "HiddenMembership"
-}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
------
-In the request body, supply a JSON representation of an [administrativeUnit](../resources/administrativeunit.md) object.
-
-### Response
-
-The following is an example of the response.
-> Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.administrativeUnit"
-} -->
-```http
-HTTP/1.1 201 Created
-Content-type: application/json
-
-{
- "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#administrativeUnits/$entity",
- "id": "7a3dc8f3-b3a0-4164-9a99-ed36f3af039f",
- "deletedDateTime": null,
- "displayName": "Seattle District Technical Schools",
- "description": "Seattle district technical schools administration",
- "visibility": "HiddenMembership"
-}
-```
-
-## See also
--- [Add custom data to resources using extensions](/graph/extensibility-overview)-- [Add custom data to users using open extensions (preview)](/graph/extensibility-open-users)
-<!--
-- [Add custom data to groups using schema extensions (preview)](/graph/extensibility-schema-groups)>--
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "Create administrativeUnit",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}
>
v1.0 Administrativeunit Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/administrativeunit-update.md
ms.prod: "directory-management"
doc_type: apiPageType
-# Update administrativeunit
+# Update administrativeUnit
Namespace: microsoft.graph
In the request body, supply the values for relevant fields that should be update
|:|:--|:-| |description|string|Description for the administrative unit.| |displayName|string|Display name for the administrative unit.|
-|visibility|string|Visibility for the administrative unit. If not set then the default is "public". Can be set to "HiddenMembership", which hides the membership from non-members.|
-Since the **administrativeUnit** resource supports [extensions](/graph/extensibility-overview), you can use the `PATCH` operation to
-add, update, or delete your own app-specific data in custom properties of an extension in an existing **administrativeUnit** instance.
+Since the **administrativeUnit** resource supports [extensions](/graph/extensibility-overview), you can use the `PATCH` operation to add, update, or delete your own app-specific data in custom properties of an extension in an existing **administrativeUnit** instance.
## Response
If successful, this method returns a `204 No Content` response code.
## Example
-##### Request
+### Request
# [HTTP](#tab/http)
If successful, this method returns a `204 No Content` response code.
"name": "update_administrativeunit" }--> ```http
-PATCH https://graph.microsoft.com/v1.0/directory/administrativeUnits/{id}
+PATCH https://graph.microsoft.com/v1.0/directory/administrativeUnits/4d7ea995-bc0f-45c0-8c3e-132e93bf95f8
Content-type: application/json {
- "displayName": "displayName-value",
- "description": "description-value",
- "visibility": "visibility-value"
+ "displayName": "Greater Seattle District Technical Schools"
} ``` # [C#](#tab/csharp)
Content-type: application/json
---
-##### Response
+### Response
<!-- { "blockType": "response"
v1.0 Agreement Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/agreement-delete.md
Do not supply a request body for this method.
## Response
-If successful, this method returns a `204, No Content` response code. It does not return anything in the response body.
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
## Example ### Request
If successful, this method returns a `204, No Content` response code. It does no
"name": "delete_agreement" }--> ```http
-DELETE https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements/093b947f-8363-4979-a47d-4c52b33ee1be
+DELETE https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements/0ec9f6a6-159d-4dd8-a563-1f0b5935e80b
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/delete-agreement-csharp-snippets.md)]
DELETE https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements
[!INCLUDE [sample-code](../includes/snippets/go/delete-agreement-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ ### Response
->**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true
v1.0 Agreement Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/agreement-get.md
GET /identityGovernance/termsOfUse/agreements/{id}
``` ## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.
## Request headers | Name | Type | Description |
This method supports the [OData Query Parameters](/graph/query-parameters) to he
Do not supply a request body for this method. ## Response If successful, this method returns a `200 OK` response code and [agreement](../resources/agreement.md) object in the response body.
-## Example
-### Request
+## Examples
+### Example 1: Retrieve an agreement
-# [HTTP](#tab/http)
+#### Request
<!-- { "blockType": "request", "name": "get_agreement" }--> ```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements/0ec9f6a6-159d-4dd8-a563-1f0b5935e80b
+```
+
+#### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.agreement"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#agreements/$entity",
+ "id": "0ec9f6a6-159d-4dd8-a563-1f0b5935e80b",
+ "displayName": "All users terms of use",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": "P90D",
+ "isViewingBeforeAcceptanceRequired": false,
+ "isPerDeviceAcceptanceRequired": false
+}
+```
++
+### Example 2: Retrieve an agreement and its related files
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_agreement_files"
+}-->
+```msgraph-interactive
GET https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements/093b947f-8363-4979-a47d-4c52b33ee1be?$expand=files ``` # [C#](#tab/csharp)
GET https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements/09
[!INCLUDE [sample-code](../includes/snippets/go/get-agreement-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
-### Response
+#### Response
>**Note:** The response object shown here might be shortened for readability. <!-- { "blockType": "response",
HTTP/1.1 200 OK
Content-type: application/json {
- "displayName": "MSGraph Sample",
- "isViewingBeforeAcceptanceRequired": true,
- "id": "id-value",
- "files": [
- {
- "id": "093b947f-8363-4979-a47d-4c52b33ee1be",
- "language": "en",
- "fileName": "TOU.pdf",
- "isDefault": true
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#agreements(files())/$entity",
+ "id": "0ec9f6a6-159d-4dd8-a563-1f0b5935e80b",
+ "displayName": "All users terms of use",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": "P90D",
+ "isViewingBeforeAcceptanceRequired": false,
+ "isPerDeviceAcceptanceRequired": false,
+ "files@odata.context": "https://graph.microsoft.com/v1.0/$metadata#identityGovernance/termsOfUse/agreements('0ec9f6a6-159d-4dd8-a563-1f0b5935e80b')/files",
+ "files": [
+ {
+ "id": "681b73a7-e9ae-4f2d-aca5-9e857599cd15",
+ "fileName": "ToU.pdf",
+ "displayName": "Contoso Terms of Use",
+ "language": "en-GB",
+ "isDefault": true,
+ "isMajorVersion": false,
+ "createdDateTime": "2022-03-02T14:11:32.885186Z",
+ "fileData": null
+ }
+ ]
} ```
v1.0 Agreement List Acceptances https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/agreement-list-acceptances.md
+
+ Title: "List acceptances"
+description: "Get the details about the acceptance records for a specific agreement."
+
+ms.localizationpriority: medium
++
+# List acceptances
+Namespace: microsoft.graph
+
+Get the details about the acceptance records for a specific agreement.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | AgreementAcceptance.Read, AgreementAcceptance.Read.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Not supported. |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/termsOfUse/agreements/{agreementsId}/acceptances
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [agreementAcceptance](../resources/agreementacceptance.md) objects in the response body.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "request",
+ "name": "list_agreementacceptance"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements/94410bbf-3d3e-4683-8149-f034e55c39dd/acceptances
+```
++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.agreementAcceptance)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#agreementAcceptances",
+ "value": [
+ {
+ "id": "94410bbf-3d3e-4683-8149-f034e55c39dd_d4bb5206-77bf-4d5c-96b4-cf7b0ed3be98",
+ "agreementId": "94410bbf-3d3e-4683-8149-f034e55c39dd",
+ "userId": "d4bb5206-77bf-4d5c-96b4-cf7b0ed3be98",
+ "deviceId": "00000000-0000-0000-0000-000000000000",
+ "deviceDisplayName": null,
+ "deviceOSType": null,
+ "deviceOSVersion": null,
+ "agreementFileId": "08033369-8972-42a3-8533-90bbd2757a01",
+ "userDisplayName": "Megan Bowen",
+ "userPrincipalName": "MeganB@Contoso.com",
+ "userEmail": "MeganB@Contoso.com",
+ "recordedDateTime": "2022-03-04T14:11:22.6658376Z",
+ "expirationDateTime": null,
+ "state": "accepted"
+ }
+ ]
+}
+```
+
v1.0 Agreement List Files https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/agreement-list-files.md
+
+ Title: "List files (localized agreement files)"
+description: "Retrieve all localized files related to an agreement."
+ms.localizationpriority: medium
+++
+# List files (localized agreement files)
+Namespace: microsoft.graph
+
+Retrieve all localized files related to an agreement.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Agreement.Read.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Not supported. |
++
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /agreements/{agreementsId}?$expand=files
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [agreementFileLocalization](../resources/agreementfilelocalization.md) objects in the response body.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "request",
+ "name": "list_agreementfilelocalization"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements/94410bbf-3d3e-4683-8149-f034e55c39dd?$expand=files
+```
++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.agreementFileLocalization"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#agreements(files())/$entity",
+ "id": "94410bbf-3d3e-4683-8149-f034e55c39dd",
+ "displayName": "Contoso ToU for guest users",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": null,
+ "isViewingBeforeAcceptanceRequired": true,
+ "isPerDeviceAcceptanceRequired": false,
+ "files@odata.context": "https://graph.microsoft.com/v1.0/$metadata#identityGovernance/termsOfUse/agreements('94410bbf-3d3e-4683-8149-f034e55c39dd')/files",
+ "files": [
+ {
+ "id": "08033369-8972-42a3-8533-90bbd2757a01",
+ "fileName": "TOU.pdf",
+ "displayName": "Contoso ToU for guest users",
+ "language": "en",
+ "isDefault": true,
+ "isMajorVersion": false,
+ "createdDateTime": "2022-03-04T13:14:13.9361722Z",
+ "fileData": null
+ },
+ {
+ "id": "90d1723c-52c1-40e3-a51a-da99a82c0327",
+ "fileName": "Contoso ToU for guest users (French)",
+ "displayName": "Contoso ToU for guest users (French)",
+ "language": "fr-FR",
+ "isDefault": false,
+ "isMajorVersion": false,
+ "createdDateTime": "2022-03-04T14:38:22.8292386Z",
+ "fileData": null
+ }
+ ]
+}
+```
+
v1.0 Agreement Post Files https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/agreement-post-files.md
+
+ Title: "Create agreementFileLocalization"
+description: "Create a new localized agreement file."
+
+ms.localizationpriority: medium
++
+# Create agreementFileLocalization
+Namespace: microsoft.graph
+
+Create a new localized agreement file.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Agreement.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Not supported. |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /agreements/{agreementsId}/files
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [agreementFileLocalization](../resources/agreementfilelocalization.md) object.
+
+You can specify the following properties when creating an **agreementFileLocalization**.
+
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|Localized display name of the policy file of an agreement. The localized display name is shown to end users who view the agreement.|
+|fileData|[agreementFileData](../resources/agreementfiledata.md)|Data that represents the terms of use PDF document.|
+|fileName|String|Name of the agreement file (for example, TOU.pdf). |
+|isDefault|Boolean|If none of the languages matches the client preference, indicates whether this is the default agreement file . If none of the files are marked as default, the first one is treated as the default. Read-only.|
+|isMajorVersion|Boolean|Indicates whether the agreement file is a major version update. Major version updates invalidate the agreement's acceptances on the corresponding language.|
+|language|String|The language of the agreement file in the format "languagecode2-country/regioncode2". "languagecode2" is a lowercase two-letter code derived from ISO 639-1, while "country/regioncode2" is derived from ISO 3166 and usually consists of two uppercase letters, or a BCP-47 language tag. For example, U.S. English is `en-US`.|
+++
+## Response
+
+If successful, this method returns a `200 OK` response code and an [agreementFileLocalization](../resources/agreementfilelocalization.md) object in the response body.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "ignored",
+ "name": "create_agreementfilelocalization_from_"
+}
+-->
+``` http
+POST https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements/94410bbf-3d3e-4683-8149-f034e55c39dd/files
+Content-Type: application/json
+
+{
+ "fileName": "Contoso ToU for guest users (French)",
+ "language": "fr-FR",
+ "isDefault": false,
+ "isMajorVersion": false,
+ "displayName": "Contoso ToU for guest users (French)",
+ "fileData": {
+ "data": "JVBERi0xLjUKJb/3ov4KNCAwIG9iago8PCAvTGluZWFyaX//truncated-binary-data"
+ }
+}
+```
++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.agreementFileLocalization"
+}
+-->
+
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#identityGovernance/termsOfUse/agreements('94410bbf-3d3e-4683-8149-f034e55c39dd')/files/$entity",
+ "id": "90d1723c-52c1-40e3-a51a-da99a82c0327",
+ "fileName": "Contoso ToU for guest users (French)",
+ "displayName": "Contoso ToU for guest users (French)",
+ "language": "fr-FR",
+ "isDefault": false,
+ "isMajorVersion": false,
+ "createdDateTime": "2022-03-04T14:38:22.8292386Z",
+ "fileData": {
+ "data": "JVBERi0xLjUKJb/"
+ }
+}
+```
v1.0 Agreement Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/agreement-update.md
In the request body, supply the values for relevant fields that should be update
|isViewingBeforeAcceptanceRequired|Boolean|Whether the user has to expand and view the agreement before accepting.| ## Response
-If successful, this method returns a `200 OK` response code and an updated [agreement](../resources/agreement.md) object in the response body.
+If successful, this method returns a `204 No Content` response code.
## Example ### Request
If successful, this method returns a `200 OK` response code and an updated [agre
"blockType": "request", "name": "update_agreement" }-->
-```http
-PATCH https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements/093b947f-8363-4979-a47d-4c52b33ee1be
+```msgraph-interactive
+PATCH https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements/0ec9f6a6-159d-4dd8-a563-1f0b5935e80b
Content-type: application/json {
- "displayName": "Sample ToU display name",
- "isViewingBeforeAcceptanceRequired": true
+ "displayName": "All Contoso volunteers - Terms of use",
+ "isViewingBeforeAcceptanceRequired": true
} ``` # [C#](#tab/csharp)
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/update-agreement-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
Content-type: application/json
<!-- { "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.agreement"
+ "truncated": true
} --> ```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "displayName": "Sample ToU display name",
- "isViewingBeforeAcceptanceRequired": true,
- "id": "093b947f-8363-4979-a47d-4c52b33ee1be"
-}
+HTTP/1.1 204 No Content
``` <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
v1.0 Agreementfile Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/agreementfile-get.md
+
+ Title: "Get agreementFile"
+description: "Retrieve the details of the default file for an agreement, including the language and version information."
+
+ms.localizationpriority: medium
++
+# Get agreementFile
+Namespace: microsoft.graph
+
+Retrieve the details of the default file for an agreement, including the language and version information. The file information is specified through the [agreementFile](../resources/agreementfile.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Agreement.Read.All, Agreement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Not supported.|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /agreements/{agreementsId}/file
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [agreementFile](../resources/agreementfile.md) objects in the response body.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "request",
+ "name": "list_agreementfile"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements/94410bbf-3d3e-4683-8149-f034e55c39dd/file
+```
++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.agreementFile"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#identityGovernance/termsOfUse/agreements('94410bbf-3d3e-4683-8149-f034e55c39dd')/file/$entity",
+ "@odata.type": "#microsoft.graph.agreementFileLocalization",
+ "id": "08033369-8972-42a3-8533-90bbd2757a01",
+ "fileName": "TOU.pdf",
+ "displayName": "Contoso ToU for guest users",
+ "language": "en",
+ "isDefault": true,
+ "isMajorVersion": false,
+ "createdDateTime": "2022-03-04T13:14:13.9361722Z",
+ "fileData": null
+}
+```
+
v1.0 Application Delete Extensionproperty https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-delete-extensionproperty.md
- Title: "Delete extensionProperty"
-description: "Delete an extensionProperty."
-
-doc_type: "apiPageType"
--
-# Delete extensionProperty
-
-Namespace: microsoft.graph
-
-Delete an [extensionProperty](../resources/extensionproperty.md).
-
-## Permissions
-
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Application.ReadWrite.All, Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Application.ReadWrite.All |
-|Application | Application.ReadWrite.OwnedBy, Application.ReadWrite.All |
-
-## HTTP request
-
-<!-- { "blockType": "ignored" } -->
-
-```http
-DELETE /applications/{id}/extensionProperties/{id}
-```
-
-## Request headers
-
-| Name | Description|
-|:--|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
-
-## Examples
-
-### Request
-
-The following is an example of the request.
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "delete_extensionproperty"
-}-->
-
-```http
-DELETE https://graph.microsoft.com/v1.0/applications/{id}/extensionProperties/{id}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
----
-### Response
-
-The following is an example of the response.
-
-<!-- {
- "blockType": "response",
- "truncated": true
-} -->
-
-```http
-HTTP/1.1 204 No Content
-```
-
-<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
-2019-02-04 14:57:30 UTC -->
-<!-- {
- "type": "#page.annotation",
- "description": "Delete extensionProperty",
- "keywords": "",
- "section": "documentation",
- "tocPath": ""
-}-->
-
v1.0 Application List Extensionproperty https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-list-extensionproperty.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/applications/{id}/extensionProperties
+GET https://graph.microsoft.com/v1.0/applications/fd918e4b-c821-4efb-b50a-5eddd23afc6f/extensionProperties
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/get-extensionproperties-csharp-snippets.md)]
HTTP/1.1 200 OK
Content-type: application/json {
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications('fd918e4b-c821-4efb-b50a-5eddd23afc6f')/extensionProperties",
"value": [ {
- "id": "a2c459db-f5dc-4328-ae9b-118e88d04d19",
+ "id": "da38c7b1-133e-4a79-abcd-e2fd586ce621",
"deletedDateTime": null,
- "appDisplayName": "Display name",
- "name": "extension_b3efaf8f68a44275abcff28ef86b2ee3_extensionName",
+ "appDisplayName": "",
"dataType": "String", "isSyncedFromOnPremises": false,
+ "name": "extension_25883231668a43a780b25685c3f874bc_jobGroup",
"targetObjects": [
- "Application"
+ "User"
+ ]
+ },
+ {
+ "id": "1f0f15e3-925d-40f0-8fc8-9d3ad135bce0",
+ "deletedDateTime": null,
+ "appDisplayName": "",
+ "dataType": "String",
+ "isSyncedFromOnPremises": false,
+ "name": "extension_25883231668a43a780b25685c3f874bc_cpiminternal_useAccountEnabledForPhone",
+ "targetObjects": [
+ "User"
] } ]
v1.0 Application Post Extensionproperty https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-post-extensionproperty.md
The following is an example of the request.
}--> ```http
-POST https://graph.microsoft.com/v1.0/applications/{id}/extensionProperties
+POST https://graph.microsoft.com/v1.0/applications/fd918e4b-c821-4efb-b50a-5eddd23afc6f/extensionProperties
Content-type: application/json {
- "name": "extensionName",
- "dataType": "string",
+ "name": "jobGroup",
+ "dataType": "String",
"targetObjects": [
- "Application"
+ "User"
] } ```
HTTP/1.1 201 Created
Content-type: application/json {
- "id": "a2c459db-f5dc-4328-ae9b-118e88d04d19",
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications('fd918e4b-c821-4efb-b50a-5eddd23afc6f')/extensionProperties/$entity",
+ "id": "da38c7b1-133e-4a79-abcd-e2fd586ce621",
"deletedDateTime": null,
- "appDisplayName": "Display name",
- "name": "extension_b3efaf8f68a44275abcff28ef86b2ee3_extensionName",
+ "appDisplayName": "b2c-extensions-app. Do not modify. Used by AADB2C for storing user data.",
"dataType": "String", "isSyncedFromOnPremises": false,
+ "name": "extension_25883231668a43a780b25685c3f874bc_jobGroup",
"targetObjects": [
- "Application"
+ "User"
] } ```
v1.0 Application Removekey https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-removekey.md
In the request body, provide the following required properties.
| Property | Type | Description| |:-|:--|:--|
-| keyId | GUID | The unique identifier for the password.|
+| keyId | Guid | The unique identifier for the password.|
| proof | String | A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed using the private key of one of the application's existing valid certificates. The token should contain the following claims:<ul><li>`aud` - Audience needs to be `00000002-0000-0000-c000-000000000000`.</li><li>`iss` - Issuer needs to be the __id__ of the application that is making the call.</li><li>`nbf` - Not before time.</li><li>`exp` - Expiration time should be "nbf" + 10 mins.</li></ul><br>Here is a code [sample](/graph/application-rollkey-prooftoken) that can be used to generate this proof of possession token.| ## Response
v1.0 Application Removepassword https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-removepassword.md
POST /applications/{id}/removePassword
| Property | Type | Description| |:-|:--|:--|
-| keyId | GUID | The unique identifier for the password. Required. |
+| keyId | Guid | The unique identifier for the password. Required. |
## Response
v1.0 Approval Filterbycurrentuser https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/approval-filterbycurrentuser.md
+
+ Title: "approval: filterByCurrentUser"
+description: "Get the approval resources from the accessPackageAssignmentApprovals navigation property for the current user."
+
+ms.localizationpriority: medium
++
+# approval: filterByCurrentUser
+Namespace: microsoft.graph
+
+In Azure AD entitlement management, return a collection of [access package assignment approvals](../resources/approval.md). The returned objects are those which the calling user is in the scope of being an approver.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | EntitlementManagement.ReadWrite.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Not supported. |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageAssignmentApprovals/filterByCurrentUser(on='approver')
+```
+
+## Function parameters
+This method supports the OData query parameters for paging through a large result set. For general information, see [OData query parameters](/graph/query-parameters).
+
+|Parameter|Type|Description|
+|:|:|:|
+|on|approvalFilterByCurrentUserOptions| The allowed value is `approver`. Required.|
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [approval](../resources/approval.md) objects in the response body.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "request",
+ "name": "approvalthis-filterbycurrentuser"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/accessPackageAssignmentApprovals/filterByCurrentUser(on='approver')
+```
++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.approval)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.approval",
+ "id": "368f6786-6786-368f-8667-8f3686678f36"
+ }
+ ]
+}
+```
+
v1.0 Approval Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/approval-get.md
+
+ Title: "Get approval"
+description: "Retrieve the properties of an approval object."
+ms.localizationpriority: medium
+++
+# Get approval
+
+Namespace: microsoft.graph
+
+In [Azure AD entitlement management](../resources/entitlementmanagement-overview.md), retrieve the properties of an [approval](../resources/approval.md) object. This call can be made by an approver, providing the identifier of the [access package assignment request](../resources/accesspackageassignmentrequest.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Not supported. |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /identityGovernance/entitlementManagement/accessPackageAssignmentApprovals/{accessPackageAssignmentRequestId}
+```
+
+## Request headers
+
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer \{token\}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and the requested [approval](../resources/approval.md) object in the response body. If the caller does not have the right permissions, the method returns a `403 Forbidden` response code.
+
+## Examples
+
+### Request
+
+<!-- {
+ "blockType": "request",
+ "name": "get_approval"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/accessPackageAssignmentApprovals/abd306ef-f7b2-4a10-9fd1-493454322489
+```
+
+### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.approval"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "id": "abd306ef-f7b2-4a10-9fd1-493454322489",
+ "stages": [
+ {
+ "id": "d4fa4045-4716-436d-aec5-57b0a713f095",
+ "displayName": null,
+ "reviewedDateTime": null,
+ "reviewResult": "NotReviewed",
+ "status": "InProgress",
+ "assignedToMe": true,
+ "justification": "",
+ "reviewedBy": null
+ }
+ ]
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2021-02-12 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Get approval",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
++
v1.0 Approval List Stages https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/approval-list-stages.md
+
+ Title: "List stages"
+description: "List approval stages associated with an approval object."
+ms.localizationpriority: medium
+++
+# List stages
+
+Namespace: microsoft.graph
+
+In [Azure AD entitlement management](../resources/entitlementmanagement-overview.md), list the [approvalStage](../resources/approvalstage.md) objects associated with an [approval](../resources/approval.md) object. This call can be made by an approver, providing the identifier of the [access package assignment request](../resources/accesspackageassignmentrequest.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Not supported. |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /identityGovernance/entitlementManagement/accessPackageAssignmentApprovals/{accessPackageAssignmentRequestId}/stages
+```
+
+## Request headers
+
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer \{token\}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of the [approvalStage](../resources/approvalstage.md) objects in the response body. If the caller does not have the right permissions, the method returns a `403 Forbidden` response code.
+
+## Examples
+
+### Request
+
+<!-- {
+ "blockType": "request",
+ "name": "list_approvalstage"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/accessPackageAssignmentApprovals/abd306ef-f7b2-4a10-9fd1-493454322489/stages
+```
+
+### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.approvalStage"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "value": [
+ {
+ "id": "d4fa4045-4716-436d-aec5-57b0a713f095",
+ "displayName": null,
+ "reviewedDateTime": null,
+ "reviewResult": "NotReviewed",
+ "status": "InProgress",
+ "assignedToMe": true,
+ "justification": "",
+ "reviewedBy": null
+ }
+ ]
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2021-02-12 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "List approvalstage",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
++
v1.0 Approvalstage Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/approvalstage-get.md
+
+ Title: "Get approvalStage"
+description: "Retrieve the properties of an approvalStage object."
+ms.localizationpriority: medium
+++
+# Get approvalStage
+
+Namespace: microsoft.graph
+
+In [Azure AD entitlement management](../resources/entitlementmanagement-overview.md), retrieve the properties of an [approvalStage](../resources/approvalstage.md) object. An approval stage is contained within an [approval](../resources/approval.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Not supported. |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /identityGovernance/entitlementManagement/accessPackageAssignmentApprovals/{accessPackageAssignmentRequestId}/stages/{approvalStageId}
+```
+
+## Request headers
+
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer \{token\}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and the [approvalStage](../resources/approvalstage.md) object in the response body. If the caller does not have the right permissions, the method returns a `403 Forbidden` response code.
+
+## Examples
+
+### Request
+
+<!-- {
+ "blockType": "request",
+ "name": "get_approvalstage"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/accessPackageAssignmentApprovals/abd306ef-f7b2-4a10-9fd1-493454322489/stages/d4fa4045-4716-436d-aec5-57b0a713f095
+```
++
+### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.approvalStage"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "id": "d4fa4045-4716-436d-aec5-57b0a713f095",
+ "displayName": null,
+ "reviewedDateTime": null,
+ "reviewResult": "NotReviewed",
+ "status": "InProgress",
+ "assignedToMe": true,
+ "justification": "",
+ "reviewedBy": null
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2021-02-12 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Get approvalStage",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
++
v1.0 Approvalstage Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/approvalstage-update.md
+
+ Title: "Update approvalStage"
+description: "Apply approve or deny decision on an approvalStage object."
+ms.localizationpriority: medium
+++
+# Update approvalStage
+
+Namespace: microsoft.graph
+
+In [Azure AD entitlement management](../resources/entitlementmanagement-overview.md), approve or deny an [approvalStage](../resources/approvalstage.md) object in an [approval](../resources/approval.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+|:|:--|
+| Delegated (work or school account) | EntitlementManagement.ReadWrite.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Not supported. |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+PATCH /identityGovernance/entitlementManagement/accessPackageAssignmentApprovals/{accessPackageAssignmentRequestId}/stages/{approvalStageId}
+```
+
+## Request headers
+
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer \{token\}. Required. |
+
+## Request body
+
+The following table shows the properties that are required for this method.
+
+| Property | Type |Description|
+|:|:--|:-|
+| reviewResult | String | Decision of the approver. Possible values are: `Approve`, `Deny`. Required.|
+| justification | String | Justification related to the approver's decision. |
++
+## Response
+
+If successful, this method returns a `204 No Content` response code in the response body. IOf the caller does not have the right permissions, the method returns a `403 Forbidden` response code, or if the approval id is not found, the method returns `404 Not found`. If the request has already been approved by another approver in the same approval stage, the method returns `409 Conflict` response code.
+
+## Examples
+
+### Request
+
+<!-- {
+ "blockType": "request",
+ "name": "patch_approvalstage"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/v1.0/identityGovernance/entitlementManagement/accessPackageAssignmentApprovals/abd306ef-f7b2-4a10-9fd1-493454322489/stages/d4fa4045-4716-436d-aec5-57b0a713f095
+
+{
+ "reviewResult":"Approve",
+ "justification":"OK"
+}
+```
+
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2021-02-12 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "patch approvalStage",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Bitlocker List Recoverykeys https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/bitlocker-list-recoverykeys.md
The response might also contain an `odata.nextLink`, which you can use to page t
|Name|Description| |:|:| |Authorization|Bearer {token}. Required.|
+|User-Agent|The identifier for the calling application. This value contains information about the operating system and the browser used. Required.|
|ocp-client-name|The name of the client application performing the API call. This header is used for debugging purposes. Optional.| |ocp-client-version|The version of the client application performing the API call. This header is used for debugging purposes. Optional.|
The following is an example of the request.
--> ``` http GET https://graph.microsoft.com/v1.0/informationProtection/bitlocker/recoveryKeys
+User-Agent: "Dsreg/10.0 (Windows 10.0.19043.1466)"
ocp-client-name: "My Friendly Client" ocp-client-version: "1.2" ```
The following is an example of the request.
--> ``` http GET https://graph.microsoft.com/v1.0/informationProtection/bitlocker/recoveryKeys?$filter=deviceId eq '1ab40ab2-32a8-4b00-b6b5-ba724e407de9'
+User-Agent: "Dsreg/10.0 (Windows 10.0.19043.1466)"
ocp-client-name: "My Friendly Client" ocp-client-version: "1.2" ```
v1.0 Bitlockerrecoverykey Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/bitlockerrecoverykey-get.md
This method supports the `$select` OData query parameter to return the **key** p
|Name|Description| |:|:| |Authorization|Bearer {token}. Required.|
+|User-Agent|The identifier for the calling application. This value contains information about the operating system and the browser used. Required.|
|ocp-client-name|The name of the client application performing the API call. This header is used for debugging purposes. Optional.| |ocp-client-version|The version of the client application performing the API call. This header is used for debugging purposes. Optional.|
The following is an example of the request. This example does not return the **k
--> ``` http GET https://graph.microsoft.com/v1.0/informationProtection/bitlocker/recoveryKeys/b465e4e8-e4e8-b465-e8e4-65b4e8e465b4
+User-Agent: "Dsreg/10.0 (Windows 10.0.19043.1466)"
ocp-client-name: "My Friendly Client" ocp-client-version: "1.2" ```
The following is an example of the request.
--> ``` http GET https://graph.microsoft.com/v1.0/informationProtection/bitlocker/recoveryKeys/b465e4e8-e4e8-b465-e8e4-65b4e8e465b4?$select=key
+User-Agent: "Dsreg/10.0 (Windows 10.0.19043.1466)"
+ocp-client-name: "My Friendly Client"
+ocp-client-version: "1.2"
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/get-bitlockerrecoverykey-key-csharp-snippets.md)]
v1.0 Bookingappointment Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/bookingappointment-delete.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http DELETE /solutions/bookingBusinesses/{id}/appointments/{id}- ``` ## Request headers | Name | Description|
If successful, this method returns a `204 No Content` response code. It does not
## Example ### Request
-The following is an example of the request.
+The following is an example of a request.
<!-- { "blockType": "request"
DELETE https://graph.microsoft.com/v1.0/solutions/bookingBusinesses/Contosolunch
``` ### Response
-The following is an example of the response. Note: The response object shown here might be shortened for readability.
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true
v1.0 Bookingappointment Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/bookingappointment-update.md
One of the following permissions is required to call this API. To learn more, in
```http PATCH /solutions/bookingBusinesses/{id}/appointments/{id} ```+ ## Request headers+ | Name | Description| |:--|:--| | Authorization | Bearer {code}. Required.| ## Request body+ [!INCLUDE [table-intro](../../includes/update-property-table-intro.md)] | Property | Type |Description|
PATCH /solutions/bookingBusinesses/{id}/appointments/{id}
|endDateTime|[dateTimeTimeZone](../resources/datetimetimezone.md)|The date, time, and time zone that the appointment ends.| |filledAttendeesCount|Int32|The current number of customers in the appointment. Required.| |isLocationOnline|Boolean|If `true`, indicates that the appointment will be held online. Default value is false.|
-|maximumAttendeesCount|Int32|The maximum number of customers allowed in the appointment. Required.|
+|maximumAttendeesCount|Int32|The maximum number of customers allowed in the appointment. Required. |
|optOutOfCustomerEmail|Boolean|If `true`, indicates that the [bookingCustomer](../resources/bookingcustomer.md) for this appointment does not wish to receive a confirmation for this appointment.| |postBuffer|Duration|The amount of time to reserve after the appointment ends, for cleaning up, as an example. The value is expressed in [ISO8601](https://www.iso.org/iso-8601-date-and-time-format.html) format. | |preBuffer|Duration|The amount of time to reserve before the appointment begins, for preparation, as an example. The value is expressed in [ISO8601](https://www.iso.org/iso-8601-date-and-time-format.html) format.|
PATCH /solutions/bookingBusinesses/{id}/appointments/{id}
|staffMemberIds|String collection|The ID of each [bookingStaffMember](../resources/bookingstaffmember.md) who is scheduled in this appointment.| |startDateTime|[dateTimeTimeZone](../resources/datetimetimezone.md)|The date, time, and time zone that the appointment begins.|
+> [!NOTE]
+> If the maximum number of customers (**maximumAttedeesCount**) allowed in the [service](../resources/bookingservice.md) is greater than 1:
+> - Make sure that the customers exist in the Booking Calendar. If they donΓÇÖt, create using the [Create bookingCustomer](bookingbusiness-post-customers.md) operation.
+> - Pass valid customer IDs when you create or update the appointment. If the customer ID is not valid, that customer won't be included in the appointment object.
+ ## Response+ If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.+ ## Examples+ ### Request The following example changes the date of service by a day.
v1.0 Bookingbusiness Post Appointments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/bookingbusiness-post-appointments.md
POST /solutions/bookingBusinesses/{id}/appointments
| Authorization | Bearer {code}. Required.| ## Request body+ In the request body, supply a JSON representation of a [bookingAppointment](../resources/bookingappointment.md) object.
+If the maximum number of customers (**maximumAttedeesCount**) allowed in the [service](../resources/bookingservice.md) is greater than 1:
+
+- Make sure that the customers exist in the Booking Calendar. If they donΓÇÖt, create using the [Create bookingCustomer](bookingbusiness-post-customers.md) operation.
+
+- Pass valid customer IDs when you create or update the appointment. If the customer ID is not valid, that customer won't be included in the appointment object.
## Response If successful, this method returns a `201 Created` response code and a [bookingAppointment](../resources/bookingappointment.md) object in the response body.
v1.0 Certificatebasedauthconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/certificatebasedauthconfiguration-delete.md
DELETE https://graph.microsoft.com/v1.0/organization/{id}/certificateBasedAuthCo
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Certificatebasedauthconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/certificatebasedauthconfiguration-get.md
GET https://graph.microsoft.com/v1.0/organization/{id}/certificateBasedAuthConfi
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Channel List Tabs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/channel-list-tabs.md
Namespace: microsoft.graph
Retrieve the list of [tabs](../resources/teamstab.md) in the specified [channel](../resources/channel.md) within a [team](../resources/team.md).
+> **Note**: The Files tab is native to a channel or chat and is not returned by this API.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Chat Get Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chat-get-members.md
Title: "Get conversationMember in a chat" description: "Retrieve a member of a chat."-+ ms.localizationpriority: high ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Chat List Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chat-list-members.md
Title: "List members of a chat" description: "Retrieve members of a chat."-+ ms.localizationpriority: high ms.prod: "microsoft-teams" doc_type: apiPageType
GET https://graph.microsoft.com/v1.0/me/chats/19:8b081ef6-4792-4def-b2c9-c363a1b
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Chat Patch https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chat-patch.md
Title: "Update chat" description: "Update the properties of a chat object."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: apiPageType
v1.0 Chat Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chat-post-members.md
Title: "Add member to a chat" description: "Add a conversationMember to a chat."-+ doc_type: "apiPageType" ms.localizationpriority: medium ms.prod: "microsoft-teams"
v1.0 Chat Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chat-post.md
The following table lists the properties that are required to create a chat obje
|:|:|:| |topic|(Optional) String|The title of the chat. The chat title can be provided only if the chat is of `group` type.| |chatType|[chatType](../resources/chat.md#chattype-values)| Specifies the type of chat. Possible values are: `group` and `oneOnOne`. |
-|members|[conversationMember](../resources/conversationmember.md) collection|List of conversation members that should be added. Every single user, including the user initiating the create request, who will participate in the chat must be specified in this list.|
+|members|[conversationMember](../resources/conversationmember.md) collection|List of conversation members that should be added. Every user who will participate in the chat, including the user who initiates the create request, must be specified in this list. Each member must be assigned a role of `owner` or `guest`. Guest tenant users must be assigned the `guest` role.|
## Response
-If successful, this method returns a 201 Created response code and the newly created **chat** resource in the response body.
+If successful, this method returns a `201 Created` response code and the newly created **chat** resource in the response body.
## Examples
Content-Type: application/json
} ```
+### Example 4: Create a group chat with tenant guest user
+
+#### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_chat_group"
+}
+-->
+``` http
+POST https://graph.microsoft.com/v1.0/chats
+Content-Type: application/json
+
+{
+ "chatType": "group",
+ "topic": "Group chat title",
+ "members": [
+ {
+ "@odata.type": "#microsoft.graph.aadUserConversationMember",
+ "roles": ["owner"],
+ "user@odata.bind": "https://graph.microsoft.com/v1.0/users('8c0a1a67-50ce-4114-bb6c-da9c5dbcf6ca')"
+ },
+ {
+ "@odata.type": "#microsoft.graph.aadUserConversationMember",
+ "roles": ["owner"],
+ "user@odata.bind": "https://graph.microsoft.com/v1.0/users('82fe7758-5bb3-4f0d-a43f-e555fd399c6f')"
+ },
+ {
+ "@odata.type": "#microsoft.graph.aadUserConversationMember",
+ "roles": ["guest"],
+ "user@odata.bind": "https://graph.microsoft.com/v1.0/users('8ba98gf6-7fc2-4eb2-c7f2-aef9f21fd98g')"
+ }
+ ]
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+#### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.chat"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#chats/$entity",
+ "id": "19:1c5b01696d2e4a179c292bc9cf04e63b@thread.v2",
+ "topic": "Group chat title",
+ "createdDateTime": "2020-12-04T23:11:16.175Z",
+ "lastUpdatedDateTime": "2020-12-04T23:11:16.175Z",
+ "chatType": "group"
+}
+```
v1.0 Chatmessage List Hostedcontents https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/chatmessage-list-hostedcontents.md
GET https://graph.microsoft.com/v1.0/teams/fbe2bf47-16c8-47cf-b4a5-4b9b187c508b/
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Columndefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/columndefinition-get.md
GET /sites/{site-id}/lists/{list-id}/contentTypes/{contentType-id}/columns/{colu
## Request body
-
+Do not supply a request body for this method.
-Do not supply a request body with this method.
+## Response
+If successful, this method returns a `200 OK` response code and a [columnDefinition][columnDefinition] object in the response body.
## Example
-
- ### Request
+The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request", "name": "get_column_from_contenttype" } -->
GET /sites/{site-id}/contentTypes/{contentType-id}/columns/{column-id}
### Response
-
+The following is an example of the response.
<!-- { "blockType": "response", "@type": "microsoft.graph.columnDefinition", "truncated": true } -->
v1.0 Directory List Administrativeunits https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directory-list-administrativeunits.md
+
+ Title: "List administrativeUnits"
+description: "Retrieve a list of administrativeUnit objects."
+
+ms.localizationpriority: medium
++
+# List administrativeUnits
+
+Namespace: microsoft.graph
+
+Retrieve a list of [administrativeUnit](../resources/administrativeunit.md) objects.
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
++
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | AdministrativeUnit.Read.All, Directory.Read.All, AdministrativeUnit.ReadWrite.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | AdministrativeUnit.Read.All, Directory.Read.All, AdministrativeUnit.ReadWrite.All, Directory.ReadWrite.All |
+
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+```http
+GET /directory/administrativeUnits
+```
+## Optional query parameters
+This method supports the `$count`, `$select`, `$search`, `$filter` (`eq`), and `$expand` [OData query parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and collection of [administrativeUnit](../resources/administrativeunit.md) objects in the response body.
+## Example
+### Request
+Here is an example of the request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_administrativeunits"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/directory/administrativeUnits
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++++
+### Response
+Here is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.administrativeUnit",
+ "isCollection": true
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directory/administrativeUnits",
+ "value": [
+ {
+ "id": "4d7ea995-bc0f-45c0-8c3e-132e93bf95f8",
+ "deletedDateTime": null,
+ "displayName": "Seattle District Technical Schools",
+ "description": "Seattle district technical schools administration",
+ "membershipRule": null,
+ "membershipType": null,
+ "membershipRuleProcessingState": null,
+ "visibility": "HiddenMembership"
+ }
+ ]
+}
+```
+
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!--
+{
+ "type": "#page.annotation",
+ "description": "List administrativeUnits",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}
+-->
v1.0 Directory Post Administrativeunits https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directory-post-administrativeunits.md
+
+ Title: "Create administrativeUnit"
+description: "Use this API to create a new administrativeUnit."
+
+ms.localizationpriority: medium
++
+# Create administrativeUnit
+
+Namespace: microsoft.graph
+
+Use this API to create a new [administrativeUnit](../resources/administrativeunit.md).
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
++
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | AdministrativeUnit.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | AdministrativeUnit.ReadWrite.All |
+
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+```http
+POST /directory/administrativeUnits
+
+```
+## Request headers
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer {token}. Required. |
+| Content-type | application/json. Required. |
+
+## Request body
+In the request body, supply a JSON representation of an [administrativeUnit](../resources/administrativeunit.md) object.
+
+Because the **administrativeUnit** resource supports [extensions](/graph/extensibility-overview), you can use the `POST` operation and add custom properties with your own data to the administrative unit while creating it.
+
+## Response
+
+If successful, this method returns a `201 Created` response code and an [administrativeUnit](../resources/administrativeunit.md) object in the response body.
+
+## Example
+
+### Request
+
+The following is an example of the request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_administrativeunit_from_administrativeunits"
+}-->
+```http
+POST https://graph.microsoft.com/v1.0/directory/administrativeUnits
+Content-type: application/json
+
+{
+ "displayName": "Seattle District Technical Schools",
+ "description": "Seattle district technical schools administration",
+ "visibility": "HiddenMembership"
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++++
+In the request body, supply a JSON representation of an [administrativeUnit](../resources/administrativeunit.md) object.
+
+### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.administrativeUnit"
+} -->
+```http
+HTTP/1.1 201 Created
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#administrativeUnits/$entity",
+ "id": "7a3dc8f3-b3a0-4164-9a99-ed36f3af039f",
+ "deletedDateTime": null,
+ "displayName": "Seattle District Technical Schools",
+ "description": "Seattle district technical schools administration",
+ "visibility": "HiddenMembership"
+}
+```
+
+## See also
+
+- [Add custom data to resources using extensions](/graph/extensibility-overview)
+- [Add custom data to users using open extensions (preview)](/graph/extensibility-open-users)
+<!--
+- [Add custom data to groups using schema extensions (preview)](/graph/extensibility-schema-groups)
+-->
++
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!--
+{
+ "type": "#page.annotation",
+ "description": "Create administrativeUnit",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}
+-->
v1.0 Directoryobject Getavailableextensionproperties https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directoryobject-getavailableextensionproperties.md
POST https://graph.microsoft.com/v1.0/directoryObjects/getAvailableExtensionProp
Content-Type: application/json {
- "isSyncedFromOnPremises": "Boolean"
+ "isSyncedFromOnPremises": true
} ``` # [JavaScript](#tab/javascript)
HTTP/1.1 200 OK
Content-Type: application/json {
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#Collection(extensionProperty)",
"value": [ { "@odata.type": "#microsoft.graph.extensionProperty",
v1.0 Driveitem Get Content Format https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/driveitem-get-content-format.md
Not all files can be converted into all formats.
To download the item in its original format, see [download an item's contents](driveitem-get-content.md).
-## Prerequisites
+## Permissions
-To call this API, the user must have granted the application read access to the file the app wishes to convert.
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+|:|:|
+| Delegated (work or school account) | Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
+| Delegated (personal Microsoft account) | Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All |
+| Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All |
## HTTP request
GET /drive/root:/{path and filename}:/content?format={format}
|:-|:-|:| | _format_ | string | Specify the format the item's content should be downloaded as. | - ### Format options The following values are valid for the **format** parameter:
The following values are valid for the **format** parameter:
## Example - # [HTTP](#tab/http) <!-- { "blockType": "request", "name": "convert-item-content", "scopes": "files.read" } -->
v1.0 Driveitem Get Content https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/driveitem-get-content.md
Previously updated : 09/10/2017 Title: Download a file ms.localizationpriority: high ms.prod: "sharepoint"
-description: "Download the contents of the primary stream (file) of a DriveItem. Only driveItems with the file property can be downloaded."
+description: "Download the contents of the primary stream (file) of a driveItem. Only driveItems with the file property can be downloaded."
doc_type: apiPageType # Download the contents of a DriveItem
Namespace: microsoft.graph
[!INCLUDE [tls-1.2-required](../../includes/tls-1.2-required.md)]
-Download the contents of the primary stream (file) of a DriveItem. Only driveItems with the **file** property can be downloaded.
+Download the contents of the primary stream (file) of a [driveItem](../resources/driveitem.md). Only **driveItems** with the **file** property can be downloaded.
## Permissions
GET /users/{userId}/drive/items/{item-id}/content
Here is an example to download a complete file. -
+### Request
# [HTTP](#tab/http) <!-- { "blockType": "request", "name": "download-item-content", "scopes": "files.read" } -->
HTTP/1.1 302 Found
Location: https://b0mpua-by3301.files.1drv.com/y23vmagahszhxzlcvhasdhasghasodfi ```
+## Downloading files in JavaScript apps
+To download files in a JavaScript app, you cannot use the `/content` API, because this responds with a `302` redirect.
+A `302` redirect is explicitly prohibited when a [Cross-Origin Resource Sharing (CORS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) _preflight_ is required, such as when providing the **Authorization** header.
+
+Instead, your app needs to select the `@microsoft.graph.downloadUrl` property, which returns the same URL that `/content` directs to.
+This URL can then be requested directly using XMLHttpRequest.
+Because these URLs are pre-authenticated, they can be retrieved without a CORS preflight request.
+
+### Example
+
+To retrieve the download URL for a file, first make a request that includes the `@microsoft.graph.downloadUrl` property:
+
+```http
+GET /drive/items/{item-ID}?select=id,@microsoft.graph.downloadUrl
+```
+
+This returns the ID and download URL for a file:
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "id": "12319191!11919",
+ "@microsoft.graph.downloadUrl": "https://..."
+}
+```
+
+You can then make an XMLHttpRequest for the URL provided in `@microsoft.graph.downloadUrl` to retrieve the file.
+ ## Partial range downloads To download a partial range of bytes from the file, your app can use the `Range` header as specified in [RFC 2616](https://www.ietf.org/rfc/rfc2616.txt).
v1.0 Driveitem List Children https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/driveitem-list-children.md
GET /drives/{drive-id}/items/{item-id}/children
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Driveitemversion Restore https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/driveitemversion-restore.md
POST /drives/{drive-id}/items/{item-id}/versions/{version-id}/restoreVersion
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Educationclass Delete Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/educationclass-delete-members.md
DELETE https://graph.microsoft.com/v1.0/education/classes/{class-id}/members/{me
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Educationclass Delete Teachers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/educationclass-delete-teachers.md
DELETE https://graph.microsoft.com/v1.0/education/classes/{class-id}/teachers/{t
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Educationschool Delete Classes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/educationschool-delete-classes.md
DELETE https://graph.microsoft.com/v1.0/education/schools/{school-id}/classes/{c
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Educationschool Delete Users https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/educationschool-delete-users.md
DELETE https://graph.microsoft.com/v1.0/education/schools/{school-id}/users/{use
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Emailauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/emailauthenticationmethodconfiguration-delete.md
DELETE https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/aut
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Emailauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/emailauthenticationmethodconfiguration-get.md
GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/ema
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Emailauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/emailauthenticationmethodconfiguration-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Entitlementmanagement List Assignmentrequests https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/entitlementmanagement-list-assignmentrequests.md
Content-Type: application/json
"state": "delivered", "status": "Delivered", "createdDateTime": "2019-10-25T22:55:11.623Z",
- "completedDate": "2019-10-26T22:55:11.623Z",
+ "completedDateTime": "2019-10-26T22:55:11.623Z",
"schedule": { "@odata.type": "microsoft.graph.entitlementManagementSchedule" }
v1.0 Extensionproperty Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/extensionproperty-delete.md
+
+ Title: "Delete extensionProperty"
+description: "Delete an extensionProperty."
+ms.localizationpriority: medium
+++
+# Delete extensionProperty
+
+Namespace: microsoft.graph
+
+Delete an [extensionProperty](../resources/extensionproperty.md).
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Application.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Application.ReadWrite.All |
+|Application | Application.ReadWrite.OwnedBy, Application.ReadWrite.All |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+DELETE /applications/{id}/extensionProperties/{id}
+```
+
+## Request headers
+
+| Name | Description|
+|:--|:-|
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_extensionproperty"
+}-->
+
+```http
+DELETE https://graph.microsoft.com/v1.0/applications/fd918e4b-c821-4efb-b50a-5eddd23afc6f/extensionProperties/
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Delete extensionProperty",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
+
v1.0 Extensionproperty Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/extensionproperty-get.md
+
+ Title: "Get extensionProperty"
+description: "Read an extensionProperty object."
+
+ms.localizationpriority: medium
++
+# Get extensionProperty
+Namespace: microsoft.graph
+
+Read an [extensionProperty](../resources/extensionproperty.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Application.Read.All, Directory.Read.All, Application.ReadWrite.All |
+|Delegated (personal Microsoft account) | Application.Read.All, Application.ReadWrite.All |
+|Application | Application.Read.All, Application.ReadWrite.OwnedBy, Application.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /applications/{applicationsId}/extensionProperties/{extensionPropertyId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [extensionProperty](../resources/extensionproperty.md) object in the response body.
+
+## Examples
+
+### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_extensionproperty"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/applications/fd918e4b-c821-4efb-b50a-5eddd23afc6f/extensionProperties/1f0f15e3-925d-40f0-8fc8-9d3ad135bce0
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+++++
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.extensionProperty"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#applications('fd918e4b-c821-4efb-b50a-5eddd23afc6f')/extensionProperties/$entity",
+ "id": "1f0f15e3-925d-40f0-8fc8-9d3ad135bce0",
+ "deletedDateTime": null,
+ "appDisplayName": "b2c-extensions-app. Do not modify. Used by AADB2C for storing user data.",
+ "dataType": "String",
+ "isSyncedFromOnPremises": false,
+ "name": "extension_25883231668a43a780b25685c3f874bc_cpiminternal_useAccountEnabledForPhone",
+ "targetObjects": [
+ "User"
+ ]
+}
+```
+
v1.0 Externalconnectors Connectionoperation Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-connectionoperation-get.md
GET https://graph.microsoft.com/v1.0/external/connections/contosohr/operations/3
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalconnection Post Groups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalconnection-post-groups.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalgroup Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalgroup-delete.md
DELETE https://graph.microsoft.com/v1.0/external/connections/contosohr/groups/31
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalgroup Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalgroup-get.md
GET https://graph.microsoft.com/v1.0/external/connections/contosohr/groups/31bea
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalgroup Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalgroup-post-members.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalgroup Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalgroup-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalitem Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalitem-create.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/objc/create-externalitem-from-externalconnections-objc-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalitem Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalitem-delete.md
DELETE https://graph.microsoft.com/v1.0/external/connections/contosohr/items/TSP
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Externalitem Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalitem-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Identity Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-identity-delete.md
DELETE https://graph.microsoft.com/v1.0/external/connections/contosohr/groups/31
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Schema Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-schema-create.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Externalconnectors Schema Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-schema-get.md
GET https://graph.microsoft.com/v1.0/external/connections/contosohr/schema
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Fido2authenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethodconfiguration-delete.md
DELETE https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/aut
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Fido2authenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethodconfiguration-get.md
GET https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authen
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Fido2authenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethodconfiguration-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Group Assignlicense https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-assignlicense.md
In the request body, provide a JSON object with the following parameters.
| Parameter | Type |Description| |:|:--|:-| |addLicenses|[assignedLicense](../resources/assignedlicense.md) collection|A collection of [assignedLicense](../resources/assignedlicense.md) objects that specify the licenses to add. You can disable servicePlans associated with a license by setting the **disabledPlans** property on an [assignedLicense](../resources/assignedlicense.md) object.|
-|removeLicenses|GUID collection|A collection of skuIds that identify the licenses to remove.|
+|removeLicenses|Guid collection|A collection of skuIds that identify the licenses to remove.|
## Response
v1.0 Group Delete Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-delete-members.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | GroupMember.ReadWrite.All, Group.ReadWrite.All, Directory.ReadWrite.All |
+> [!IMPORTANT]
+> To remove members from a role-assignable group, the calling user or app must also be assigned the *RoleManagement.ReadWrite.Directory* permission.
+ ## HTTP request <!-- { "blockType": "ignored" } --> ```http
v1.0 Group Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-get.md
Get the properties and relationships of a group object.
This operation returns by default only a subset of all the available properties, as noted in the [Properties](../resources/group.md#properties) section. To get properties that are _not_ returned by default, specify them in a `$select` OData query option. The **hasMembersWithLicenseErrors** property is an exception and is not returned in the `$select` query.
+>**Note:** This request might have replication delays for groups that were recently created, updated, or deleted.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Return all default properties.
The following is an example of a GET request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "sampleKeys": ["b320ee12-b1cd-4cca-b648-a437be61c5cd"],
The following is an example of a GET request.
```msgraph-interactive GET https://graph.microsoft.com/v1.0/groups/b320ee12-b1cd-4cca-b648-a437be61c5cd ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
--- #### Response The following is an example of the response. It includes only the default properties.
v1.0 Group List Settings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-list-settings.md
+
+ Title: "List settings"
+description: "Retrieve a list of group setting objects."
+
+ms.localizationpriority: medium
++
+# List settings
+
+Namespace: microsoft.graph
+
+Retrieve a list of tenant-level or group-specific group settings objects.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+### List tenant-wide settings
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Directory.Read.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Directory.Read.All, Directory.ReadWrite.All |
+
+### List group-specific settings
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Group.Read.All, Group.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Group.Read.All, Group.ReadWrite.All |
++
+## HTTP request
+<!-- { "blockType": "ignored" } -->
+
+List tenant-wide settings.
+
+```http
+GET /groupSettings
+```
+
+<!-- { "blockType": "ignored" } -->
+List group-specific settings
+```http
+GET /groups/{groupId}/settings
+```
+
+## Optional query parameters
+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.
+
+## Request headers
+| Name | Description |
+|:-|:-|
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and collection of [groupSetting](../resources/groupsetting.md) objects in the response body.
+
+## Examples
+
+### Example: Retrieve the tenant-level group settings
+
+#### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_groupsettings"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/groupSettings
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++
+#### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.groupSetting",
+ "isCollection": true
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groupSettings",
+ "value": [
+ {
+ "id": "f0b2d6f5-097d-4177-91af-a24e530b53cc",
+ "displayName": "Group.Unified",
+ "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
+ "values": [
+ {
+ "name": "EnableMIPLabels",
+ "value": "true"
+ },
+ {
+ "name": "CustomBlockedWordsList",
+ "value": ""
+ },
+ {
+ "name": "EnableMSStandardBlockedWords",
+ "value": "true"
+ },
+ {
+ "name": "ClassificationDescriptions",
+ "value": ""
+ },
+ {
+ "name": "DefaultClassification",
+ "value": ""
+ },
+ {
+ "name": "PrefixSuffixNamingRequirement",
+ "value": "[Contoso-][GroupName]"
+ },
+ {
+ "name": "AllowGuestsToBeGroupOwner",
+ "value": "false"
+ },
+ {
+ "name": "AllowGuestsToAccessGroups",
+ "value": "true"
+ },
+ {
+ "name": "GuestUsageGuidelinesUrl",
+ "value": "https://privacy.contoso.com/privacystatement"
+ },
+ {
+ "name": "GroupCreationAllowedGroupId",
+ "value": ""
+ },
+ {
+ "name": "AllowToAddGuests",
+ "value": "true"
+ },
+ {
+ "name": "UsageGuidelinesUrl",
+ "value": ""
+ },
+ {
+ "name": "ClassificationList",
+ "value": ""
+ },
+ {
+ "name": "EnableGroupCreation",
+ "value": "true"
+ }
+ ]
+ }
+ ]
+}
+```
+
+### Example 2: Retrieve the group settings for a specific group
+
+#### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_groupsettings_for_a_group"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/groups/05aa6a98-956a-45c0-b13b-88076a23f2cd/settings
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++++
+#### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.groupSetting"
+} -->
+```http
+HTTP/1.1 201 Created
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groupSettings",
+ "value": [
+ {
+ "id": "a06fa228-3042-4662-bd09-33e298da1afe",
+ "displayName": "Group.Unified.Guest",
+ "templateId": "08d542b9-071f-4e16-94b0-74abb372e3d9",
+ "values": [
+ {
+ "name": "AllowToAddGuests",
+ "value": "false"
+ }
+ ]
+ }
+ ]
+}
+```
+
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "List groupSettings",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}-->
+
v1.0 Group List Transitivemembers https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-list-transitivemembers.md
ConsistencyLevel: eventual
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
ConsistencyLevel: eventual
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Group List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-list.md
List all the groups in an organization, including but not limited to Microsoft 3
This operation returns by default only a subset of the properties for each group. These default properties are noted in the [Properties](../resources/group.md#properties) section. To get properties that are _not_ returned by default, do a [GET](group-get.md) operation for the group and specify the properties in a `$select` OData query option. The **hasMembersWithLicenseErrors** property is an exception and is not returned in the `$select` query.
+>**Note:** This request might have replication delays for groups that were recently created, updated, or deleted.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Content-type: application/json
} ``` +
+### Example 7: List any groups with any licenses
+
+#### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_groups_with_licenses"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/groups?$select=id,assignedLicenses&$filter=assignedLicenses/any()
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
++++
+#### Response
+
+The following is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.group",
+ "isCollection": true
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groups(id,assignedLicenses)",
+ "value": [
+ {
+ "id": "5caf712c-8483-4b3d-8384-d8da988c0ca4",
+ "assignedLicenses": [
+ {
+ "disabledPlans": [],
+ "skuId": "6fd2c87f-b296-42f0-b197-1e91e994b900"
+ }
+ ]
+ },
+ {
+ "id": "aae8ec2a-5a08-4013-ae70-fafbb5c20de1",
+ "assignedLicenses": [
+ {
+ "disabledPlans": [
+ "7547a3fe-08ee-4ccb-b430-5077c5041653"
+ ],
+ "skuId": "18181a46-0d4e-45cd-891e-60aabd171b4e"
+ }
+ ]
+ },
+ {
+ "id": "e55bdaa0-e104-479a-979e-b0457fff6380",
+ "assignedLicenses": [
+ {
+ "disabledPlans": [
+ "7547a3fe-08ee-4ccb-b430-5077c5041653"
+ ],
+ "skuId": "6fd2c87f-b296-42f0-b197-1e91e994b900"
+ }
+ ]
+ }
+ ]
+}
+```
++ <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!-- {
v1.0 Group Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-post-members.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | GroupMember.ReadWrite.All, Group.ReadWrite.All and Directory.ReadWrite.All |
+> [!IMPORTANT]
+> To add members to a role-assignable group, the calling user or app must also be assigned the *RoleManagement.ReadWrite.Directory* permission.
+ ## HTTP request <!-- { "blockType": "ignored" } --> ```http
v1.0 Group Post Settings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-post-settings.md
+
+ Title: "Create settings"
+description: "Create a new setting, based on the templates available in groupSettingTemplates."
+ms.localizationpriority: medium
+++
+# Create settings
+
+Namespace: microsoft.graph
+
+Create a new setting based on the templates available in [groupSettingTemplates](../resources/groupsettingtemplate.md). These settings can be at the tenant-level or at the group level.
+
+Group settings apply to only Microsoft 365 groups. The template named `Group.Unified` can be used to configure tenant-wide Microsoft 365 group settings, while the template named `Group.Unified.Guest` can be used to configure group-specific settings.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
++
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Directory.ReadWrite.All, Directory.AccessAsUser.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Directory.ReadWrite.All |
+
+## HTTP request
+
+Create a tenant-wide setting.
+<!-- { "blockType": "ignored" } -->
+```http
+POST /groupSettings
+```
+
+Create a group-specific setting.
+<!-- { "blockType": "ignored" } -->
+```http
+POST /groups/{id}/settings
+```
+
+## Request headers
+
+| Name | Description |
+|:|:-|
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json |
+
+## Request body
+In the request body, supply a JSON representation of [groupSetting](../resources/groupsetting.md) object. The display name, templateId, and description are inherited from the referenced [groupSettingTemplates](../resources/groupsettingtemplate.md) object. Only the value property can be changed from the default value.
+
+The following properties are required when creating the [groupSetting](../resources/groupsetting.md) object.
+
+| Parameter | Type |Description|
+|:|:--|:-|
+|templateId|String| Unique identifier for the tenant-level [groupSettingTemplates](../resources/groupsettingtemplate.md) object used to create this group-level settings object. Read-only. |
+|values|[settingValue](../resources/settingvalue.md) collection| Collection of name-value pairs corresponding to the **name** and **defaultValue** properties in the referenced [groupSettingTemplates](../resources/groupsettingtemplate.md) object.|
+
+## Response
+
+If successful, this method returns `201 Created` response code and [groupSetting](../resources/groupsetting.md) object in the response body.
+
+## Example 1: Create a new setting for all Microsoft 365 groups in the tenant
+
+### Request
+
+Only the [groupSettingTemplates](../resources/groupsettingtemplate.md) object named `Group.Unified` can be applied to all Microsoft 365 groups at the tenant-level.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_groupsetting_from_groupsettings"
+}-->
+```http
+POST https://graph.microsoft.com/v1.0/groupSettings
+Content-type: application/json
+
+{
+ "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
+ "values": [
+ {
+ "name": "GuestUsageGuidelinesUrl",
+ "value": "https://privacy.contoso.com/privacystatement"
+ },
+ {
+ "name": "EnableMSStandardBlockedWords",
+ "value": "true"
+ },
+ {
+ "name": "EnableMIPLabels",
+ "value": "true"
+ },
+ {
+ "name": "PrefixSuffixNamingRequirement",
+ "value": "[Contoso-][GroupName]"
+ }
+ ]
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++
+### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.groupSetting"
+} -->
+```http
+HTTP/1.1 201 Created
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groupSettings/$entity",
+ "id": "844d252c-4de2-43eb-a784-96df77231aae",
+ "displayName": null,
+ "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
+ "values": [
+ {
+ "name": "GuestUsageGuidelinesUrl",
+ "value": "https://privacy.contoso.com/privacystatement"
+ },
+ {
+ "name": "EnableMSStandardBlockedWords",
+ "value": "true"
+ },
+ {
+ "name": "EnableMIPLabels",
+ "value": "true"
+ },
+ {
+ "name": "PrefixSuffixNamingRequirement",
+ "value": "[Contoso-][GroupName]"
+ }
+ ]
+}
+```
+
+The **displayName** property and other name-value pairs will be populated with the default values from the [groupSettingTemplates](../resources/groupsettingtemplate.md) object that matches the **templateId**.
+
+## Example 2: Create a setting to block guests for a specific Microsoft 365 group
+
+### Request
+
+Only the [groupSettingTemplates](../resources/groupsettingtemplate.md) object named `Group.Unified.Guest` can be applied to specific Microsoft 365 groups.
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_groupsetting_from_groupsettings_for_guests"
+}-->
+```http
+POST https://graph.microsoft.com/v1.0/groups/055a5d18-a3a9-4338-b9c5-de92559b7ebf/settings
+Content-type: application/json
+
+{
+ "templateId": "08d542b9-071f-4e16-94b0-74abb372e3d9",
+ "values": [
+ {
+ "name": "AllowToAddGuests",
+ "value": "false"
+ }
+ ]
+}
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
++++
+In the request body, supply a JSON representation of [groupSetting](../resources/groupsetting.md) object.
+
+### Response
+
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.groupSetting"
+} -->
+```http
+HTTP/1.1 201 Created
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groupSettings/$entity",
+ "id": "a06fa228-3042-4662-bd09-33e298da1afe",
+ "displayName": null,
+ "templateId": "08d542b9-071f-4e16-94b0-74abb372e3d9",
+ "values": [
+ {
+ "name": "AllowToAddGuests",
+ "value": "false"
+ }
+ ]
+}
+```
+
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Create groupsetting",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}-->
+
v1.0 Groupsetting Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/groupsetting-delete.md
doc_type: apiPageType
Namespace: microsoft.graph
-Delete a group setting.
+Delete a tenant-level or group-specific [groupSetting](../resources/groupsetting.md) object.
## Permissions
One of the following permissions is required to call this API. To learn more, in
## HTTP request <!-- { "blockType": "ignored" } -->
+Delete a tenant-wide setting.
```http
-DELETE /groupSettings/{id}
-DELETE /groups/{id}/settings/{id}
+DELETE /groupSettings/{groupSettingId}
+```
+<!-- { "blockType": "ignored" } -->
+Delete a group-specific setting.
+```http
+DELETE /groups/{groupId}/settings/{groupSettingId}
``` ## Request headers
Do not supply a request body for this method.
If successful, this method returns `204 No Content` response code. It does not return anything in the response body. ## Example
-##### Request
+
+### Request
+
+In this example, you delete the tenant-level group setting object.
# [HTTP](#tab/http) <!-- { "blockType": "request", "name": "delete_groupsetting" }-->
-```http
+```msgraph-interactive
DELETE https://graph.microsoft.com/v1.0/groupSettings/{id} ``` # [C#](#tab/csharp)
DELETE https://graph.microsoft.com/v1.0/groupSettings/{id}
-##### Response
+### Response
<!-- { "blockType": "response", "truncated": true
v1.0 Groupsetting Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/groupsetting-get.md
Title: "Get a group setting"
+ Title: "Get groupSetting"
description: "Retrieve the properties of a specific of group setting object." ms.localizationpriority: medium
ms.prod: "groups"
doc_type: apiPageType
-# Get a group setting
+# Get groupSetting
Namespace: microsoft.graph
-Retrieve the properties of a specific of group setting object.
+Retrieve the properties of a specific group setting object. The setting can be a tenant-level or group-specific setting.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+### List tenant-wide settings
+ |Permission type | Permissions (from least to most privileged) | |:--|:| |Delegated (work or school account) | Directory.Read.All, Directory.ReadWrite.All, Directory.AccessAsUser.All | |Delegated (personal Microsoft account) | Not supported. | |Application | Directory.Read.All, Directory.ReadWrite.All |
+### List group-specific settings
+
+|Permission type | Permissions (from least to most privileged) |
+|:--|:|
+|Delegated (work or school account) | Group.Read.All, Group.ReadWrite.All |
+|Delegated (personal Microsoft account) | Not supported. |
+|Application | Group.Read.All, Group.ReadWrite.All |
++ ## HTTP request+ <!-- { "blockType": "ignored" } -->
-Get a specific tenant-wide or group setting.
+Get a tenant-wide setting.
```http
-GET /groupSettings/{id}
-GET /groups/{id}/settings/{id}
+GET /groupSettings/{groupSettingId}
```
-## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
-> Note: $filter is not supported.
+<!-- { "blockType": "ignored" } -->
+Get a group-specific setting.
+```http
+GET /groups/{groupId}/settings/{groupSettingId}
+```
+
+## Optional query parameters
+This method supports the `$select` [OData query parameter](/graph/query-parameters) to help customize the response.
## Request headers | Name | Description |
Do not supply a request body for this method.
If successful, this method returns a `200 OK` response code and [groupSetting](../resources/groupsetting.md) object in the response body.
-## Example
-##### Request
+## Examples
+
+### Example 1: Get a group setting for a specific group
+
+#### Request
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_groupsetting"
+ "name": "get_groupsettings"
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/groupSettings/{id}
+GET https://graph.microsoft.com/v1.0/groups/05aa6a98-956a-45c0-b13b-88076a23f2cd/settings/a06fa228-3042-4662-bd09-33e298da1afe
``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Objective-C](#tab/objc) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-##### Response
+#### Response
-Note: The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
HTTP/1.1 200 OK
Content-type: application/json {
- "displayName": "displayName-value",
- "templateId": "templateId-value",
- "values": [
- {
- "name": "name-value",
- "value": "value-value"
- }
- ],
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groupSettings/$entity",
+ "id": "a06fa228-3042-4662-bd09-33e298da1afe",
+ "displayName": "Group.Unified.Guest",
+ "templateId": "08d542b9-071f-4e16-94b0-74abb372e3d9",
+ "values": [
+ {
+ "name": "AllowToAddGuests",
+ "value": "false"
+ }
+ ]
} ```
+### Example 2: Get the group settings for all Microsoft 365 groups
+
+#### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_groupsettings_tenantwide"
+}-->
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/groupSettings/84af2ca5-c274-41bf-86e4-6e374ec4def6
+```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
++++
+#### Response
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.groupSetting"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groupSettings/$entity",
+ "id": "84af2ca5-c274-41bf-86e4-6e374ec4def6",
+ "displayName": "Group.Unified",
+ "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
+ "values": [
+ {
+ "name": "EnableMIPLabels",
+ "value": "true"
+ },
+ {
+ "name": "CustomBlockedWordsList",
+ "value": ""
+ },
+ {
+ "name": "EnableMSStandardBlockedWords",
+ "value": "true"
+ },
+ {
+ "name": "ClassificationDescriptions",
+ "value": ""
+ },
+ {
+ "name": "DefaultClassification",
+ "value": ""
+ },
+ {
+ "name": "PrefixSuffixNamingRequirement",
+ "value": "[Contoso-][GroupName]"
+ },
+ {
+ "name": "AllowGuestsToBeGroupOwner",
+ "value": "false"
+ },
+ {
+ "name": "AllowGuestsToAccessGroups",
+ "value": "true"
+ },
+ {
+ "name": "GuestUsageGuidelinesUrl",
+ "value": "https://privacy.contoso.com/privacystatement"
+ },
+ {
+ "name": "GroupCreationAllowedGroupId",
+ "value": ""
+ },
+ {
+ "name": "AllowToAddGuests",
+ "value": "true"
+ },
+ {
+ "name": "UsageGuidelinesUrl",
+ "value": ""
+ },
+ {
+ "name": "ClassificationList",
+ "value": ""
+ },
+ {
+ "name": "EnableGroupCreation",
+ "value": "true"
+ }
+ ]
+}
+```
<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79 2015-10-25 14:57:30 UTC --> <!-- {
v1.0 Groupsetting List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/groupsetting-list.md
- Title: "List group settings"
-description: "Retrieve a list of group setting objects."
-
-doc_type: apiPageType
--
-# List group settings
-
-Namespace: microsoft.graph
-
-Retrieve a list of group setting objects.
-
-## Permissions
-
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.Read.All, Directory.ReadWrite.All, Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Directory.Read.All, Directory.ReadWrite.All |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-
-List tenant-wide or group settings.
-
-```http
-GET /groupSettings
-GET groups/{id}/settings
-```
-## Optional query parameters
-This method supports the [OData query parameters](/graph/query-parameters) to help customize the response.
-
->**Note:** $filter is not supported.
-
-## Request headers
-| Name | Description |
-|:-|:-|
-| Authorization | Bearer {token}. Required. |
-
-## Request body
-Do not supply a request body for this method.
-
-## Response
-
-If successful, this method returns a `200 OK` response code and collection of [groupSetting](../resources/groupsetting.md) objects in the response body.
-## Example
-
-### Request
--
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "get_groupsettings"
-}-->
-```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/groupSettings
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
---
-### Response
-
-Note: The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.groupSetting",
- "isCollection": true
-} -->
-```http
-HTTP/1.1 200 OK
-Content-type: application/json
-
-{
- "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groupSettings",
- "value": [
- {
- "id": "f0b2d6f5-097d-4177-91af-a24e530b53cc",
- "displayName": "Group.Unified",
- "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
- "values": [
- {
- "name": "EnableMIPLabels",
- "value": "true"
- },
- {
- "name": "CustomBlockedWordsList",
- "value": ""
- },
- {
- "name": "EnableMSStandardBlockedWords",
- "value": "true"
- },
- {
- "name": "ClassificationDescriptions",
- "value": ""
- },
- {
- "name": "DefaultClassification",
- "value": ""
- },
- {
- "name": "PrefixSuffixNamingRequirement",
- "value": "[Contoso-][GroupName]"
- },
- {
- "name": "AllowGuestsToBeGroupOwner",
- "value": "false"
- },
- {
- "name": "AllowGuestsToAccessGroups",
- "value": "true"
- },
- {
- "name": "GuestUsageGuidelinesUrl",
- "value": "https://privacy.contoso.com/privacystatement"
- },
- {
- "name": "GroupCreationAllowedGroupId",
- "value": ""
- },
- {
- "name": "AllowToAddGuests",
- "value": "true"
- },
- {
- "name": "UsageGuidelinesUrl",
- "value": ""
- },
- {
- "name": "ClassificationList",
- "value": ""
- },
- {
- "name": "EnableGroupCreation",
- "value": "true"
- }
- ]
- }
- ]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!-- {
- "type": "#page.annotation",
- "description": "List groupSettings",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}-->
-
v1.0 Groupsetting Post Groupsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/groupsetting-post-groupsettings.md
- Title: "Create a group setting"
-description: "Create a new setting, based on the templates available in groupSettingTemplates."
-
-doc_type: apiPageType
--
-# Create a group setting
-
-Namespace: microsoft.graph
-
-Use this API to create a new setting, based on the templates available in [groupSettingTemplates](../resources/groupsettingtemplate.md). These settings can be at the tenant-level or at the group level. The creation request must provide [settingValues](../resources/settingvalue.md) for all the settings defined in the template. For group-specific settings, only the setting governing whether members of a group can invite guest users can be set. This will govern this behavior once the ability to add guest users to a group is generally available. For beta endpoints, use [directorySettingTemplates](/graph/api/resources/directorysettingtemplate?view=graph-rest-beta&preserve-view=true).
-
-## Permissions
-
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
--
-|Permission type | Permissions (from least to most privileged) |
-|:--|:|
-|Delegated (work or school account) | Directory.ReadWrite.All, Directory.AccessAsUser.All |
-|Delegated (personal Microsoft account) | Not supported. |
-|Application | Directory.ReadWrite.All |
-
-## HTTP request
-<!-- { "blockType": "ignored" } -->
-```http
-POST /groupSettings
-POST /groups/{id}/settings
-```
-
-## Request headers
-
-| Name | Description |
-|:|:-|
-| Authorization | Bearer {token}. Required. |
-| Content-Type | application/json |
-
-## Request body
-In the request body, supply a JSON representation of [groupSetting](../resources/groupsetting.md) object. However, the display name for the setting will be set based on the referenced settings template name.
-
-## Response
-
-If successful, this method returns `201 Created` response code and [groupSetting](../resources/groupsetting.md) object in the response body.
-
-## Example 1: Create a new setting for all Microsoft 365 groups in the tenant
-
-### Request
--
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "create_groupsetting_from_groupsettings"
-}-->
-```http
-POST https://graph.microsoft.com/v1.0/groupSettings
-Content-type: application/json
-
-{
- "displayName": "Group.Unified",
- "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
- "values": [
- {
- "name": "GuestUsageGuidelinesUrl",
- "value": "https://privacy.contoso.com/privacystatement"
- },
- {
- "name": "EnableMSStandardBlockedWords",
- "value": "true"
- },
- {
- "name": "EnableMIPLabels",
- "value": "true"
- },
- {
- "name": "PrefixSuffixNamingRequirement",
- "value": "[Contoso-][GroupName]"
- }
- ]
-}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
----
-In the request body, supply a JSON representation of [groupSetting](../resources/groupsetting.md) object.
-
-### Response
-
->**Note:** The response object shown here might be shortened for readability.
-
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.groupSetting"
-} -->
-```http
-HTTP/1.1 201 Created
-Content-type: application/json
-
-{
- "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groupSettings/$entity",
- "id": "b11b99c5-f0a3-4c32-a250-548cf11cae1c",
- "displayName": "Group.Unified",
- "templateId": "62375ab9-6b52-47ed-826b-58e47e0e304b",
- "values": [
- {
- "name": "GuestUsageGuidelinesUrl",
- "value": "https://privacy.contoso.com/privacystatement"
- },
- {
- "name": "EnableMSStandardBlockedWords",
- "value": "true"
- },
- {
- "name": "EnableMIPLabels",
- "value": "true"
- },
- {
- "name": "PrefixSuffixNamingRequirement",
- "value": "[Contoso-][GroupName]"
- }
- ]
-}
-```
-
-## Example 2: Create a setting to block guests for a specific Microsoft 365 group
-
-### Request
--
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "create_groupsetting_from_groupsettings_for_guests"
-}-->
-```http
-POST https://graph.microsoft.com/v1.0/groups/055a5d18-a3a9-4338-b9c5-de92559b7ebf/settings
-Content-type: application/json
-
-{
- "displayName": "Group.Unified.Guest",
- "templateId": "08d542b9-071f-4e16-94b0-74abb372e3d9",
- "values": [
- {
- "name": "AllowToAddGuests",
- "value": "false"
- }
- ]
-}
-```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Objective-C](#tab/objc)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
----
-In the request body, supply a JSON representation of [groupSetting](../resources/groupsetting.md) object.
-
-### Response
-
->**Note:** The response object shown here might be shortened for readability.
-<!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.groupSetting"
-} -->
-```http
-HTTP/1.1 201 Created
-Content-type: application/json
-
-{
- "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groupSettings/$entity",
- "id": "2a0248a2-fde9-4a80-a53e-c0141f68e03d",
- "displayName": "Group.Unified.Guest",
- "templateId": "08d542b9-071f-4e16-94b0-74abb372e3d9",
- "values": [
- {
- "name": "AllowToAddGuests",
- "value": "false"
- }
- ]
-}
-```
-
-<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
-2015-10-25 14:57:30 UTC -->
-<!-- {
- "type": "#page.annotation",
- "description": "Create groupsetting",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": [
- ]
-}-->
-
v1.0 Groupsetting Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/groupsetting-update.md
Title: "Update a group setting"
+ Title: "Update groupSetting"
description: "Update the properties of a specific group setting object." ms.localizationpriority: medium
ms.prod: "groups"
doc_type: apiPageType
-# Update a group setting
+# Update groupSetting
Namespace: microsoft.graph
One of the following permissions is required to call this API. To learn more, in
|Application | Directory.ReadWrite.All | ## HTTP request
-<!-- { "blockType": "ignored" } -->
-
+<!-- { "blockType": "ignored" } -->
+Update a tenant-wide setting.
+```http
+PATCH /groupSettings/{groupSettingId}
+```
+<!-- { "blockType": "ignored" } -->
+Update a group-specific setting.
```http
-PATCH /groupSettings/{id}
-PATCH /groups/{id}/settings/{id}
+PATCH /groups/{groupId}/settings/{groupSettingId}
```+ ## Request headers | Name | Description | |:--|:--|
If successful, this method returns a `204 No Content` response code.
### Example 1: Update a tenant-wide group setting
-In this example, `{id}` is the identifier of the tenant-wide groupSetting object.
+In this example, `84af2ca5-c274-41bf-86e4-6e374ec4def6` is the identifier of the tenant-wide **groupSetting** object.
#### Request
In this example, `{id}` is the identifier of the tenant-wide groupSetting object
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "update_tenant_setting"
+ "name": "update_tenant_groupsetting"
}-->
-```http
-PATCH https://graph.microsoft.com/v1.0/groupSettings/f0b2d6f5-097d-4177-91af-a24e530b53cc
+```msgraph-interactive
+PATCH https://graph.microsoft.com/v1.0/groupSettings/84af2ca5-c274-41bf-86e4-6e374ec4def6
Content-type: application/json {
- "values": [
- {
- "name": "AllowToAddGuests",
- "value": "false"
- }
- ]
+ "values": [
+ {
+ "name": "AllowToAddGuests",
+ "value": "false"
+ }
+ ]
} ``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Objective-C](#tab/objc) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
HTTP/1.1 204 No Content
### Example 2: Update a specific group setting
-In this example, the first `{id}` in the request is the identifier of the group, and the second `{id}` is the identifier of the groupSetting object.
+In this example, `0167b5af-f3d1-4910-82d2-398747fa381c` is the identifier of the group, and `fa6df613-159b-4f94-add2-7093f961900b` is the identifier of the groupSetting object.
#### Request -- # [HTTP](#tab/http) <!-- { "blockType": "request", "name": "update_groupsetting" }-->
-```http
+```msgraph-interactive
PATCH https://graph.microsoft.com/v1.0/groups/0167b5af-f3d1-4910-82d2-398747fa381c/settings/fa6df613-159b-4f94-add2-7093f961900b Content-type: application/json
v1.0 Identityapiconnector Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/identityapiconnector-create.md
Content-Type: application/json
{ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#identity/apiConnectors/$entity",
- "id":"guid",
+ "id":"45715bb8-13f9-4bf6-927f-ef96c102d394",
"displayName": "Test API", "targetUrl": "https://someapi.com/api", "authenticationConfiguration": {
Content-Type: application/json
{ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#identity/apiConnectors/$entity",
- "id":"guid",
+ "id":"45715bb8-13f9-4bf6-927f-ef96c102d394",
"displayName": "Test API", "targetUrl": "https://someotherapi.com/api", "authenticationConfiguration": {
v1.0 Identityapiconnector Uploadclientcertificate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/identityapiconnector-uploadclientcertificate.md
Content-type: application/json
{ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#identity/apiConnectors/$entity",
- "id": "guid",
+ "id": "45715bb8-13f9-4bf6-927f-ef96c102d394",
"displayName": "My API connector", "targetUrl": "https://api.contoso.com/endpoint", "authenticationConfiguration": {
v1.0 Itemanalytics Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/itemanalytics-get.md
For a custom time range or interval, use the [getActivitiesByInterval][] API.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-|Permission type | Permissions (from least to most privileged)
-|:--|:-
-|Delegated (work or school account) | Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All
-|Delegated (personal Microsoft account) | Not supported.
-|Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All
+|Permission type | Permissions (from least to most privileged)|
+|:--|:-|
+|Delegated (work or school account) | Files.Read, Files.ReadWrite, Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All|
+|Delegated (personal Microsoft account) | Not supported.|
+|Application | Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All|
## HTTP request <!-- { "blockType": "ignored" } --> ```http
-GET /drives/{drive-id}/items/{item-id}/analytics
-GET /sites/{site-id}/analytics
-GET /sites/{site-id}/lists/{list-id}/items/{item-id}/analytics
+GET /drives/{drive-id}/items/{item-id}/analytics/allTime
+GET /sites/{site-id}/analytics/allTime
+GET /sites/{site-id}/lists/{list-id}/items/{item-id}/analytics/allTime
+GET /drives/{drive-id}/items/{item-id}/analytics/lastSevenDays
+GET /sites/{site-id}/analytics/lastSevenDays
+GET /sites/{site-id}/lists/{list-id}/items/{item-id}/analytics/lastSevenDays
``` ## Optional query parameters This method supports the [OData query parameters](/graph/query-parameters) to help customize the response.
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and a collection of [itemAnalytics][] object in the response body.
+If successful, this method returns a `200 OK` response code and a collection of [itemAnalytics][] objects in the response body.
## Example ### Request
+The following is an example of a request.
# [HTTP](#tab/http) <!-- { "blockType": "request", "name": "get-analytics" } --> ```msgraph-interactive
-GET /drives/{drive-id}/items/{item-id}/analytics
+GET /drives/{drive-id}/items/{item-id}/analytics/allTime
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/get-analytics-csharp-snippets.md)]
GET /drives/{drive-id}/items/{item-id}/analytics
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "@type": "microsoft.graph.itemAnalytics", "truncated": true } --> ```http
Content-type: application/json
"actionCount": 123, "actorCount": 89 }
- },
- "lastSevenDays": {
- "access": {
- "actionCount": 52,
- "actorCount": 41
- }
} } ```
v1.0 List Create https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/list-create.md
Previously updated : 09/11/2017 Title: Create a SharePoint List ms.localizationpriority: medium ms.prod: "sharepoint"
One of the following permissions is required to call this API. To learn more, in
POST https://graph.microsoft.com/v1.0/sites/{site-id}/lists ```
+## Request headers
+
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+ ## Request body
-In the request body, supply a JSON representation of the [list][] resource to create.
+In the request body, supply a JSON representation of a [list][] object.
+
+## Response
+
+If successful, this method returns a `201 Created` response code and a [list][] object in the response body.
+
+## Examples
-## Example
+### Request
-Here is an example of how to create a new generic list.
+The following is an example of how to create a new generic list.
+
+> **Note:** Custom columns are optional.
+
+In addition to any columns specified here, new lists are created with columns defined in the referenced **template**.
+If the **list** facet or **template** is unspecified, the list defaults to the `genericList` template, which includes a _Title_ column.
# [HTTP](#tab/http)
Content-Type: application/json
-**Note:** Custom columns are optional.
-
-In addition to any columns specified here, new lists are created with columns defined in the referenced **template**.
-If the **list** facet or **template** is unspecified, the list defaults to the `genericList` template, which includes a _Title_ column.
- ## Response
-If successful, this method returns a [list][] in the response body for the created list.
+The following is an example of the response.
+
+> **Note:** The response object is truncated for clarity. Default properties will be returned from the actual call.
<!-- { "blockType": "response", "@odata.type": "microsoft.graph.list", "truncated": true } -->
Content-type: application/json
} ```
-**Note:** The response object is truncated for clarity.
-Default properties will be returned from the actual call.
[list]: ../resources/list.md [site]: ../resources/site.md
v1.0 List List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/list-list.md
Get the collection of [lists][] for a [site][].
Lists with the [system][] facet are hidden by default. To list them, include `system` in your `$select` statement.
-[system]: ../resources/systemfacet.md
-[lists]: ../resources/list.md
-[site]: ../resources/site.md
- ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
One of the following permissions is required to call this API. To learn more, in
GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists ```
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [list][] objects in the response body.
+ ## Example ### Request
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request", "name": "enum-lists", "scopes": "sites.read.all", "tags": "service.sharepoint" } -->
GET https://graph.microsoft.com/v1.0/sites/{site-id}/lists
### Response
+The following is an example of the response.
+ <!-- { "blockType": "response", "@type": "microsoft.graph.list", "isCollection": true, "truncated": true } --> ```http
Content-type: application/json
} ```
+[system]: ../resources/systemfacet.md
+[list]: ../resources/list.md
+[lists]: ../resources/list.md
+[site]: ../resources/site.md
+ <!-- { "type": "#page.annotation", "description": "",
v1.0 Listitem Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/listitem-update.md
Title: Update listItem
-description: Update the properties on a **[listItem][]**.
+description: Update the properties on a listItem.
ms.localizationpriority: high ms.prod: "sharepoint" doc_type: apiPageType
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethodconfiguration-delete.md
DELETE https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/aut
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethodconfiguration-get.md
GET https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authen
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethodconfiguration-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Organizationalbranding Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbranding-get.md
GET https://graph.microsoft.com/v1.0/organization/d69179bf-f4a4-41a9-a9de-249c0f
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Organizationalbranding List Localizations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbranding-list-localizations.md
GET https://graph.microsoft.com/v1.0/organization/84841066-274d-4ec0-a5c1-276be6
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Organizationalbranding Post Localizations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbranding-post-localizations.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Organizationalbrandinglocalization Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbrandinglocalization-delete.md
DELETE https://graph.microsoft.com/v1.0/organization/d69179bf-f4a4-41a9-a9de-249
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Organizationalbrandinglocalization Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbrandinglocalization-get.md
GET https://graph.microsoft.com/v1.0/organization/d69179bf-f4a4-41a9-a9de-249c0f
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
GET https://graph.microsoft.com/v1.0/organization/d69179bf-f4a4-41a9-a9de-249c0f
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Organizationalbrandinglocalization Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbrandinglocalization-update.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/objc/update-organizationalbrandinglocalization6-objc-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/objc/update-organizationalbrandinglocalization7-objc-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Outlookuser Post Mastercategories https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/outlookuser-post-mastercategories.md
POST /users/{id|userPrincipalName}/outlook/masterCategories
| Name | Description| |:|:-| | Authorization | Bearer {token}. Required. |-
+|Content-Type|application/json. Required.|
## Request body
-In the request body, supply a JSON representation of [outlookCategory](../resources/outlookcategory.md) object.
+In the request body, supply a JSON representation of an [outlookCategory](../resources/outlookcategory.md) object.
## Response
-If successful, this method returns `201 Created` response code and [outlookCategory](../resources/outlookcategory.md) object in the response body.
+If successful, this method returns a `201 Created` response code and an [outlookCategory](../resources/outlookcategory.md) object in the response body.
## Example
-##### Request
-Here is an example of the request.
+### Request
+The following is an example of a request.
# [HTTP](#tab/http) <!-- {
Content-type: application/json
Content-Length: 70 {
- "displayName":"Project expenses",
- "color":"preset9"
+ "displayName": "Project expenses",
+ "color": "preset9"
} ``` # [C#](#tab/csharp)
Content-Length: 70
-In the request body, supply a JSON representation of [outlookCategory](../resources/outlookcategory.md) object.
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
HTTP/1.1 201 Created
Content-type: application/json {
- "@odata.context":"https://graph.microsoft.com/v1.0/$metadata#users('8ae6f565-0d7f-4ead-853e-7db94c912a1f')/outlook/masterCategories/$entity",
- "id":"bac262b7-485d-4739-b436-e31467d64fac",
- "displayName":"Project expenses",
- "color":"preset9"
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users('8ae6f565-0d7f-4ead-853e-7db94c912a1f')/outlook/masterCategories/$entity",
+ "id": "bac262b7-485d-4739-b436-e31467d64fac",
+ "displayName": "Project expenses",
+ "color": "preset9"
} ```
v1.0 Participant Invite https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/participant-invite.md
Title: "participant: invite" description: "Invite participants to the active call."-+ ms.localizationpriority: medium ms.prod: "cloud-communications" doc_type: apiPageType
Invite participants to the active call.
For more information about how to handle operations, see [commsoperation](../resources/commsoperation.md).
->**Note:** This API is only supported for group calls.
+>**Note:** Inviting multiple participants in one request is only supported for group calls.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
In the request body, provide a JSON object with the following parameters.
|clientContext|String|Unique Client Context string. Max limit is 256 chars.| ## Response
-If succsessful, this method returns a `200 OK` response code and a location header with a URI to the [inviteParticipantsOperation](../resources/inviteparticipantsoperation.md) created for this request.
+If successful, this method returns a `200 OK` response code and a location header with a URI to the [inviteParticipantsOperation](../resources/inviteparticipantsoperation.md) created for this request.
The body of the response contains the created [inviteParticipantsOperation](../resources/inviteparticipantsoperation.md).
The following examples show how to call this API.
> **Note:** The response objects might be shortened for readability. All the properties will be returned from an actual call.
-### Example 1: Invite one participant to an existing group call
+### Example 1: Invite one participant to an existing call
##### Request
v1.0 Participant Stopholdmusic https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/participant-stopholdmusic.md
Location: https://graph.microsoft.com/v1.0/communications/calls/e141b67c-90fd-45
{ "@odata.type": "#microsoft.graph.stopHoldMusicOperation", "id": "0fe0623f-d628-42ed-b4bd-8ac290072cc5",
- "status": "running",
- "clientContext": "d45324c1-fcb5-430a-902c-f20af696537c"
-}
-```
-
-### Notification sent to the application after the stopHoldMusicOperation finishes
-
-```http
-POST https://bot.contoso.com/api/calls
-Content-Type: application/json
-```
-
-<!-- {
- "blockType": "example",
- "@odata.type": "microsoft.graph.commsNotifications"
-}-->
-```json
-{
- "@odata.type": "#microsoft.graph.commsNotifications",
- "value": [
- {
- "@odata.type": "#microsoft.graph.commsNotification",
- "changeType": "deleted",
- "resourceUrl": "communications/calls/e141b67c-90fd-455d-858b-b48a40b9cc8d/operations/0fe0623f-d628-42ed-b4bd-8ac290072cc5",
- "resourceData": {
- "@odata.type": "#microsoft.graph.stopHoldMusicOperation",
- "@odata.id": "communications/calls/e141b67c-90fd-455d-858b-b48a40b9cc8d/operations/0fe0623f-d628-42ed-b4bd-8ac290072cc5",
- "@odata.etag": "W/\"54451\"",
- "clientContext": "d45324c1-fcb5-430a-902c-f20af696537c",
- "status": "completed"
- }
- }
- ]
+ "status": "completed",
+ "clientContext": "d45324c1-fcb5-430a-902c-f20af696537c",
+ "resultInfo": null
} ```
v1.0 Schedule List Shifts https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/schedule-list-shifts.md
GET /teams/{teamId}/schedule/shifts
``` ## Optional query parameters+ This method supports the `$filter` [OData query parameter](/graph/query-parameters) to help customize the response.
+> [!NOTE]
+> The `$filter` parameter doesn't support the use of the same property more than once in a query. For example, the following query will not work: `sharedShift/startDateTime ge 2019-05-09T00:00:00Z and sharedShift/startDateTime le 2019-05-09T23:59:59Z`.
+ ## Request headers | Header | Value |
v1.0 Serviceannouncement List Healthoverviews https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceannouncement-list-healthoverviews.md
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/healthOverviews
[!INCLUDE [sample-code](../includes/snippets/go/list-healthoverviews-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/healthOverviews?$
[!INCLUDE [sample-code](../includes/snippets/go/list-healthoverviews-with-issues-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceannouncement List Issues https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceannouncement-list-issues.md
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/issues
[!INCLUDE [sample-code](../includes/snippets/go/list-servicehealthissue-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceannouncement List Messages https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceannouncement-list-messages.md
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/messages
[!INCLUDE [sample-code](../includes/snippets/go/list-serviceupdatemessage-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceannouncementattachment Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceannouncementattachment-get.md
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/messages/MC54091/
[!INCLUDE [sample-code](../includes/snippets/go/get-serviceannouncementattachment-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/messages/MC54091/
[!INCLUDE [sample-code](../includes/snippets/go/get-serviceannouncementattachment-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Servicehealth Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/servicehealth-get.md
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/healthOverviews/M
[!INCLUDE [sample-code](../includes/snippets/go/get-servicehealth-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/healthOverviews/M
[!INCLUDE [sample-code](../includes/snippets/go/get-servicehealth-with-issues-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Servicehealthissue Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/servicehealthissue-get.md
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/issues/MO226784
[!INCLUDE [sample-code](../includes/snippets/go/get-servicehealthissue-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Servicehealthissue Incidentreport https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/servicehealthissue-incidentreport.md
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/issues/MO248163/i
[!INCLUDE [sample-code](../includes/snippets/go/servicehealthissue-incidentreport-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceprincipal Addtokensigningcertificate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-addtokensigningcertificate.md
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceprincipal-addtokensigningcertificate-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceprincipal Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-get.md
Title: "Get servicePrincipal"
-description: "Retrieve the properties and relationships of serviceprincipal object."
+description: "Retrieve the properties and relationships of servicePrincipal object."
ms.localizationpriority: high ms.prod: "applications"
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application | Application.Read.All, Application.ReadWrite.All, Application.ReadWrite.OwnedBy, Directory.Read.All |
+> [!NOTE]
+> A service principal can retrieve its own application and service principal details without being granted any application permissions.
+ ## HTTP request <!-- { "blockType": "ignored" } --> ```http
GET /servicePrincipals/{id}
``` ## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+This method supports the [OData query parameters](/graph/query-parameters) to help customize the response.
By default, this API doesn't return the public key value of the **key** in the **keyCredentials** property unless **keyCredentials** is specified in a `$select` query. For example, `$select=id,appId,keyCredentials`.
Content-type: application/json
"passwordCredentials": [], "publisherName": null, "replyUrls": [],
+ "resourceSpecificApplicationPermissions": [],
"servicePrincipalNames": [], "servicePrincipalType": null, "signInAudience": "AzureADandPersonalMicrosoftAccount",
v1.0 Serviceprincipal List Approleassignedto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-list-approleassignedto.md
For example, if the resource service principal is the service principal for the
If the resource service principal is an application that has app roles granted to users and groups, this will return all the users and groups assigned app roles for this application.
+>**Note** This request might have replication delays for app role assignments that were recently granted or removed.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Serviceprincipal List Approleassignments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-list-approleassignments.md
Retrieve the list of [appRoleAssignment](../resources/approleassignment.md) that
App roles that are assigned to service principals are also known as [application permissions](/azure/active-directory/develop/v2-permissions-and-consent#permission-types). Application permissions can be granted directly by creating app role assignments, or through a [consent experience](/azure/active-directory/develop/application-consent-experience).
+>**Note** This request might have replication delays for app role assignments that were recently granted or removed.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Serviceprincipal Removekey https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-removekey.md
In the request body, provide the following required properties.
| Property | Type | Description| |:-|:--|:--|
-| keyId | GUID | The unique identifier for the password.|
+| keyId | Guid | The unique identifier for the password.|
| proof | String | A self-signed JWT token used as a proof of possession of the existing keys. This JWT token must be signed using the private key of one of the servicePrincipal's existing valid certificates. The token should contain the following claims:<ul><li>`aud` - Audience needs to be `00000002-0000-0000-c000-000000000000`.</li><li>`iss` - Issuer needs to be the __id__ of the servicePrincipal that is making the call.</li><li>`nbf` - Not before time.</li><li>`exp` - Expiration time should be "nbf" + 10 mins.</li></ul><br>Here is a code [sample](/graph/application-rollkey-prooftoken) that can be used to generate this proof of possession token.| ## Response
v1.0 Serviceprincipal Removepassword https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceprincipal-removepassword.md
POST /servicePrincipals/{id}/removePassword
| Property | Type |Description| |:|:--|:-|
-| keyId | GUID | The unique identifier for the password. Required. |
+| keyId | Guid | The unique identifier for the password. Required. |
## Response
v1.0 Serviceupdatemessage Archive https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceupdatemessage-archive.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-archive-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Favorite https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceupdatemessage-favorite.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-favorite-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceupdatemessage-get.md
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/messages/MC172851
[!INCLUDE [sample-code](../includes/snippets/go/get-serviceupdatemessage-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage List Attachments https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceupdatemessage-list-attachments.md
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/messages/MC54091/
[!INCLUDE [sample-code](../includes/snippets/go/list-serviceannouncementattachment-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
GET https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/messages/MC54091/
[!INCLUDE [sample-code](../includes/snippets/go/list-serviceannouncementattachment-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Markread https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceupdatemessage-markread.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-markread-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Markunread https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceupdatemessage-markunread.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-markunread-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Unarchive https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceupdatemessage-unarchive.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-unarchive-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Serviceupdatemessage Unfavorite https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/serviceupdatemessage-unfavorite.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/serviceupdatemessage-unfavorite-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Shift Put https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/shift-put.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-PATCH /teams/{teamId}/schedule/shifts/{shiftId}
+PUT /teams/{teamId}/schedule/shifts/{shiftId}
``` ## Request headers
The following is an example of the request.
"name": "shift-put" }--> ```http
-PATCH https://graph.microsoft.com/v1.0/teams/{teamId}/schedule/shifts/{shiftId}
+PUT https://graph.microsoft.com/v1.0/teams/{teamId}/schedule/shifts/{shiftId}
Content-type: application/json Prefer: return=representation
v1.0 Site Follow https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/site-follow.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+ ### Response
v1.0 Site List Subsites https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/site-list-subsites.md
Previously updated : 09/10/2017 Title: List the subsites for a SharePoint site ms.localizationpriority: high ms.prod: "sharepoint"
One of the following permissions is required to call this API. To learn more, in
## HTTP request
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /sites/{site-id}/sites
+```
+
+## Request headers
+
+| Name |Description|
+|:-|:-|
+| Authorization | Bearer {code}. Required.|
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [site][] objects in the response body.
+
+## Example
+
+### Request
+
+The following is an example of a request.
+ # [HTTP](#tab/http) <!-- { "blockType": "request", "name": "list-subsites", "scopes": "sites.read.all", "tags": "service.sharepoint" } -->
GET https://graph.microsoft.com/v1.0/sites/{site-id}/sites
-## Response
+### Response
+
+The following is an example of the response.
<!-- { "blockType": "response", "@type": "microsoft.graph.site", "isCollection": true, "truncated": true } -->
v1.0 Site Unfollow https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/site-unfollow.md
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
v1.0 Subjectrightsrequest Getfinalattachment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/subjectrightsrequest-getfinalattachment.md
Do not supply a request body for this method.
## Response
-If successful, this function will redirect to the Microsoft Azure blob storage link with the SAS token and return a `302` response code.
+If successful, this function will redirect to the Microsoft Azure blob storage link with the SAS token and return a `200` response code.
## Examples
GET https://graph.microsoft.com/v1.0/privacy/subjectRightsRequests/{subjectRight
} --> ``` http
-HTTP/1.1 302
+HTTP/1.1 200
```
v1.0 Subscription Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/subscription-delete.md
Namespace: microsoft.graph
Delete a subscription.
-See the table in the [Permissions](#permissions) section for the list of resources that support subscribing to change notifications.
+For the list of resources that support subscribing to change notifications, see the table in the [Permissions](#permissions) section.
## Permissions
Depending on the resource and the permission type (delegated or application) req
| Supported resource | Delegated (work or school account) | Delegated (personal Microsoft account) | Application | |:--|:--|:--|:--|
-|[callRecord](../resources/callrecords-callrecord.md) | Not supported | Not supported | CallRecords.Read.All |
-|[chatMessage](../resources/chatmessage.md) (/teams/{id}/channels/{id}/messages) | ChannelMessage.Read.All | Not supported | ChannelMessage.Read.Group*, ChannelMessage.Read.All |
-|[chatMessage](../resources/chatmessage.md) (/teams/getAllMessages -- all channel messages in organization) | Not supported | Not supported | ChannelMessage.Read.All |
-|[chatMessage](../resources/chatmessage.md) (/chats/{id}/messages) | Not supported | Not supported | Chat.Read.All |
-|[chatMessage](../resources/chatmessage.md) (/chats/getAllMessages -- all chat messages in organization) | Not supported | Not supported | Chat.Read.All |
+|[callRecord](../resources/callrecords-callrecord.md) | Not supported. | Not supported. | CallRecords.Read.All |
+|[chatMessage](../resources/chatmessage.md) (/teams/{id}/channels/{id}/messages) | ChannelMessage.Read.All | Not supported. | ChannelMessage.Read.Group*, ChannelMessage.Read.All |
+|[chatMessage](../resources/chatmessage.md) (/teams/getAllMessages -- all channel messages in organization) | Not supported. | Not supported. | ChannelMessage.Read.All |
+|[chatMessage](../resources/chatmessage.md) (/chats/{id}/messages) | Not supported. | Not supported. | Chat.Read.All |
+|[chatMessage](../resources/chatmessage.md) (/chats/getAllMessages -- all chat messages in organization) | Not supported. | Not supported. | Chat.Read.All |
|[contact](../resources/contact.md) | Contacts.Read | Contacts.Read | Contacts.Read |
-|[driveItem](../resources/driveitem.md) (user's personal OneDrive) | Not supported | Files.ReadWrite | Not supported |
-|[driveItem](../resources/driveitem.md) (OneDrive for Business) | Files.ReadWrite.All | Not supported | Files.ReadWrite.All |
+|[driveItem](../resources/driveitem.md) (user's personal OneDrive) | Not supported. | Files.ReadWrite | Not supported. |
+|[driveItem](../resources/driveitem.md) (OneDrive for Business) | Files.ReadWrite.All | Not supported. | Files.ReadWrite.All |
|[event](../resources/event.md) | Calendars.Read | Calendars.Read | Calendars.Read |
-|[group](../resources/group.md) | Group.Read.All | Not supported | Group.Read.All |
-|[group conversation](../resources/conversation.md) | Group.Read.All | Not supported | Not supported |
-|[list](../resources/list.md) | Sites.ReadWrite.All | Not supported | Sites.ReadWrite.All |
+|[group](../resources/group.md) | Group.Read.All | Not supported. | Group.Read.All |
+|[group conversation](../resources/conversation.md) | Group.Read.All | Not supported. | Not supported. |
+|[list](../resources/list.md) | Sites.ReadWrite.All | Not supported. | Sites.ReadWrite.All |
|[message](../resources/message.md) | Mail.ReadBasic, Mail.Read | Mail.ReadBasic, Mail.Read | Mail.ReadBasic, Mail.Read |
-|[printer](../resources/printer.md) | Not supported | Not supported | Printer.Read.All, Printer.ReadWrite.All |
-|[printTaskDefinition](../resources/printtaskdefinition.md) | Not supported | Not supported | PrintTaskDefinition.ReadWrite.All |
-|[security alert](../resources/alert.md) | SecurityEvents.ReadWrite.All | Not supported | SecurityEvents.ReadWrite.All |
+|[printer](../resources/printer.md) | Not supported. | Not supported. | Printer.Read.All, Printer.ReadWrite.All |
+|[printTaskDefinition](../resources/printtaskdefinition.md) | Not supported. | Not supported. | PrintTaskDefinition.ReadWrite.All |
+|[security alert](../resources/alert.md) | SecurityEvents.ReadWrite.All | Not supported. | SecurityEvents.ReadWrite.All |
|[user](../resources/user.md) | User.Read.All | User.Read.All | User.Read.All |
On a personal OneDrive, you can subscribe to the root folder or any subfolder in
### contact, event, and message
-Additional limitations apply for subscriptions on Outlook items. The limitations apply to creating as well as managing (getting, updating, and deleting) subscriptions.
+You can subscribe to changes in Outlook **contact**, **event**, or **message** resources.
-- Delegated permission supports subscribing to items in folders in only the signed-in user's mailbox. For example, you cannot use the delegated permission Calendars.Read to subscribe to events in another userΓÇÖs mailbox.-- To subscribe to change notifications of Outlook contacts, events, or messages in _shared or delegated_ folders:-
- - Use the corresponding application permission to subscribe to changes of items in a folder or mailbox of _any_ user in the tenant.
- - Do not use the Outlook sharing permissions (Contacts.Read.Shared, Calendars.Read.Shared, Mail.Read.Shared, and their read/write counterparts), as they do **not** support subscribing to change notifications on items in shared or delegated folders.
## HTTP request
Do not supply a request body for this method.
## Response If successful, this method returns a `204 No Content` response code.+ For details about how errors are returned, see [Error responses][error-response]. ## Example
-##### Request
+### Request
-Here is an example of the request.
+The following is an example of a request.
# [HTTP](#tab/http) <!-- {
DELETE https://graph.microsoft.com/v1.0/subscriptions/7f105c7d-2dc5-4530-97cd-4e
-##### Response
+### Response
+
+The following is an example of the response.
-Here is an example of the response.
<!-- { "blockType": "response" } -->
v1.0 Subscription Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/subscription-get.md
On a personal OneDrive, you can subscribe to the root folder or any subfolder in
### contact, event, and message
-Additional limitations apply for subscriptions on Outlook items. The limitations apply to creating as well as managing (getting, updating, and deleting) subscriptions.
+You can subscribe to changes in Outlook **contact**, **event**, or **message** resources.
-- Delegated permission supports subscribing to items in folders in only the signed-in user's mailbox. For example, you cannot use the delegated permission Calendars.Read to subscribe to events in another userΓÇÖs mailbox.-- To subscribe to change notifications of Outlook contacts, events, or messages in _shared or delegated_ folders:-
- - Use the corresponding application permission to subscribe to changes of items in a folder or mailbox of _any_ user in the tenant.
- - Do not use the Outlook sharing permissions (Contacts.Read.Shared, Calendars.Read.Shared, Mail.Read.Shared, and their read/write counterparts), as they do **not** support subscribing to change notifications on items in shared or delegated folders.
## HTTP request
v1.0 Subscription Post Subscriptions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/subscription-post-subscriptions.md
Namespace: microsoft.graph
Subscribes a listener application to receive change notifications when the requested type of changes occur to the specified resource in Microsoft Graph.
-See the table in the [Permissions](#permissions) section for the list of resources that support subscribing to change notifications.
+See the table in the [Permissions](#permissions) section for the list of resources that support subscribing to change notifications.
+
+Some resources support the option to include encrypted resource data in change notifications. These resources include [chatMessage](../resources/chatmessage.md), [contact](../resources/contact.md), [event](../resources/event.md), [message](../resources/message.md), and [presence](../resources/presence.md). For more information, see [Set up change notifications that include resource data](/graph/webhooks-with-resource-data) and [Change notifications for Outlook resources in Microsoft Graph](/graph/outlook-change-notification-overview).
## Permissions
OneDrive for Business and SharePoint support sending your application notificati
### contact, event, and message
-Additional limitations apply for subscriptions on Outlook items. The limitations apply to creating as well as managing (getting, updating, and deleting) subscriptions.
--- Delegated permission supports subscribing to items in folders in only the signed-in user's mailbox. For example, you cannot use the delegated permission Calendars.Read to subscribe to events in another userΓÇÖs mailbox.-- To subscribe to change notifications of Outlook contacts, events, or messages in _shared or delegated_ folders:
+You can subscribe to changes in Outlook **contact**, **event**, or **message** resources.
- - Use the corresponding application permission to subscribe to changes of items in a folder or mailbox of _any_ user in the tenant.
- - Do not use the Outlook sharing permissions (Contacts.Read.Shared, Calendars.Read.Shared, Mail.Read.Shared, and their read/write counterparts), as they do **not** support subscribing to change notifications on items in shared or delegated folders.
### presence
v1.0 Subscription Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/subscription-update.md
On personal OneDrive, you can subscribe to the root folder or any subfolder in t
### contact, event, and message
-Additional limitations apply for subscriptions on Outlook items. The limitations apply to creating as well as managing (getting, updating, and deleting) subscriptions.
+You can subscribe to changes in Outlook **contact**, **event**, or **message** resources.
-- Delegated permission supports subscribing to items in folders in only the signed-in user's mailbox. For example, you cannot use the delegated permission Calendars.Read to subscribe to events in another userΓÇÖs mailbox.-- To subscribe to change notifications of Outlook contacts, events, or messages in _shared or delegated_ folders:-
- - Use the corresponding application permission to subscribe to changes of items in a folder or mailbox of _any_ user in the tenant.
- - Do not use the Outlook sharing permissions (Contacts.Read.Shared, Calendars.Read.Shared, Mail.Read.Shared, and their read/write counterparts), as they do **not** support subscribing to change notifications on items in shared or delegated folders.
## HTTP request
v1.0 Team Delete Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/team-delete-installedapps.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Application | TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
> **Note**: Permissions marked with ** are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.
v1.0 Team List Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/team-list-installedapps.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
+|Delegated (work or school account) | TeamsAppInstallation.ReadForTeam, TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.Read.Group*, TeamsAppInstallation.ReadForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
+|Application | TeamsAppInstallation.Read.Group*, TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.Read.All**, Group.ReadWrite.All**, Directory.Read.All**, Directory.ReadWrite.All** |
[!INCLUDE [teamwork-permissions-note](../../../includes/teamwork-permissions-note.md)]
v1.0 Team Post Installedapps https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/team-post-installedapps.md
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
+|Application | TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
> **Note**: Permissions marked with ** are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.
v1.0 Team Post Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/team-post-members.md
Namespace: microsoft.graph
Add a new [conversationMember](../resources/conversationmember.md) to a [team](../resources/team.md). ## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type|Permissions (from least to most privileged)|
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account) | Not supported. | |Application| TeamMember.ReadWrite.All |
-> **Note**: Permissions marked with * use [resource-specific consent](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
+> [!NOTE]
+> Using application permissions to [add guest members](/microsoft-365/admin/add-users/about-guest-users?view=o365-worldwide&preserve-view=true) to a team is not supported.
## HTTP request
v1.0 Team Teamsappinstallation Upgrade https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/team-teamsappinstallation-upgrade.md
Title: "teamsAppInstallation in team: upgrade"
+ Title: "teamsAppInstallation: upgrade"
description: "Upgrade an app installation in a team" ms.localizationpriority: medium
ms.prod: "microsoft-teams"
doc_type: apiPageType
-# teamsAppInstallation in team: upgrade
+# teamsAppInstallation: upgrade
Namespace: microsoft.graph
One of the following permissions is required to call this API. To learn more, in
|Permission type | Permissions (from least to most privileged) | |:--|:|
-|Delegated (work or school account) | TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All, Directory.ReadWrite.All |
+|Delegated (work or school account) | TeamsAppInstallation.ReadWriteSelfForTeam, TeamsAppInstallation.ReadWriteForTeam, Group.ReadWrite.All**, Directory.ReadWrite.All** |
|Delegated (personal Microsoft account) | Not supported. |
-|Application | TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All, Directory.ReadWrite.All |
+|Application | TeamsAppInstallation.ReadWriteSelfForTeam.All, TeamsAppInstallation.ReadWriteForTeam.All, Group.ReadWrite.All**, Directory.ReadWrite.All** |
> **Note**: Permissions marked with ** are supported only for backward compatibility. We recommend that you update your solutions to use an alternative permission listed in the previous table and avoid using these permissions going forward.
v1.0 Team Update Members https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/team-update-members.md
Namespace: microsoft.graph
Update the role of a [conversationMember](../resources/conversationmember.md) in a [team](../resources/team.md).
+> [!NOTE]
+> Team members with the role of `guest` cannot be given the role of `owner`.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Termsofusecontainer List Agreements https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termsofusecontainer-list-agreements.md
GET /identityGovernance/termsOfUse/agreements
``` ## Optional query parameters
-This method supports the [OData query parameters](/graph/query-parameters) to help customize the response.
+This method supports the `$select`, `$filter`, and `$top` [OData query parameters](/graph/query-parameters) to help customize the response.
## Request headers | Name | Type | Description |
GET https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements
[!INCLUDE [sample-code](../includes/snippets/go/get-agreements-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "displayName": "Sample ToU",
- "isViewingBeforeAcceptanceRequired": true,
- "id": "093b947f-8363-4979-a47d-4c52b33ee1be"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#agreements",
+ "value": [
+ {
+ "id": "0ec9f6a6-159d-4dd8-a563-1f0b5935e80b",
+ "displayName": "All users terms of use",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": "P90D",
+ "isViewingBeforeAcceptanceRequired": false,
+ "isPerDeviceAcceptanceRequired": false
+ },
+ {
+ "id": "920f5775-d5d7-454b-861f-14685bb24e2c",
+ "displayName": "ToU",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": "P90D",
+ "isViewingBeforeAcceptanceRequired": false,
+ "isPerDeviceAcceptanceRequired": false
+ },
+ {
+ "id": "94410bbf-3d3e-4683-8149-f034e55c39dd",
+ "displayName": "Contoso ToU for guest users",
+ "termsExpiration": null,
+ "userReacceptRequiredFrequency": null,
+ "isViewingBeforeAcceptanceRequired": true,
+ "isPerDeviceAcceptanceRequired": false
+ }
+ ]
} ```
v1.0 Termsofusecontainer Post Agreements https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termsofusecontainer-post-agreements.md
POST https://graph.microsoft.com/v1.0/identityGovernance/termsOfUse/agreements
Content-type: application/json {
- "displayName": "MSGraph Sample",
+ "displayName": "Contoso ToU for guest users",
"isViewingBeforeAcceptanceRequired": true, "files": [ {
Content-type: application/json
"language": "en", "isDefault": true, "fileData": {
- "data": "SGVsbG8gd29ybGQ="
+ "data": "SGVsbG8gd29ybGQ=//truncated-binary"
} } ]
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/create-agreement-from-agreements-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+
v1.0 Termstore Group Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/termstore-group-get.md
Content-Type: application/json
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_group"
+ "name": "get_group_termstore"
} -->
Content-Type: application/json
GET https://graph.microsoft.com/v1.0/sites/mycompany.sharepoint.com,8f03a01c-dcfa-4aaf-9be5-b3fb48e538c1,739084f3-c0fa-46ac-b7f8-13b344781ad0/termStore/groups/1FFD3F87-9464-488A-A0EC-8FB90911182C?$select=*,parentSiteId ``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Objective-C](#tab/objc) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 User Assignlicense https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-assignlicense.md
Content-type: application/json
"addLicenses": [ { "disabledPlans": [ "11b0131d-43c8-4bbb-b2c8-e80f9a50834a" ],
- "skuId": "guid"
+ "skuId": "45715bb8-13f9-4bf6-927f-ef96c102d394"
} ], "removeLicenses": [ "bea13e0c-3828-4daa-a392-28af7ff61a0f" ]
v1.0 User Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-delete.md
If successful, this method returns `204 No Content` response code. It does not r
### Request
-Here is an example of the request.
+The following is an example of a request.
# [HTTP](#tab/http) <!-- {
DELETE https://graph.microsoft.com/v1.0/users/{user-id}
### Response
-Here is an example of the response.
+The following is an example of the response.
<!-- { "blockType": "response", "truncated": true
v1.0 User Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-get.md
Namespace: microsoft.graph
Retrieve the properties and relationships of user object.
-> Note: Getting a user returns a default set of properties only (*businessPhones, displayName, givenName, id, jobTitle, mail, mobilePhone, officeLocation, preferredLanguage, surname, userPrincipalName*). Use `$select` to get the other properties and relationships for the [user](../resources/user.md) object.
+> **Note:** Getting a user returns a default set of properties only (*businessPhones, displayName, givenName, id, jobTitle, mail, mobilePhone, officeLocation, preferredLanguage, surname, userPrincipalName*). Use `$select` to get the other properties and relationships for the [user](../resources/user.md) object.
+>
+> This request might have replication delays for users that were recently created, updated, or deleted.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 User List Agreementacceptances https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list-agreementacceptances.md
doc_type: apiPageType
Namespace: microsoft.graph
-Retrieve a list of a user's [agreementAcceptance](../resources/agreementacceptance.md) objects.
+Retrieve the signed-in user's [agreementAcceptance](../resources/agreementacceptance.md) objects.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http GET /me/agreementAcceptances+
+# where the id or userPrincipalName is the signed-in user's
+ GET /users/{id | userPrincipalName}/agreementAcceptances ```
If successful, this method returns a `200 OK` response code and a collection of
}--> ```msgraph-interactive GET https://graph.microsoft.com/v1.0/me/agreementAcceptances-
-GET https://graph.microsoft.com/v1.0/users/f2f4f8e9-c99d-4c73-b990-34f81fbf7fcf/agreementAcceptances
``` # [C#](#tab/csharp) [!INCLUDE [sample-code](../includes/snippets/csharp/get-agreementacceptances-csharp-snippets.md)]
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "agreementId": "093b947f-8363-4979-a47d-4c52b33ee1be",
- "userId": "f2f4f8e9-c99d-4c73-b990-34f81fbf7fcf",
- "agreementFileId": "f2f4f8e9-c99d-4c73-b990-34f81fbf7fcf",
- "recordedDateTime": "2021-03-10T00:39:56.0523527Z",
- "userDisplayName": "Test_User",
- "userPrincipalName": "Test_User@TestTenant.onmicrosoft.com"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#agreementAcceptances",
+ "value": [
+ {
+ "id": "94410bbf-3d3e-4683-8149-f034e55c39dd_d4bb5206-77bf-4d5c-96b4-cf7b0ed3be98",
+ "agreementId": "94410bbf-3d3e-4683-8149-f034e55c39dd",
+ "userId": "d4bb5206-77bf-4d5c-96b4-cf7b0ed3be98",
+ "deviceId": "00000000-0000-0000-0000-000000000000",
+ "deviceDisplayName": null,
+ "deviceOSType": null,
+ "deviceOSVersion": null,
+ "agreementFileId": "08033369-8972-42a3-8533-90bbd2757a01",
+ "userDisplayName": "Megan Bowen",
+ "userPrincipalName": "MeganB@M365x43961174.OnMicrosoft.com",
+ "userEmail": "MeganB@M365x43961174.OnMicrosoft.com",
+ "recordedDateTime": "2022-03-04T14:11:22.6658376Z",
+ "expirationDateTime": null,
+ "state": "accepted"
+ }
+ ]
} ```
v1.0 User List Licensedetails https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list-licensedetails.md
Title: "List licenseDetails" description: "Retrieve a list of licenseDetails objects."-+ ms.localizationpriority: medium ms.prod: "users" doc_type: apiPageType
v1.0 User List Manager https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list-manager.md
ConsistencyLevel: eventual
[!INCLUDE [sample-code](../includes/snippets/powershell/get-transitive-managers-powershell-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Objective-C](#tab/objc)
+
+# [Java](#tab/java)
+
v1.0 User List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list.md
Namespace: microsoft.graph
Retrieve a list of [user](../resources/user.md) objects.
+>**Note:** This request might have replication delays for users that were recently created, updated, or deleted.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 User Revokesigninsessions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-revokesigninsessions.md
This operation has no request content.
## Response
-If successful, this method returns a `204 No Content` response code.
+If successful, this method returns a `200 OK` response code.
>[!NOTE]
->This API has a [known issue](/graph/known-issues#revoke-sign-in-sessions-returns-wrong-HTTP-code). It returns a different HTTP response code.
+>This API has a [known issue](/graph/known-issues#revoke-sign-in-sessions-returns-wrong-http-code). It returns a different HTTP response code.
## Example The following example shows how to call this API.
-##### Request
+### Request
# [HTTP](#tab/http) <!-- {
- "blockType": "request",
+ "blockType": "ignored",
"name": "user_revokesigninsessionss" }--> ```http
POST https://graph.microsoft.com/v1.0/me/revokeSignInSessions
-##### Response
+### Response
<!-- { "blockType": "response", "truncated": true } --> ```http
-HTTP/1.1 204 No Content
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#Edm.Boolean",
+ "value": true
+}
``` <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
v1.0 User Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-update.md
In the request body, supply the values for relevant fields that should be update
|userType|String|A string value that can be used to classify user types in your directory, such as `Member` and `Guest`. | > [!NOTE]
-> The following properties cannot be updated by an app with only application permissions: **aboutMe**, **birthday**, **employeeHireDate**, **interests**, **mySite**, **pastProjects**, **preferredName**, **responsibilities**, **schools**, and **skills**.
+> - The following properties cannot be updated by an app with only application permissions: **aboutMe**, **birthday**, **employeeHireDate**, **interests**, **mySite**, **pastProjects**, **preferredName**, **responsibilities**, **schools**, and **skills**.
+> - To update the following properties, you must specify them in their own PATCH request, without including the other properties listed in the table above: **aboutMe**, **birthday**, **interests**, **mySite**, **pastProjects**, **preferredName**, **responsibilities**, **schools**, and **skills**.
## Response
v1.0 Windowshelloforbusinessauthenticationmethod Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/windowshelloforbusinessauthenticationmethod-get.md
GET /me/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAu
GET /users/{id | userPrincipalName}/authentication/windowsHelloForBusinessMethods/{windowsHelloForBusinessAuthenticationMethodId} ```
+>**Note:** To read the **device** navigation property for another user, specify it in an `$expand` query as follows: `/users/{id}/authentication/windowsHelloForBusinessMethods/{id}?$expand=device`.
+ ## Optional query parameters Not supported.
v1.0 Accesspackageassignmentrequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/accesspackageassignmentrequest.md
In [Azure AD Entitlement Management](entitlementmanagement-overview.md), an acce
## Properties |Property|Type|Description| |:|:|:|
-|completedDate|DateTimeOffset|The date of the end of processing, either successful or failure, of a request. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.|
+|completedDateTime|DateTimeOffset|The date of the end of processing, either successful or failure, of a request. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.|
|createdDateTime|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.| |id|String|Read-only.| |requestType|accessPackageRequestType|The type of the request. The possible values are: `notSpecified`, `userAdd`, `userUpdate`, `userRemove`, `adminAdd`, `adminUpdate`, `adminRemove`, `systemAdd`, `systemUpdate`, `systemRemove`, `onBehalfAdd`, `unknownFutureValue`. A request from the user themselves would have requestType of `UserAdd` or `UserRemove`. This property cannot be changed once set.|
The following is a JSON representation of the resource.
"state": "String", "status": "String", "createdDateTime": "String (timestamp)",
- "completedDate": "String (timestamp)",
+ "completedDateTime": "String (timestamp)",
"schedule": { "@odata.type": "microsoft.graph.entitlementManagementSchedule" }
v1.0 Accessreviewhistorydefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/accessreviewhistorydefinition.md
+
+ Title: "accessReviewHistoryDefinition resource type"
+description: "Represents a collection of access review history data."
+
+ms.localizationpriority: medium
++
+# accessReviewHistoryDefinition resource type
+
+Namespace: microsoft.graph
+
+Represents a collection of access review historical data and the scopes used to collect that data.
+
+An **accessReviewHistoryDefinition** contains a list of [accessReviewHistoryInstance](accessReviewHistoryInstance.md) objects. Each recurrence of the history definition creates an instance. In the case of a one-time history definition, only one instance is created.
+
+## Methods
+
+|Method|Return type|Description|
+|:|:|:|
+|[List accessReviewHistoryDefinitions](../api/accessreviewset-list-historydefinitions.md)|[accessReviewHistoryDefinition](accessreviewhistorydefinition.md) collection|Get a list of the [accessReviewHistoryDefinition](accessreviewhistorydefinition.md) objects and their properties.|
+|[Create accessReviewHistoryDefinition](../api/accessreviewset-post-historydefinitions.md)|[accessReviewHistoryDefinition](accessreviewhistorydefinition.md)|Create a new [accessReviewHistoryDefinition](accessreviewhistorydefinition.md) object.|
+|[Get accessReviewHistoryDefinition](../api/accessreviewhistorydefinition-get.md)|[accessReviewHistoryDefinition](accessreviewhistorydefinition.md)|Read the properties and relationships of an [accessReviewHistoryDefinition](accessreviewhistorydefinition.md) object.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|createdBy|[userIdentity](useridentity.md)| User who created this review history definition. |
+|createdDateTime|DateTimeOffset|Timestamp when the access review definition was created.|
+|decisions|String collection|Determines which review decisions will be included in the fetched review history data if specified. Optional on create. All decisions will be included by default if no decisions are provided on create. Possible values are: `approve`, `deny`, `dontKnow`, `notReviewed`, and `notNotified`.|
+|displayName|String|Name for the access review history data collection. Required.|
+|id|String|The assigned unique identifier of an access review history definition.|
+|reviewHistoryPeriodEndDateTime|DateTimeOffset| A timestamp. Reviews ending on or before this date will be included in the fetched history data. Only required if **scheduleSettings** is not defined. |
+|reviewHistoryPeriodStartDateTime|DateTimeOffset|A timestamp. Reviews starting on or before this date will be included in the fetched history data. Only required if **scheduleSettings** is not defined.|
+| scheduleSettings |[accessReviewHistoryScheduleSettings](accessReviewHistoryScheduleSettings.md)| The settings for a recurring access review history definition series. Only required if **reviewHistoryPeriodStartDateTime** or **reviewHistoryPeriodEndDateTime** are not defined.|
+|scopes|[accessReviewScope](accessreviewscope.md) collection|Used to scope what reviews are included in the fetched history data. Fetches reviews whose scope matches with this provided scope. Required.|
+|status| accessReviewHistoryStatus|Represents the status of the review history data collection. The possible values are: `done`, `inProgress`, `error`, `requested`, `unknownFutureValue`.|
+
+## Relationships
+
+|Relationship|Type|Description|
+|:|:|:|
+|instances|[accessReviewHistoryInstance](accessreviewhistoryinstance.md) collection| If the **accessReviewHistoryDefinition** is a recurring definition, instances represent each recurrence. A definition that does not recur will have exactly one instance.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.accessReviewHistoryDefinition",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.accessReviewHistoryDefinition",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "reviewHistoryPeriodStartDateTime": "String (timestamp)",
+ "reviewHistoryPeriodEndDateTime": "String (timestamp)",
+ "status": "String",
+ "decisions": [
+ "String"
+ ],
+ "createdDateTime": "String (timestamp)",
+ "createdBy": {
+ "@odata.type": "microsoft.graph.userIdentity"
+ },
+ "scopes": [
+ {
+ "@odata.type": "microsoft.graph.accessReviewScope"
+ }
+ ],
+ "scheduleSettings": {
+ "@odata.type": "microsoft.graph.accessReviewHistoryScheduleSettings"
+ }
+}
+```
v1.0 Accessreviewhistoryinstance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/accessreviewhistoryinstance.md
+
+ Title: "accessReviewHistoryInstance resource type"
+description: "Represents a recurrence of an accessReviewHistoryDefinition object."
+
+ms.localizationpriority: medium
++
+# accessReviewHistoryInstance resource type
+
+Namespace: microsoft.graph
+
+ Represents a recurrence of an [accessReviewHistoryDefinition](accessreviewhistorydefinition.md) object. A history definition that does not recur will have exactly one instance.
+
+ Every **accessReviewHistoryInstance** along with its associated **accessReviewHistoryDefinition** contain the properties **reviewHistoryPeriodStartDateTime**, **reviewHistoryPeriodEndDateTime**, **decisions**, **scheduleSettings**, and **scopes**. These properties are used when scheduling recurrences as well as selecting review data and can be modified. Each **accessReviewHistoryInstance** object and data is only available for 30 days. Once an **accessReviewHistoryInstance** status has been moved to `done` a link can be generated to retrieve the instance's data by calling [generateDownloadUri](../api/accessreviewhistoryinstance-generatedownloaduri.md).
+
+## Methods
+
+| Method | Return type | Description |
+|:|:|:|
+|[List accessReviewHistoryInstances](../api/accessreviewhistorydefinition-list-instances.md)|[accessReviewHistoryInstance](accessreviewhistoryinstance.md) collection| Retrieve a list of the [accessReviewHistoryInstance](accessreviewhistoryinstance.md) objects and their properties.|
+|[generateDownloadUri](../api/accessreviewhistoryinstance-generatedownloaduri.md)|[accessReviewHistoryDefinition](accessreviewhistorydefinition.md)|Generates a URI which can be used to retrieve the instance's review history data.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|downloadUri|String|Uri which can be used to retrieve review history data. This URI will be active for 24 hours after being generated. Required.|
+|expirationDateTime|DateTimeOffset|Timestamp when this instance and associated data expires and the history is deleted. Required.|
+|fulfilledDateTime|DateTimeOffset|Timestamp when all of the available data for this instance was collected. This will be set after this instance's status is set to `done`. Required.|
+|id|String|The assigned unique identifier of an access review history instance. Read-only. Required.|
+|reviewHistoryPeriodEndDateTime|DateTimeOffset|Timestamp, reviews ending on or before this date will be included in the fetched history data.|
+|reviewHistoryPeriodStartDateTime|DateTimeOffset|Timestamp, reviews starting on or after this date will be included in the fetched history data.|
+|runDateTime|DateTimeOffset|Timestamp when the instance's history data is scheduled to be generated.|
+|status|accessReviewHistoryStatus|Represents the status of the review history data collection. The possible values are: `done`, `inProgress`, `error`, `requested`, `unknownFutureValue`. Once the **status** has been marked as `done`, a link can be generated to retrieve the instance's data by calling [generateDownloadUri](../api/accessreviewhistoryinstance-generatedownloaduri.md) method.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.accessReviewHistoryInstance",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.accessReviewHistoryInstance",
+ "id": "String (identifier)",
+ "reviewHistoryPeriodStartDateTime": "String (timestamp)",
+ "reviewHistoryPeriodEndDateTime": "String (timestamp)",
+ "status": "String",
+ "runDateTime": "String (timestamp)",
+ "fulfilledDateTime": "String (timestamp)",
+ "downloadUri": "String",
+ "expirationDateTime": "String (timestamp)"
+}
+```
v1.0 Accessreviewhistoryschedulesettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/accessreviewhistoryschedulesettings.md
+
+ Title: "accessReviewHistoryScheduleSettings resource type"
+description: "In Azure AD access reviews, the accessReviewHistoryScheduleSettings represents the settings associated with an access review history definition series."
+
+ms.localizationpriority: medium
++
+# accessReviewHistoryScheduleSettings resource type
+
+Namespace: microsoft.graph
+
+Defines the settings of an [accessReviewHistoryDefinition](accessreviewhistorydefinition.md) object.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+| recurrence|[patternedRecurrence](patternedrecurrence.md) | Detailed settings for recurrence using the standard Outlook recurrence object. <br/><br/>**Note:** Only **dayOfMonth**, **interval**, and **type** (`weekly`, `absoluteMonthly`) properties are supported. Use the property **startDate** on **recurrenceRange** to determine the day the review starts. Required. |
+|reportRange|String|A duration string in ISO 8601 duration format specifying the lookback period of the generated review history data. For example, if a history definition is scheduled to run on the 1st of every month, the **reportRange** is `P1M`. In this case, on the first of every month, access review history data will be collected containing only the previous month's review data. <br/><br/>**Note:** Only **years**, **months**, and **days** ISO 8601 properties are supported. Required.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.accessReviewHistoryScheduleSettings"
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.accessReviewHistoryScheduleSettings",
+ "reportRange": "String",
+ "recurrence": {
+ "@odata.type": "microsoft.graph.patternedRecurrence"
+ }
+}
+```
v1.0 Accessreviewset https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/accessreviewset.md
None.
|Relationship|Type|Description| |:|:|:| |definitions|[accessReviewScheduleDefinition](../resources/accessreviewscheduledefinition.md) collection| Represents the template and scheduling for an access review. |
+|historyDefinitions|[accessReviewHistoryDefinition](../resources/accessreviewhistorydefinition.md) collection| Represents a collection of access review history data and the scopes used to collect that data.|
## JSON representation
v1.0 Accessreviewsv2 Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/accessreviewsv2-overview.md
Typical customer scenarios for access reviews include:
- Customers can review and certify employee access to Azure AD resources. - Customers can review and audit assignments to Azure AD privileged roles. This supports organizations in the management of privileged access.
-The access reviews feature, including the API, is available only with a valid purchase or trial license of Azure AD Premium P2 or EMS E5 subscription.
+The access reviews feature, including the API, is available only with a valid purchase or trial license of Azure AD Premium P2 or EMS E5 subscription. For more information about the license requirements, see [Access reviews license requirements](/azure/active-directory/governance/access-reviews-overview#license-requirements).
## Methods
The following table lists the methods that you can use to interact with access r
|[Get accessReviewInstanceDecisionItem](../api/accessreviewinstancedecisionitem-get.md)|[accessReviewInstanceDecisionItem](../resources/accessreviewinstancedecisionitem.md)|Read the properties and relationships of an [accessReviewInstanceDecisionItem](../resources/accessreviewinstancedecisionitem.md) object.| |[Update accessReviewInstanceDecisionItem](../api/accessreviewinstancedecisionitem-update.md)|[accessReviewInstanceDecisionItem](../resources/accessreviewinstancedecisionitem.md)|Update the properties of an [accessReviewInstanceDecisionItem](../resources/accessreviewinstancedecisionitem.md) object.| |[accessReviewInstanceDecisionItem: filterByCurrentUser](../api/accessreviewinstancedecisionitem-filterbycurrentuser.md)|[accessReviewInstanceDecisionItem](../resources/accessreviewinstancedecisionitem.md) collection|Returns the decision items for which the calling user is the reviewer of.|-
+|**History definitions**| | |
+|[List historyDefinitions](../api/accessreviewset-list-historydefinitions.md)|[accessReviewHistoryDefinition](accessreviewhistorydefinition.md) collection|Get a list of the [accessReviewHistoryDefinition](accessreviewhistorydefinition.md) objects and their properties.|
+|[Create historyDefinitions](../api/accessreviewset-post-historydefinitions.md)|[accessReviewHistoryDefinition](accessreviewhistorydefinition.md)|Create a new [accessReviewHistoryDefinition](accessreviewhistorydefinition.md) object.|
+|[Get accessReviewHistoryDefinition](../api/accessreviewhistorydefinition-get.md)|[accessReviewHistoryDefinition](accessreviewhistorydefinition.md)|Read the properties and relationships of an [accessReviewHistoryDefinition](accessreviewhistorydefinition.md) object.|
+|[generateDownloadUri](../api/accessreviewhistoryinstance-generatedownloaduri.md)|[accessReviewHistoryInstance](accessreviewhistoryinstance.md)|Generate a URI for an instance that can be used to retrieve review history data.|
+|[List instances](../api/accessreviewhistorydefinition-list-instances.md)|[accessReviewHistoryInstance](accessreviewhistoryinstance.md)|Retrieve a list of the [accessReviewHistoryInstance](accessreviewhistoryinstance.md) objects and their properties.|
## Role and application permission authorization checks
v1.0 Addin https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/addin.md
Here is a JSON representation of the resource.
```json {
- "id": "guid",
+ "id": "Guid",
"properties": [{"@odata.type": "microsoft.graph.keyValue"}],
- "type": "string"
+ "type": "String"
} ```
v1.0 Administrativeunit https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/administrativeunit.md
This topic provides descriptions of the declared properties and navigation prope
| Method | Return Type | Description | |:|:--|:-|
-|[Create](../api/administrativeunit-post-administrativeunits.md) | [administrativeUnit](administrativeunit.md) | Create a new administrative unit.|
-|[List](../api/administrativeunit-list.md) | [administrativeUnit](administrativeunit.md) collection |List properties of all administrativeUnits.|
+|[Create](../api/directory-post-administrativeunits.md) | [administrativeUnit](administrativeunit.md) | Create a new administrative unit.|
+|[List](../api/directory-list-administrativeunits.md) | [administrativeUnit](administrativeunit.md) collection |List properties of all administrativeUnits.|
|[Get](../api/administrativeunit-get.md) | [administrativeUnit](administrativeunit.md) |Read properties and relationships of a specific administrativeUnit object.| |[Update](../api/administrativeunit-update.md) | [administrativeUnit](administrativeunit.md) |Update administrativeUnit object. | |[Delete](../api/administrativeunit-delete.md) | None |Delete administrativeUnit object. |
This topic provides descriptions of the declared properties and navigation prope
| Property | Type |Description| |:|:--|:-|
-|description|string|An optional description for the administrative unit. Supports `$filter` (`eq`, `ne`, `in`, `startsWith`), `$search`.|
-|displayName|string|Display name for the administrative unit. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values), `$search`, and `$orderBy`.|
-|id|string|Unique identifier for the administrative unit. Read-only. Supports `$filter` (`eq`).|
-|visibility|string|Controls whether the administrative unit and its members are hidden or public. Can be set to `HiddenMembership` or `Public`. If not set, default behavior is `Public`. When set to `HiddenMembership`, only members of the administrative unit can list other members of the administrative unit.|
+|description|String|An optional description for the administrative unit. Supports `$filter` (`eq`, `ne`, `in`, `startsWith`), `$search`.|
+|displayName|String|Display name for the administrative unit. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values), `$search`, and `$orderBy`.|
+|id|String|Unique identifier for the administrative unit. Read-only. Supports `$filter` (`eq`).|
+|visibility|String|Controls whether the administrative unit and its members are hidden or public. Can be set to `HiddenMembership`. If not set (value is `null`), the default behavior is public. When set to `HiddenMembership`, only members of the administrative unit can list other members of the administrative unit.|
## Relationships | Relationship | Type |Description|
v1.0 Agreement https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/agreement.md
Represents a tenant's customizable terms of use agreement that is created and ma
| Method | Return Type | Description | |:-|:|:|
-| [List agreements](../api/termsofusecontainer-list-agreements.md) | [agreement](agreement.md) collection | Get an agreement object collection. |
-| [Create agreements](../api/termsofusecontainer-post-agreements.md) | [agreement](agreement.md) | Create a new agreement by posting to the agreement collection. |
-| [Get agreement](../api/agreement-get.md) | [agreement](agreement.md) | Read properties and relationships of an agreement object. |
-| [Update agreement](../api/agreement-update.md) | [agreement](agreement.md) | Update an agreement object. |
-| [Delete agreement](../api/agreement-delete.md) | None | Delete an agreement object. |
+| [List](../api/termsofusecontainer-list-agreements.md) | [agreement](agreement.md) collection | Get an agreement object collection. |
+| [Create](../api/termsofusecontainer-post-agreements.md) | [agreement](agreement.md) | Create a new agreement by posting to the agreement collection. |
+| [Get](../api/agreement-get.md) | [agreement](agreement.md) | Read properties and relationships of an agreement object. |
+| [Update](../api/agreement-update.md) | None | Update an agreement object. |
+| [Delete](../api/agreement-delete.md) | None | Delete an agreement object. |
+|[List acceptances](../api/agreement-list-acceptances.md)|[agreementAcceptance](../resources/agreementacceptance.md) collection|Get the details about the acceptance records for a specific agreement.|
+|[List agreementAcceptances](../api/user-list-agreementacceptances.md)|[agreementAcceptance](../resources/agreementacceptance.md) collection|Get the agreement acceptances for the signed-in user.|
+|[Get agreementFile](../api/agreementfile-get.md)|[agreementFile](../resources/agreementfile.md) collection|Retrieve the details of the default file for an agreement, including the language and version information.|
+|[List files](../api/agreement-list-files.md)|[agreementFileLocalization](../resources/agreementfilelocalization.md) collection|Retrieve all localized files related to an agreement.|
+|[Create agreementFileLocalization](../api/agreement-post-files.md)|[agreementFileLocalization](../resources/agreementfilelocalization.md)|Create a new localized agreement file.|
## Properties | Property | Type | Description | |:-|:|:|
-|displayName|String|Display name of the agreement. The display name is used for internal tracking of the agreement but is not shown to end users who view the agreement.|
-|id|String| The identifier of the agreement. Read-only.|
-|isPerDeviceAcceptanceRequired|Boolean|Indicates whether end users are required to accept this agreement on every device that they access it from. The end user is required to register their device in Azure AD, if they haven't already done so.|
-|isViewingBeforeAcceptanceRequired|Boolean|Indicates whether the user has to expand the agreement before accepting.|
-|termsExpiration|[termsExpiration](termsexpiration.md)| Expiration schedule and frequency of agreement for all users. |
-|userReacceptRequiredFrequency|Duration|The duration after which the user must re-accept the terms of use. The value is represented in ISO 8601 format for durations.|
+|displayName|String|Display name of the agreement. The display name is used for internal tracking of the agreement but is not shown to end users who view the agreement. Supports `$filter` (`eq`).|
+|id|String| The identifier of the agreement. Read-only. Supports `$filter` (`eq`).|
+|isPerDeviceAcceptanceRequired|Boolean|Indicates whether end users are required to accept this agreement on every device that they access it from. The end user is required to register their device in Azure AD, if they haven't already done so. Supports `$filter` (`eq`).|
+|isViewingBeforeAcceptanceRequired|Boolean|Indicates whether the user has to expand the agreement before accepting. Supports `$filter` (`eq`).|
+|termsExpiration|[termsExpiration](termsexpiration.md)| Expiration schedule and frequency of agreement for all users. Supports `$filter` (`eq`).|
+|userReacceptRequiredFrequency|Duration|The duration after which the user must re-accept the terms of use. The value is represented in ISO 8601 format for durations. Supports `$filter` (`eq`).|
## Relationships
Represents a tenant's customizable terms of use agreement that is created and ma
|:-|:|:| |acceptances|[agreementAcceptance](agreementacceptance.md) collection|Read-only. Information about acceptances of this agreement.| |file|[agreementFile](agreementfile.md) | Default PDF linked to this agreement.|
-|files|[agreementFileLocalization](agreementfilelocalization.md) collection| PDFs linked to this agreement. This property is in the process of being deprecated. Use the **file** property instead.|
+|files|[agreementFileLocalization](agreementfilelocalization.md) collection| PDFs linked to this agreement. This property is in the process of being deprecated. Use the **file** property instead. Supports `$expand`.|
## JSON representation
v1.0 Agreementacceptance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/agreementacceptance.md
Represents the current status of a user's response to a company's customizable t
|expirationDateTime|DateTimeOffset|The expiration date time of the acceptance. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.| |id|String| The identifier of the agreement acceptance. Read-only.| |recordedDateTime|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
-|state|string| The state of the agreement acceptance. Possible values are: `accepted`, `declined`.|
+|state|string| The state of the agreement acceptance. Possible values are: `accepted`, `declined`. Supports `$filter` (`eq`).|
|userDisplayName|String|Display name of the user when the acceptance was recorded.| |userEmail|String|Email of the user when the acceptance was recorded.| |userId|String|The identifier of the user who accepted the agreement.|
v1.0 Agreementfiledata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/agreementfiledata.md
Namespace: microsoft.graph
Represents an Azure Active Directory (Azure AD) terms of use agreement file. ## Properties
-| Method | Return Type | Description |
+| Property | Type | Description |
|:-|:|:| |data|Binary|Data that represents the terms of use PDF document. Read-only.|
v1.0 Alterationresponse https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/alterationresponse.md
+
+ Title: "alterationResponse resource type"
+description: "Provides information related to spelling corrections in the alteration response."
+ms.localizationpriority: medium
+++
+# alterationResponse resource type
+
+Namespace: microsoft.graph
+
+Provides information related to spelling corrections in the alteration response.
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+|originalQueryString|String| Defines the original user query string.|
+|queryAlteration|[searchAlteration](searchalteration.md)| Defines the details of the alteration information for the spelling correction.|
+|queryAlterationType|searchAlterationType| Defines the type of the spelling correction. Possible values are: `suggestion`, `modification`.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+
+ ],
+ "@odata.type": "microsoft.graph.alterationResponse",
+ "baseType": null
+}-->
+
+```json
+{
+ "originalQueryString": "String",
+ "queryAlteration": "String",
+ "queryAlterationType": "String"
+}
+```
v1.0 Alteredquerytoken https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/alteredquerytoken.md
+
+ Title: "alteredQueryToken resource type"
+description: "Represents changed segments related to an original user query."
+ms.localizationpriority: medium
+++
+# alteredQueryToken resource type
+
+Namespace: microsoft.graph
+
+Represents changed segments related to an original user query.
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+|length|Int32| Defines the length of a changed segment.|
+|offset|Int32| Defines the offset of a changed segment.|
+|suggestion|String| Represents the corrected segment string.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+
+ ],
+ "@odata.type": "microsoft.graph.alteredQueryToken",
+ "baseType": null
+}-->
+
+```json
+{
+ "length": "Int32",
+ "offset": "Int32",
+ "suggestion": "String"
+}
+```
v1.0 Application https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/application.md
This resource supports using [delta query](/graph/delta-query-overview) to track
|[Add key](../api/application-addkey.md)|[keyCredential](keycredential.md)|Add a key credential to an application.| |[Remove key](../api/application-removekey.md)|None|Remove a key credential from an application.| |**Extensions**| | |
-| [List extensions](../api/application-list-extensionproperty.md) | [extensionProperty](extensionProperty.md) collection | List extension properties on an application object. |
-| [Create extension](../api/application-post-extensionproperty.md) | [extensionProperty](extensionProperty.md) | Create an extension property on an application object. |
-| [Delete extension](../api/application-delete-extensionproperty.md) | None | Delete an extension property from an application object. |
+| [List extensionProperties](../api/application-list-extensionproperty.md) | [extensionProperty](extensionProperty.md) collection | List extension properties on an application object. |
+| [Create extensionProperties](../api/application-post-extensionproperty.md) | [extensionProperty](extensionProperty.md) | Create an extension property on an application object. |
+| [Get extensionProperty](../api/extensionproperty-delete.md) | None | Get an extension property from an application object. |
+| [Delete extensionProperty](../api/extensionproperty-delete.md) | None | Delete an extension property from an application object. |
|[Get available extension properties](../api/directoryobject-getavailableextensionproperties.md)|[extensionProperty](../resources/extensionproperty.md) collection|Get all or a filtered list of the directory extension properties that have been registered in a directory.| |**Owners**| | | |[List owners](../api/application-list-owners.md) |[directoryObject](directoryobject.md) collection| Get an owner object collection.|
v1.0 Approle https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/approle.md
With [appRoleAssignments](approleassignment.md), app roles can be assigned to us
|allowedMemberTypes|String collection|Specifies whether this app role can be assigned to users and groups (by setting to `["User"]`), to other application's (by setting to `["Application"]`, or both (by setting to `["User", "Application"]`). App roles supporting assignment to other applications' service principals are also known as [application permissions](/graph/auth/auth-concepts#microsoft-graph-permissions). The "Application" value is only supported for app roles defined on **application** entities.| |description|String|The description for the app role. This is displayed when the app role is being assigned and, if the app role functions as an application permission, during consent experiences.| |displayName|String|Display name for the permission that appears in the app role assignment and consent experiences.|
-|id|Guid|Unique role identifier inside the **appRoles** collection. When creating a new app role, a new Guid identifier must be provided. |
+|id|Guid|Unique role identifier inside the **appRoles** collection. When creating a new app role, a new GUID identifier must be provided. |
|isEnabled|Boolean|When creating or updating an app role, this must be set to **true** (which is the default). To delete a role, this must first be set to **false**. At that point, in a subsequent call, this role may be removed.| |origin|String| Specifies if the app role is defined on the [application](application.md) object or on the [servicePrincipal](serviceprincipal.md) entity. Must _not_ be included in any POST or PATCH requests. Read-only. | |value|String|Specifies the value to include in the `roles` claim in ID tokens and access tokens authenticating an assigned user or service principal. Must not exceed 120 characters in length. Allowed characters are `:` `!` `#` `$` `%` `&` `'` `(` `)` `*` `+` `,` `-` `.` `/` `:` `;` <code>&lt;</code> `=` <code>&gt;</code> `?` `@` `[` `]` `^` `+` `_` <code>&#96;</code> `{` <code>&#124;</code> `}` `~`, as well as characters in the ranges `0-9`, `A-Z` and `a-z`. Any other character, including the space character, are not allowed. May not begin with `.`. |
The following is a JSON representation of the resource.
```json {
- "allowedMemberTypes": ["string"],
- "description": "string",
- "displayName": "string",
- "id": "guid",
+ "allowedMemberTypes": ["String"],
+ "description": "String",
+ "displayName": "String",
+ "id": "Guid",
"isEnabled": true,
- "origin": "string",
- "value": "string"
+ "origin": "String",
+ "value": "String"
} ```
v1.0 Approleassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/approleassignment.md
An app role assignment where the assigned principal is a service principal is an
| Property | Type | Description | |:|:--|:-|
-| id | String | A unique identifier for the **appRoleAssignment** Key. Not nullable. Read-only. |
-| createdDateTime | DateTimeOffset | The time when the app role assignment was created.The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only. |
-| principalId | Guid | The unique identifier (**id**) for the [user](user.md), [group](group.md) or [service principal](serviceprincipal.md) being granted the app role. Required on create. |
-| principalType | String | The type of the assigned principal. This can either be `User`, `Group` or `ServicePrincipal`. Read-only. |
+| appRoleId | Guid | The identifier (**id**) for the [app role](approle.md) which is assigned to the principal. This app role must be exposed in the **appRoles** property on the resource application's service principal (**resourceId**). If the resource application has not declared any app roles, a default app role ID of `00000000-0000-0000-0000-000000000000` can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create. |
+| createdDateTime | DateTimeOffset | The time when the app role assignment was created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only. |
+| id | String | A unique identifier for the **appRoleAssignment** key. Not nullable. Read-only. |
| principalDisplayName | String |The display name of the user, group, or service principal that was granted the app role assignment. Read-only. Supports `$filter` (`eq` and `startswith`). |
-| resourceId | Guid |The unique identifier (**id**) for the resource [service principal](serviceprincipal.md) for which the assignment is made. Required on create. Supports `$filter` (`eq` only). |
+| principalId | Guid | The unique identifier (**id**) for the [user](user.md), [group](group.md), or [service principal](serviceprincipal.md) being granted the app role. Required on create. |
+| principalType | String | The type of the assigned principal. This can either be `User`, `Group`, or `ServicePrincipal`. Read-only. |
| resourceDisplayName | String | The display name of the resource app's service principal to which the assignment is made. |
-| appRoleId | Guid | The identifier (**id**) for the [app role](approle.md) which is assigned to the principal. This app role must be exposed in the **appRoles** property on the resource application's service principal (**resourceId**). If the resource application has not declared any app roles, a default app role ID of `00000000-0000-0000-0000-000000000000` can be specified to signal that the principal is assigned to the resource app without any specific app roles. Required on create. |
+| resourceId | Guid |The unique identifier (**id**) for the resource [service principal](serviceprincipal.md) for which the assignment is made. Required on create. Supports `$filter` (`eq` only). |
## JSON representation
-Here is a JSON representation of the resource
+The following is a JSON representation of the resource.
<!-- { "blockType": "resource",
Here is a JSON representation of the resource
```json {
- "id": "string",
+ "appRoleId": "Guid",
"createdDateTime": "String (timestamp)",
- "principalDisplayName": "string",
- "principalId": "guid",
- "principalType": "string",
- "resourceDisplayName": "string",
- "resourceId": "guid",
- "appRoleId": "guid"
+ "id": "String",
+ "principalDisplayName": "String",
+ "principalId": "Guid",
+ "principalType": "String",
+ "resourceDisplayName": "String",
+ "resourceId": "Guid"
} ```
v1.0 Approval https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/approval.md
Title: "approval resource type"
-description: "The approval object associated with a userConsentRequest."
+description: "The approval object associated with a userConsentRequest or an accessPackageAssignmentRequest."
ms.localizationpriority: medium ms.prod: "governance"
Namespace: microsoft.graph
Represents the approval object for decisions associated with a request.
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[Get approval](../api/approval-get.md) | [approval](approval.md) | Retrieve the properties of an **approval** object in entitlement management. |
+|[filterByCurrentUser](../api/approval-filterbycurrentuser.md)| [approval](approval.md) collection| Retrieve the **approval** objects for an approver in entitlement management.|
+ ## Properties |Property|Type|Description| |:|:|:| |id|String|Identifier of the approval decision.|
-|stages|[approvalStage](../resources/approvalstage.md) collection|A collection of stages in the approval decision. |
## Relationships
v1.0 Approvalstage https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/approvalstage.md
Title: "approvalStage resource type"
-description: "The approvalStage object associated with a userConsentRequest."
+description: "The approvalStage object associated with a userConsentRequest or an access package assignment request."
ms.localizationpriority: medium ms.prod: "governance"
doc_type: resourcePageType
Namespace: microsoft.graph
-Specifies decision stages in the approval.
+Specifies a decision stage in an [approval](approval.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List approvalStages](../api/approval-list-stages.md) | [approvalStage](approvalstage.md) collection | List the **approvalStage** objects associated with an **approval** object in entitlement management. |
+|[Get approvalStage](../api/approvalstage-get.md) | [approvalStage](approvalstage.md) | Retrieve the properties of an **approvalStage** object in entitlement management. |
+|[Update approvalStage](../api/approvalstage-update.md) | None | Apply approve or deny decision on an **approvalStage** object in entitlement management. |
## Properties
Specifies decision stages in the approval.
|id|String|The identifier of the stage associated with an approval object. Read-only.| |justification|String|The justification associated with the approval stage decision.| |reviewResult|String|The result of this approval record. Possible values include: `NotReviewed`, `Approved`, `Denied`.|
-|reviewedBy|[userIdentity](useridentity.md) | The identifier of the reviewer. Read-only.|
+|reviewedBy|[identity](identity.md) | The identifier of the reviewer. Read-only.|
|reviewedDateTime|DateTimeOffset|The date and time when a decision was recorded. The date and time information uses ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.| |status|String|The stage status. Possible values: `InProgress`, `Initializing`, `Completed`, `Expired`. Read-only.|
v1.0 Assignedlicense https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/assignedlicense.md
Here is a JSON representation of the resource
```json {
- "disabledPlans": ["guid"],
- "skuId": "guid"
+ "disabledPlans": ["Guid"],
+ "skuId": "Guid"
} ```
v1.0 Assignedplan https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/assignedplan.md
The **assignedPlans** property of both the [user](user.md) entity and the [organ
|:|:--|:-| |assignedDateTime|DateTimeOffset|The date and time at which the plan was assigned. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.| |capabilityStatus|String|Condition of the capability assignment. The possible values are `Enabled`, `Warning`, `Suspended`, `Deleted`, `LockedOut`. See [a detailed description](#capabilitystatus-values) of each value.|
-|service|String|The name of the service; for example, ΓÇ£ExchangeΓÇ¥.|
-|servicePlanId|Guid|A GUID that identifies the service plan.|
+|service|String|The name of the service; for example, `exchange`.|
+|servicePlanId|Guid|A GUID that identifies the service plan. For a complete list of GUIDs and their equivalent friendly service names, see [Product names and service plan identifiers for licensing](/azure/active-directory/enterprise-users/licensing-service-plan-reference).|
### capabilityStatus values
Here is a JSON representation of the resource
```json { "assignedDateTime": "String (timestamp)",
- "capabilityStatus": "string",
- "service": "string",
- "servicePlanId": "guid"
+ "capabilityStatus": "String",
+ "service": "String",
+ "servicePlanId": "Guid"
} ```
v1.0 Bookingappointment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/bookingappointment.md
Represents a customer appointment for a [bookingService](bookingservice.md), per
|id|String| The ID of the **bookingAppointment**. Read-only.| |isLocationOnline|Boolean|If `true`, indicates that the appointment will be held online. Default value is `false`.| |joinWebUrl|String|The URL of the online meeting for the appointment.|
-|maximumAttendeesCount|Int32|The maximum number of customers allowed in an appointment.|
+|maximumAttendeesCount|Int32|The maximum number of customers allowed in an appointment. If **maximumAttendeesCount** of the service is greater than 1, pass valid customer IDs while creating or updating an appointment. To create a customer, use the [Create bookingCustomer](../api/bookingbusiness-post-customers.md) operation. |
|optOutOfCustomerEmail|Boolean|If `true` indicates that the [bookingCustomer](bookingcustomer.md) for this appointment does not wish to receive a confirmation for this appointment.| |postBuffer|Duration|The amount of time to reserve after the appointment ends, for cleaning up, as an example. The value is expressed in [ISO8601](https://www.iso.org/iso-8601-date-and-time-format.html) format. | |preBuffer|Duration|The amount of time to reserve before the appointment begins, for preparation, as an example. The value is expressed in [ISO8601](https://www.iso.org/iso-8601-date-and-time-format.html) format.|
v1.0 Bookingservice https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/bookingservice.md
Represents information about a particular service provided by a [bookingBusiness
|id|String|The ID of that service, in a GUID format. Read-only.| |isHiddenFromCustomers|Boolean|True means this service is not available to customers for booking.| |isLocationOnline|Boolean|True indicates that the appointments for the service will be held online. Default value is false.|
-|maximumAttendeesCount|Int32|The maximum number of customers allowed in a service. |
+|maximumAttendeesCount|Int32|The maximum number of customers allowed in a service. If **maximumAttendeesCount** of the service is greater than 1, pass valid customer IDs while creating or updating an appointment. To create a customer, use the [Create bookingCustomer](../api/bookingbusiness-post-customers.md) operation. |
|notes|String|Additional information about this service.| |postBuffer|Duration|The time to buffer after an appointment for this service ends, and before the next customer appointment can be booked.| |preBuffer|Duration|The time to buffer before an appointment for this service can start.|
Represents information about a particular service provided by a [bookingBusiness
|webUrl|String|The URL a customer uses to access the service.| ## Relationships
-None
+None.
## JSON representation
v1.0 Changenotification https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/changenotification.md
ms.prod: "change-notifications"
Namespace: microsoft.graph
-Represents the notification sent to the subscriber.
+Represents the notification sent to the subscriber. All the properties of this resource are read-only.
For details, see [Use the Microsoft Graph API to get change notifications](webhooks.md).
None.
| clientState | string | Value of the **clientState** property sent in the subscription request (if any). The maximum length is 255 characters. The client can check whether the change notification came from the service by comparing the values of the **clientState** property. The value of the **clientState** property sent with the subscription is compared with the value of the **clientState** property received with each change notification. Optional. | | encryptedContent | [changeNotificationEncryptedContent](changenotificationencryptedcontent.md) | (Preview) Encrypted content attached with the change notification. Only provided if **encryptionCertificate** and **includeResourceData** were defined during the subscription request and if the resource supports it. Optional. | | id | string | Unique ID for the notification. Optional. |
-| lifecycleEvent | lifecycleEventType| The type of lifecycle notification if the current notification is a lifecycle notification. Optional. Supported values are `missed`, `subscriptionRemoved`, `reauthorizationRequired`. |
-| resource | string | The URI of the resource that emitted the change notification relative to `https://graph.microsoft.com`. Required. |
-| resourceData | [resourceData](resourcedata.md) | The content of this property depends on the type of resource being subscribed to. Required. |
+| lifecycleEvent | lifecycleEventType| The type of lifecycle notification if the current notification is a lifecycle notification. Optional. Supported values are `missed`, `subscriptionRemoved`, `reauthorizationRequired`. Optional.|
+| resource | String | The URI of the resource that emitted the change notification relative to `https://graph.microsoft.com`. Required. |
+| resourceData | [resourceData](resourcedata.md) | The content of this property depends on the type of resource being subscribed to. Optional. |
| subscriptionExpirationDateTime | DateTimeOffset | The expiration time for the subscription. Required. |
-| subscriptionId | GUID | The unique identifier of the subscription that generated the notification. |
-| tenantId | GUID | The unique identifier of the tenant from which the change notification originated. |
+| subscriptionId | Guid | The unique identifier of the subscription that generated the notification.Required. |
+| tenantId | Guid | The unique identifier of the tenant from which the change notification originated. Required. |
## Relationships None. ## JSON representation- The following is a JSON representation of the resource.- <!-- { "blockType": "resource",
- "optionalProperties": [
-
- ],
"@odata.type": "microsoft.graph.changeNotification"
-}-->
-
-```json
+}
+-->
+``` json
{
- "subscriptionId": "76222963-cc7b-42d2-882d-8aaa69cb2ba3",
- "changeType": "created",
- "clientState": "client state provided when creating subscription",
- "id": "15ee1d1f-af7b-42d9-885b-9d00db065dd9",
- "tenantId": "2c937fad-a8a7-496c-b0e4-bf77dcc7eb2a",
- "subscriptionExpirationDateTime": "2020-04-12T23:20:50.52Z",
- "resource": "teams('d29828b8-c04d-4e2a-b2f6-07da6982f0f0')/channels('19:f127a8c55ad949d1a238464d22f0f99e@thread.skype')/messages('1565045424600')/replies('1565047490246')",
+ "@odata.type": "#microsoft.graph.changeNotification",
+ "id": "String (identifier)",
+ "subscriptionId": "Guid",
+ "subscriptionExpirationDateTime": "String (timestamp)",
+ "clientState": "String",
+ "changeType": "String",
+ "resource": "String",
+ "tenantId": "Guid",
+ "encryptedContent": {
+ "@odata.type": "microsoft.graph.changeNotificationEncryptedContent"
+ },
+ "lifecycleEvent": "String",
"resourceData": {
- "id": "1565293727947",
- "@odata.type": "#Microsoft.Graph.ChatMessage",
- "@odata.id": "teams('88cbc8fc-164b-44f0-b6a6-b59b4a1559d3')/channels('19:8d9da062ec7647d4bb1976126e788b47@thread.tacv2')/messages('1565293727947')/replies('1565293727947')"
+ "@odata.type": "microsoft.graph.resourceData"
} } ```
v1.0 Changenotificationcollection https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/changenotificationcollection.md
The following is a JSON representation of the resource.
], "@odata.type": "microsoft.graph.changeNotificationCollection" }-->-
-```json
+``` json
{
- "value": [],
+ "@odata.type": "#microsoft.graph.changeNotificationCollection",
"validationTokens": [
- "eyJ0eXAiOiJKV1QiLCJhbGciOiJSU..."
+ "String"
+ ],
+ "value": [
+ {
+ "@odata.type": "microsoft.graph.changeNotification"
+ }
] } ```
v1.0 Changenotificationencryptedcontent https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/changenotificationencryptedcontent.md
description: "A changeNotificationEncryptedContent object represents the encrypt
ms.localizationpriority: medium doc_type: resourcePageType # changeNotificationEncryptedContent resource type
The following is a JSON representation of the resource.
"@odata.type": "microsoft.graph.changeNotificationEncryptedContent" }-->
-```json
+``` json
{
- "data": "{encrypted data that produces a full resource}",
- "dataSignature": "<HMAC-SHA256 hash>",
- "dataKey": "{encrypted symmetric key from Microsoft Graph}",
- "encryptionCertificateId": "MySelfSignedCert/DDC9651A-D7BC-4D74-86BC-A8923584B0AB",
- "encryptionCertificateThumbprint": "07293748CC064953A3052FB978C735FB89E61C3D"
+ "@odata.type": "#microsoft.graph.changeNotificationEncryptedContent",
+ "data": "String",
+ "dataSignature": "String",
+ "dataKey": "String",
+ "encryptionCertificateId": "String",
+ "encryptionCertificateThumbprint": "String"
} ```
v1.0 Chat https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/chat.md
not all scenarios are possible. It is possible to get chat IDs with delegated pe
| createdDateTime| dateTimeOffset| Date and time at which the chat was created. Read-only.| | id| String| The chat's unique identifier. Read-only.| | lastUpdatedDateTime| dateTimeOffset| Date and time at which the chat was renamed or list of members were last changed. Read-only.|
+| onlineMeetingInfo | [teamworkOnlineMeetingInfo](../resources/teamworkonlinemeetinginfo.md) | Represents details about an online meeting. If the chat isn't associated with an online meeting, the property is empty. Read-only.|
+| tenantId| String | The identifier of the tenant in which the chat was created. Read-only.|
| topic| String| (Optional) Subject or topic for the chat. Only available for group chats.| | webUrl | String| The URL for the chat in Microsoft Teams. The URL should be treated as an opaque blob, and not parsed. Read-only. |
-| tenantId| String | The identifier of the tenant in which the chat was created. Read-only.|
-| onlineMeetingInfo | [teamworkOnlineMeetingInfo](../resources/teamworkonlinemeetinginfo.md) | Represents details about an online meeting. If the chat isn't associated with an online meeting, the property is empty. Read-only.|
### chatType values
not all scenarios are possible. It is possible to get chat IDs with delegated pe
| installedApps | [teamsAppInstallation](teamsappinstallation.md) collection | A collection of all the apps in the chat. Nullable. | | members | [conversationMember](conversationmember.md) collection | A collection of all the members in the chat. Nullable. | | messages | [chatMessage](chatmessage.md) collection | A collection of all the messages in the chat. Nullable. |
+| tabs | [teamsTab](teamstab.md) collection | A collection of all the tabs in the chat. Nullable. |
## JSON representation
v1.0 Claimsmappingpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/claimsmappingpolicy.md
Represents the claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Co
- Create claim types that do not already exist - Choose or change the source of data emitted in specific claims
+The number of claims and transformations that can be added to a claims-mapping policy are limited to reduce token size. Any claims schema entries or transformations that are encountered after the limit has been reached are ignored and included in the issued token. For more information about the limits, see [Properties of a claims-mapping policy definition](#properties-of-a-claims-mapping-policy-definition)
+ For more scenario and configuration details see [How to: Customize claims emitted in tokens for a specific app in a tenant](/azure/active-directory/develop/active-directory-claims-mapping#claims-mapping-policy-properties). Inherits from [stsPolicy](stsPolicy.md).
The properties below form the JSON object that represents a claims-mapping polic
|:|:--|:-| |Version|Integer|Set value of 1. Required.| |IncludeBasicClaimSet|Boolean|If set to `true`, all claims in the basic claim set are emitted in tokens affected by the policy. If set to `false`, claims in the basic claim set are not in the tokens, unless they are individually added in the ClaimsSchema property of the same policy.|
-|ClaimsSchema|JSON object|Defines which claims are present in the tokens affected by the policy, in addition to the basic claim set and the core claim set. For each claim schema entry defined in this property, certain information is required. Specify where the data is coming from (Value or Source/ID pair), and which claim the data is emitted as (Claim Type). For more information, see [ClaimsSchema definition](/azure/active-directory/develop/active-directory-claims-mapping#claims-schema).|
-|ClaimsTransformation|JSON object| Defines common transformations that can be applied to source data, to generate the output data for claims specified in the ClaimsSchema. For more information, see [ClaimsTransformation definition](/azure/active-directory/develop/active-directory-claims-mapping#claims-transformation).|
+|ClaimsSchema|JSON object|Defines which claims are present in the tokens affected by the policy, in addition to the basic claim set and the core claim set. For each claim schema entry defined in this property, certain information is required. Specify where the data is coming from (Value or Source/ID pair), and which claim the data is emitted as (Claim Type). A maximum of 50 claims are included in the token through the ClaimsSchema object. Any claims schema entries that are encountered after the limit has been reached will be ignored and will not appear in the issued token. Further details are available in the [ClaimsSchema definition](/azure/active-directory/develop/active-directory-claims-mapping#claims-schema).|
+|ClaimsTransformation|JSON object| Defines common transformations that can be applied to source data, to generate the output data for claims specified in the ClaimsSchema. A maximum of 50 transformations are included in the token through the ClaimsTransformation object. Any transformations that are encountered after the limit has been reached will be ignored and will not appear in the issued token. For more information about ClaimsTransformation and the supported functions, see [Claims transformation](/azure/active-directory/develop/active-directory-claims-mapping#claims-transformation).|
## Relationships
v1.0 Delegatedpermissionclassification https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/delegatedpermissionclassification.md
Delegated permission classifications can be used in combination with user consen
|:|:--|:-| | id | String | A unique identifier for the **delegatedPermissionClassification** Key. Not nullable. Read-only. | | classification | permissionClassificationType | The classification value being given. Possible value: `low`. Does not support `$filter`. |
-| permissionId | Guid | The unique identifier (**id**) for the delegated permission listed in the **oauth2PermissionScopes** collection of the [servicePrincipal](servicePrincipal.md). Required on create. Does not support `$filter`. |
+| permissionId | String | The unique identifier (**id**) for the delegated permission listed in the **oauth2PermissionScopes** collection of the [servicePrincipal](servicePrincipal.md). Required on create. Does not support `$filter`. |
| permissionName | String | The claim value (**value**) for the delegated permission listed in the **oauth2PermissionScopes** collection of the [servicePrincipal](servicePrincipal.md). Does not support `$filter`. | ## JSON representation
The following is a JSON representation of the resource.
```json {
- "id": "string (identifier)",
+ "id": "String (identifier)",
"classification": "low",
- "permissionId": "string",
- "permissionName": "string"
+ "permissionId": "String",
+ "permissionName": "String"
} ```
v1.0 Directoryaudit https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/directoryaudit.md
Represents the directory audit items and its collection.
| activityDisplayName | String | Indicates the activity name or the operation name (examples: "Create User" and "Add member to group"). For full list, see [Azure AD activity list](/azure/active-directory/active-directory-reporting-activity-audit-logs#azure-ad-audit-activity-list). | | additionalDetails | [keyValue](keyvalue.md) collection | Indicates additional details on the activity. | | category | String | Indicates which resource category that's targeted by the activity. (For example: User Management, Group Management etc..) |
-| correlationId | GUID | Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs across services. |
+| correlationId | Guid | Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs across services. |
| id | String | Indicates the unique ID for the activity. This is a GUID. | | initiatedBy | [auditActivityInitiator](auditactivityinitiator.md) | Indicates information about the user or app initiated the activity. | | loggedByService | String | Indicates information on which service initiated the activity (For example: `Self-service Password Management`, `Core Directory`, `B2C`, `Invited Users`, `Microsoft Identity Manager`, `Privileged Identity Management`. |
Here is a JSON representation of the resource.
"id": "String (identifier)", "initiatedBy": {"@odata.type": "microsoft.graph.auditActivityInitiator"}, "loggedByService": "String",
- "result": "string",
+ "result": "String",
"resultReason": "String", "targetResources": [{"@odata.type": "microsoft.graph.targetResource"}] }
v1.0 Directoryobject https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/directoryobject.md
Namespace: microsoft.graph
Represents an Azure Active Directory object. The **directoryObject** type is the base type for many other directory entity types.
+Inherits from [entity](entity.md).
+ ## Methods | Method | Return Type |Description|
Represents an Azure Active Directory object. The **directoryObject** type is the
| Property | Type |Description| |:|:--|:-|
-|id|String|The unique identifier for the object. For example, 12345678-9abc-def0-1234-56789abcde. The value of the **id** property is often but not exclusively in the form of a GUID; treat it as an opaque identifier and do not rely on it being a GUID. Key. Not nullable. Read-only.|
+|deletedDateTime|DateTimeOffset|Date and time when this object was deleted. Always `null` when the object hasn't been deleted. |
+|id|String|The unique identifier for the object. For example, `12345678-9abc-def0-1234-56789abcde`. The value of the **id** property is often but not exclusively in the form of a GUID; treat it as an opaque identifier and do not rely on it being a GUID. Key. Not nullable. Read-only. Inherited from [entity](entity.md).|
+ ## Relationships
v1.0 Directoryobjectpartnerreference https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/directoryobjectpartnerreference.md
The following is a JSON representation of the resource.
```json {
- "description": "string ",
- "displayName": "string",
- "externalPartnerTenantId": "string (identifier)",
- "id": "string (identifier)",
- "objectType": "string"
+ "description": "String ",
+ "displayName": "String",
+ "externalPartnerTenantId": "String (identifier)",
+ "id": "String (identifier)",
+ "objectType": "String"
} ```
v1.0 Entitlementmanagement Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/entitlementmanagement-overview.md
The following table lists the methods that you can use to interact with entitlem
|[Add externalSponsors](../api/connectedorganization-post-externalsponsors.md) | None | Add a user or group to a **connectedOrganization's** external sponsors. | |[Remove internalSponsors](../api/connectedorganization-delete-internalsponsors.md) | None | Remove a user or group from a **connectedOrganization's** internal sponsors. | |[Remove externalSponsors](../api/connectedorganization-delete-externalsponsors.md) | None | Remove a user or group from a **connectedOrganization's** external sponsors. |
+|[Get approval](../api/approval-get.md) | [approval](approval.md) | Retrieve the properties of an **approval** object. |
+|[filterByCurrentUser](../api/approval-filterbycurrentuser.md)| [approval](approval.md) collection| Retrieve the **approval** objects for an approver.|
+|[List approvalStages](../api/approval-list-stages.md) | [approvalStage](approvalstage.md) collection | List the **approvalStage** objects associated with an **approval** object. |
+|[Get approvalStage](../api/approvalstage-get.md) | [approvalStage](approvalstage.md) | Retrieve the properties of an **approvalStage** object. |
+|[Update approvalStage](../api/approvalstage-update.md) | None | Apply approve or deny decision on an **approvalStage** object. |
## See also
v1.0 Entitlementmanagement https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/entitlementmanagement.md
None.
## Relationships |Relationship|Type|Description| |:|:|:|
+|accessPackageAssignmentApprovals|[approval](../resources/approval.md) collection | Approval stages for assignment requests.|
|accessPackages|[accessPackage](../resources/accesspackage.md) collection|Represents access package objects.| |assignmentRequests|[accessPackageAssignmentRequest](../resources/accesspackageassignmentrequest.md) collection|Represents access package assignment requests created by or on behalf of a user.| |assignments|[accessPackageAssignment](../resources/accesspackageassignment.md) collection| Represents the grant of an access package to a subject (user or group).|
v1.0 Enums https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/enums.md
doc_type: enumPageType
Namespace: microsoft.graph
+### approvalFilterByCurrentUserOptions values
+
+|Member|
+|:|
+|target|
+|createdBy|
+|approver|
+|unknownFutureValue|
+ ### accessPackageAssignmentFilterByCurrentUserOptions values |Member|
Possible values for user account types (group membership), per Windows definitio
|strategic| |unknownFutureValue|
+### searchAlterationType values
+
+| Member |
+|:|
+|modification|
+|suggestion|
+ ### serviceHealthClassificationType values |Member|
Possible values for user account types (group membership), per Windows definitio
|callUs| |notSet| |unknownFutureValue|+
+### accessReviewHistoryStatus values
+
+| Member|
+|:--|
+|done|
+|inprogress|
+|error|
+|requested|
+|unknownFutureValue|
+
+### accessReviewHistoryDecisionFilter values
+
+| Member|
+|:--|
+|approve|
+|deny|
+|notReviewed|
+|dontKnow|
+|notNotified|
+|unknownFutureValue|
v1.0 Extensionproperty https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/extensionproperty.md
Extensions can be added to [user](user.md), [group](group.md), [organization](or
> It allows you to use Microsoft Graph to continue to manage extension properties added through Azure AD Graph (deprecated) or [Azure AD Connect](/azure/active-directory/hybrid/whatis-azure-ad-connect). > For new custom extensions, we recommend that you use Microsoft Graph schema extensions for [adding custom data to resources](/graph/extensibility-overview).
+Inherits from [directoryObject](directoryobject.md).
+ ## Methods | Method | Return Type | Description | |:-|:|:|
-| [Create extension](../api/application-post-extensionproperty.md) | [extensionProperty](extensionProperty.md) | Create an extension property on an application object. |
-| [List extensions](../api/application-list-extensionproperty.md) | [extensionProperty](extensionProperty.md) collection | List extension properties on an application object. |
-| [Delete extension](../api/application-delete-extensionproperty.md) | None | Delete an extension property from an application object. |
+| [Create extensionProperties](../api/application-post-extensionproperty.md) | [extensionProperty](extensionProperty.md) | Create an extension property on an application object. |
+| [List extensionProperties](../api/application-list-extensionproperty.md) | [extensionProperty](extensionProperty.md) collection | List extension properties on an application object. |
+| [Get extensionProperty](../api/extensionproperty-get.md) | [extensionProperty](extensionProperty.md) collection | List extension properties on an application object. |
+| [Delete extensionProperty](../api/extensionproperty-delete.md) | None | Delete an extension property from an application object. |
+
+> [!TIP]
+> 1. To set a value for the extension property to an instance of a resource that is specified in **targetObjects**, use the Update operation of the resource. For example, the [Update user](../api/user-update.md) API to set the value for a user.
+> 2. To remove the extension property and its value from an instance of a resource that is specified in **targetObjects**, set the value of the extension property to `null`.
## Properties
Extensions can be added to [user](user.md), [group](group.md), [organization](or
|:-|:|:| |appDisplayName|String| Display name of the application object on which this extension property is defined. Read-only. | |dataType|String| Specifies the data type of the value the extension property can hold. Following values are supported. Not nullable. <ul><li>`Binary` - 256 bytes maximum</li><li>`Boolean`</li><li>`DateTime` - Must be specified in ISO 8601 format. Will be stored in UTC.</li><li>`Integer` - 32-bit value.</li><li>`LargeInteger` - 64-bit value.</li><li>`String` - 256 characters maximum</li></ul>|
+|deletedDateTime|DateTimeOffset|Date and time when this object was deleted. Always `null` when the object hasn't been deleted. Inherited from [directoryObject](directoryobject.md).|
|isSyncedFromOnPremises|Boolean| Indicates if this extension property was synced from on-premises active directory using Azure AD Connect. Read-only. | |name|String| Name of the extension property. Not nullable. | |targetObjects|String collection| Following values are supported. Not nullable. <ul><li>`User`</li><li>`Group`</li><li>`Organization`</li><li>`Device`</li><li>`Application`</li></ul>|
The following is a JSON representation of the resource.
<!-- { "blockType": "resource",
- "optionalProperties": [
-
- ],
+ "keyProperty": "id",
"@odata.type": "microsoft.graph.extensionProperty",
- "keyProperty": "id"
-}-->
-
-```json
+ "baseType": "microsoft.graph.directoryObject",
+ "openType": true
+}
+-->
+``` json
{
+ "@odata.type": "#microsoft.graph.extensionProperty",
+ "id": "String (identifier)",
+ "deletedDateTime": "String (timestamp)",
"appDisplayName": "String",
- "dataType": "String",
- "isSyncedFromOnPremises": true,
"name": "String",
- "targetObjects": ["String"]
+ "dataType": "String",
+ "isSyncedFromOnPremises": "Boolean",
+ "targetObjects": [
+ "String"
+ ]
} ```
v1.0 Group https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/group.md
This resource supports:
| [delta](../api/group-delta.md) | group collection | Get incremental changes for groups. | | [Add members](../api/group-post-members.md) | None | Add a user or group to this group by posting to the **members** navigation property (supported for security groups and Microsoft 365 groups only). | | [Add owners](../api/group-post-owners.md) | None | Add a new owner for the group by posting to the **owners** navigation property (supported for security groups and Microsoft 365 groups only). |
-| [Create setting](../api/groupsetting-post-groupsettings.md) | [groupSetting](groupsetting.md) | Create a setting object based on a groupSettingTemplate. The POST request must provide settingValues for all the settings defined in the template. Only groups specific templates may be used for this operation. |
+| [Create setting](../api/group-post-settings.md) | [groupSetting](groupsetting.md) | Create a setting object based on a groupSettingTemplate. The POST request must provide settingValues for all the settings defined in the template. Only groups specific templates may be used for this operation. |
| [Delete setting](../api/groupsetting-delete.md) | None | Delete a setting object. | | [Get setting](../api/groupsetting-get.md) | [groupSetting](groupsetting.md) | Read properties of a specific setting object. | | [List groupLifecyclePolicies](../api/group-list-grouplifecyclepolicies.md) | [groupLifecyclePolicy](grouplifecyclepolicy.md) collection | List group lifecycle policies. | | [List members](../api/group-list-members.md) | [directoryObject](directoryobject.md) collection | Get the direct members of this group from the **members** navigation property. | | [List owners](../api/group-list-owners.md) | [directoryObject](directoryobject.md) collection | Get the owners of the group from the **owners** navigation property. |
-| [List settings](../api/groupsetting-list.md) | [groupSetting](groupsetting.md) collection | List properties of all setting objects. |
+| [List settings](../api/group-list-settings.md) | [groupSetting](groupsetting.md) collection | List properties of all setting objects. |
| [List transitive members](../api/group-list-transitivemembers.md) | [directoryObject](directoryobject.md) collection | Get the users, groups and devices that are members, including nested members of this group. | | [List transitive memberOf](../api/group-list-transitivememberof.md) | [directoryObject](directoryobject.md) collection | List the groups that this group is a member of. This operation is transitive and includes the groups that this group is a nested member of. | | [Remove member](../api/group-delete-members.md) | None | Remove a member from a Microsoft 365 group or a security group through the **members** navigation property.|
This resource supports:
| [List rejectedSenders](../api/group-list-rejectedsenders.md) | [directoryObject](directoryobject.md) collection | Get a list of users or groups that are in the rejected-senders list for this group. | | [Add rejectedSender](../api/group-post-rejectedsenders.md) | [directoryObject](directoryobject.md) | Add a new User or Group to the rejectedSenders collection. | | [Remove rejectedSender](../api/group-delete-rejectedsenders.md) | [directoryObject](directoryobject.md) | Remove new User or Group from the rejectedSenders collection. |
-| [Create setting](../api/groupsetting-post-groupsettings.md) | [groupSetting](groupsetting.md) | Create a setting object based on a groupSettingTemplate. The POST request must provide settingValues for all the settings defined in the template. Only groups specific templates may be used for this operation. |
+| [Create setting](../api/group-post-settings.md) | [groupSetting](groupsetting.md) | Create a setting object based on a groupSettingTemplate. The POST request must provide settingValues for all the settings defined in the template. Only groups specific templates may be used for this operation. |
| **Directory objects** ||| | [List deleted groups](../api/directory-deleteditems-list.md) | [directoryObject](directoryobject.md) collection | Retrieve the groups deleted in the tenant in the last 30 days. | | [List deleted groups owned by user](../api/directory-deleteditems-user-owned.md) | [directoryObject](directoryobject.md) collection | Retrieve the groups deleted in the tenant in the last 30 days and that are owned by a user. |
This resource supports:
| [getMemberObjects](../api/directoryobject-getmemberobjects.md) | String collection | Return all of the groups and administrative units that the group is a member of. The function is transitive. | | **Group settings** ||| | [Get setting](../api/groupsetting-get.md) | [groupSetting](groupsetting.md) | Read properties of a specific setting object. |
-| [List settings](../api/groupsetting-list.md) | [groupSetting](groupsetting.md) collection | List properties of all setting objects. |
+| [List settings](../api/group-list-settings.md) | [groupSetting](groupsetting.md) collection | List properties of all setting objects. |
| [Update setting](../api/groupsetting-update.md) | None | Update a setting object. | | [Delete setting](../api/groupsetting-delete.md) | None | Delete a setting object. | | [Get setting template](../api/groupsettingtemplate-get.md) | None | Read properties of a setting template. |
This resource supports:
|photos|[profilePhoto](profilephoto.md) collection| The profile photos owned by the group. Read-only. Nullable.| |planner|[plannerGroup](plannergroup.md)| Entry-point to Planner resource that might exist for a Unified Group.| |rejectedSenders|[directoryObject](directoryobject.md) collection|The list of users or groups that are not allowed to create posts or calendar events in this group. Nullable|
-|settings|[groupSetting](groupsetting.md) collection| Read-only. Nullable.|
+|settings|[groupSetting](groupsetting.md) collection| Settings that can govern this group's behavior, like whether members can invite guest users to the group. Nullable.|
|sites|[site](site.md) collection|The list of SharePoint sites in this group. Access the default site with /sites/root.| |threads|[conversationThread](conversationthread.md) collection| The group's conversation threads. Nullable.|
v1.0 Grouplifecyclepolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/grouplifecyclepolicy.md
Here is a JSON representation of the resource.
{ "alternateNotificationEmails": "String", "groupLifetimeInDays": 180,
- "id": "Guid (identifier)",
+ "id": "String (identifier)",
"managedGroupTypes": "String" }
v1.0 Groupsetting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/groupsetting.md
Title: "groupSetting resource type"
-description: "Group settings control behaviors such as blocked word lists for group display names or whether guest users are allowed to be group owners."
+description: "Group settings define the configurations that can be used to customize the tenant-wide and object-specific restrictions and allowed behavior. For examples, you can block word lists for group display names or define whether guest users are allowed to be group owners."
ms.localizationpriority: medium ms.prod: "groups"
doc_type: resourcePageType
Namespace: microsoft.graph
-Group settings control behaviors such as blocked word lists for group display names or whether guest users are allowed to be group owners.
+Group settings define the configurations that can be used to customize the tenant-wide and object-specific restrictions and allowed behavior. For examples, you can block word lists for group display names or define whether guest users are allowed to be group owners.
-Group settings can be created based on the available [groupSettingTemplates](groupsettingtemplate.md), and changed from their preset defaults. These settings govern group behaviors at a tenant-wide level or to a specific group. When the same setting is defined at both the tenant-wide and to a specific group, the group-level setting overrides the tenant-wide setting. For example, the tenant-wide setting may allow guests to be invited by existing members of groups, but an individual group setting can override and not allow guests to be invited by members of the group. Group settings only govern Microsoft 365 groups behavior.
+By default, all groups inherit the preset defaults. To change the default settings, you must create a new settings object using the [groupSettingTemplates](groupsettingtemplate.md). When the same setting is defined at both the tenant-wide and to a specific group, the group-level setting overrides the tenant-wide setting. For example, the tenant-wide setting may allow guests to be invited by existing members of groups, but an individual group setting can override and not allow guests to be invited by members of the group.
+
+Group settings apply to only Microsoft 365 groups.
+
+> [!TIP]
+> The `/beta` version of this resource is named [directorySetting](/graph/api/resources/directorysetting?view=graph-rest-beta&preserve-view=true).
## Methods | Method | Return Type | Description | |:|:--|:-|
-|[Create setting](../api/groupsetting-post-groupsettings.md) | [groupSetting](groupsetting.md) |Create a setting object based on a groupSettingTemplate. The POST request must provide settingValues for all the settings defined in the template. |
+|[Create setting](../api/group-post-settings.md) | [groupSetting](groupsetting.md) |Create a setting object based on a **groupSettingTemplate**.|
|[Get setting](../api/groupsetting-get.md) | [groupSetting](groupsetting.md) | Read properties of a specific setting object. |
-|[List settings](../api/groupsetting-list.md) | [groupSetting](groupsetting.md) collection | List properties of all setting objects. |
+|[List settings](../api/group-list-settings.md) | [groupSetting](groupsetting.md) collection | List properties of all setting objects. |
|[Update setting](../api/groupsetting-update.md) | [groupSetting](groupsetting.md) | Update groupsetting object. | |[Delete setting](../api/groupsetting-delete.md) | None | Delete a setting object. |
Group settings can be created based on the available [groupSettingTemplates](gro
|:|:--|:-| |displayName|String| Display name of this group of settings, which comes from the associated template. | |id|String| Unique identifier for these settings. Read-only. |
-|templateId|String| Unique identifier for the template used to create this group of settings. Read-only. |
-|values|[settingValue](settingvalue.md) collection| Collection of name value pairs. Must contain and set all the settings defined in the template. |
+|templateId|String| Unique identifier for the tenant-level [groupSettingTemplates](groupsettingtemplate.md) object that's been customized for this group-level settings object. Read-only. |
+|values|[settingValue](settingvalue.md) collection| Collection of name-value pairs corresponding to the **name** and **defaultValue** properties in the referenced [groupSettingTemplates](groupsettingtemplate.md) object. |
## Relationships
v1.0 Groupsettingtemplate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/groupsettingtemplate.md
doc_type: resourcePageType
Namespace: microsoft.graph
-Group setting templates represent system-defined settings available to the tenant. [Group settings](groupsetting.md) can be created based on the available **groupSettingTemplates**, and values changed from their preset defaults. Group setting templates cannot be created, updated or deleted. These settings can represent tenant-wide settings, or can represent specific group settings. Currently, the only templates available apply to Microsoft 365 groups, and include settings such as whether users can create groups or invite guests from outside the organization to become members of a group.
+Group setting templates represent system-defined settings available to the tenant. [Group settings](groupsetting.md) can be created based on the available **groupSettingTemplates**, and values changed from their preset defaults. Group setting templates cannot be created, updated or deleted. These settings can represent tenant-wide settings, or can represent specific group settings. Currently, the only templates available for groups apply to Microsoft 365 groups, and include settings such as whether users can create groups or invite guests from outside the organization to become members of a group.
+
+For more information about the available Microsoft 365 group settings, see [Template settings](/azure/active-directory/enterprise-users/groups-settings-cmdlets).
+
+> [!TIP]
+> The `/beta` version of this resource is named [directorySettingTemplate](/graph/api/resources/directorysettingtemplate?view=graph-rest-beta&preserve-view=true).
## Methods
Group setting templates represent system-defined settings available to the tenan
| Property | Type | Description | |:|:--|:-| |description|String| Description of the template. |
-|displayName|String| Display name of the template. |
+|displayName|String| Display name of the template. The template named `Group.Unified` can be used to configure tenant-wide Microsoft 365 group settings, while the template named `Group.Unified.Guest` can be used to configure group-specific settings.|
|id|String| Unique identifier for the template. Read-only.| |values|[settingTemplateValue](settingtemplatevalue.md) collection| Collection of settingTemplateValues that list the set of available settings, defaults and types that make up this template. |
v1.0 List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/list.md
Previously updated : 09/11/2017 Title: List
+ Title: List resource
ms.localizationpriority: high ms.prod: "sharepoint" description: "The list resource represents a list in a site."
All examples below are relative to a site, for example, `https://graph.microsoft
[Create list item]: ../api/listitem-create.md [Get WebSocket channel]: ../api/subscriptions-socketio.md
-## JSON representation
-
-Here is a JSON representation of a **list** resource.
-
-<!--{
- "blockType": "resource",
- "optionalProperties": [
- "items",
- "drive"
- ],
- "keyProperty": "id",
- "baseType": "microsoft.graph.baseItem",
- "@odata.type": "microsoft.graph.list"
-}-->
-
-```json
-{
- "columns": [ { "@odata.type": "microsoft.graph.columnDefinition" }],
- "contentTypes": [ { "@odata.type": "microsoft.graph.contentType" }],
- "displayName": "title of list",
- "drive": { "@odata.type": "microsoft.graph.drive" },
- "items": [ { "@odata.type": "microsoft.graph.listItem" } ],
- "list": {
- "@odata.type": "microsoft.graph.listInfo",
- "hidden": false,
- "template": "documentLibrary | genericList | survey | links | announcements | contacts | accessRequest ..."
- },
- "system": false,
- "subscriptions": [ {"@odata.type": "microsoft.graph.subscription"} ],
-
- /* inherited from baseItem */
- "id": "string",
- "name": "name of list",
- "createdBy": { "@odata.type": "microsoft.graph.identitySet" },
- "createdDateTime": "timestamp",
- "description": "description of list",
- "eTag": "string",
- "lastModifiedBy": { "@odata.type": "microsoft.graph.identitySet" },
- "lastModifiedDateTime": "timestamp",
- "parentReference": { "@odata.type": "microsoft.graph.itemReference" },
- "sharepointIds": { "@odata.type": "microsoft.graph.sharepointIds" },
- "webUrl": "url to visit the list in a browser"
-}
-```
- ## Properties The **list** resource has the following properties.
The **list** resource has the following relationships to other resources.
[systemFacet]: systemfacet.md [subscription]: subscription.md
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!--{
+ "blockType": "resource",
+ "optionalProperties": [
+ "items",
+ "drive"
+ ],
+ "keyProperty": "id",
+ "baseType": "microsoft.graph.baseItem",
+ "@odata.type": "microsoft.graph.list"
+}-->
+
+```json
+{
+ "columns": [ { "@odata.type": "microsoft.graph.columnDefinition" }],
+ "contentTypes": [ { "@odata.type": "microsoft.graph.contentType" }],
+ "displayName": "title of list",
+ "drive": { "@odata.type": "microsoft.graph.drive" },
+ "items": [ { "@odata.type": "microsoft.graph.listItem" } ],
+ "list": {
+ "@odata.type": "microsoft.graph.listInfo",
+ "hidden": false,
+ "template": "documentLibrary | genericList | survey | links | announcements | contacts | accessRequest ..."
+ },
+ "system": false,
+ "subscriptions": [ {"@odata.type": "microsoft.graph.subscription"} ],
+
+ /* inherited from baseItem */
+ "id": "string",
+ "name": "name of list",
+ "createdBy": { "@odata.type": "microsoft.graph.identitySet" },
+ "createdDateTime": "timestamp",
+ "description": "description of list",
+ "eTag": "string",
+ "lastModifiedBy": { "@odata.type": "microsoft.graph.identitySet" },
+ "lastModifiedDateTime": "timestamp",
+ "parentReference": { "@odata.type": "microsoft.graph.itemReference" },
+ "sharepointIds": { "@odata.type": "microsoft.graph.sharepointIds" },
+ "webUrl": "url to visit the list in a browser"
+}
+```
+ <!-- { "type": "#page.annotation", "description": "",
v1.0 Onpremisesextensionattributes https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/onpremisesextensionattributes.md
Namespace: microsoft.graph
The return type of the **onPremisesExtensionAttributes** property of the [user](user.md) object and **extensionAttributes** property of the [device](device.md) object. Returns fifteen custom extension attribute properties.
-On the [user](user.md) entity and for an **onPremisesSyncEnabled** user, the source of authority for this set of properties is the on-premises Active Directory which is synchronized to Azure AD, and is read-only. For a cloud-only user (where **onPremisesSyncEnabled** is `false`), these properties can be set during [creation](../api/user-post-users.md) or [update](../api/user-update.md). If a cloud-only user was previously synced from on-premises Active Directory, these properties cannot be managed via the Microsoft Graph API. Instead, they can be managed through the Exchange Admin Center or the Exchange Online V2 module in PowerShell.
+On the [user](user.md) entity and for an **onPremisesSyncEnabled** user, the source of authority for this set of properties is the on-premises Active Directory which is synchronized to Azure AD, and is read-only. For a cloud-only user (where **onPremisesSyncEnabled** is `false` or `null`), these properties can be set during [creation](../api/user-post-users.md) or [update](../api/user-update.md). If a cloud-only user was previously synced from on-premises Active Directory, these properties cannot be managed via the Microsoft Graph API. Instead, they can be managed through the Exchange Admin Center or the Exchange Online V2 module in PowerShell.
The **extensionAttributes** property of the [device](device.md) entity is managed only in Azure AD during device [creation](../api/device-post-devices.md) or [update](../api/device-update.md).
v1.0 Permissionscope https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/permissionscope.md
Here is a JSON representation of the resource
```json {
- "id": "guid",
- "adminConsentDisplayName": "string",
- "adminConsentDescription": "string",
- "userConsentDisplayName": "string",
- "userConsentDescription": "string",
- "value": "string",
- "type": "string",
+ "id": "Guid",
+ "adminConsentDisplayName": "String",
+ "adminConsentDescription": "String",
+ "userConsentDisplayName": "String",
+ "userConsentDescription": "String",
+ "value": "String",
+ "type": "String",
"isEnabled": true } ```
v1.0 Plannertaskdetails https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/plannertaskdetails.md
Title: "plannerTaskDetails resource type"
-description: "The **plannerTaskDetails** resource represents the additional information about a task. Each task object has a details object."
+description: "Represents the additional information about a task. Each task object has a details object."
ms.localizationpriority: medium ms.prod: "planner"
doc_type: resourcePageType
Namespace: microsoft.graph
-The **plannerTaskDetails** resource represents the additional information about a task. Each [task](plannertask.md) object has a details object.
+Represents the additional information about a task. Each [task](plannertask.md) object has a details object.
## Methods
The **plannerTaskDetails** resource represents the additional information about
| Property | Type |Description| |:|:--|:-| |checklist|[plannerChecklistItems](plannerchecklistitems.md)|The collection of checklist items on the task.|
-|description|String|Description of the task|
+|description|String|Description of the task.|
|id|String| Read-only. ID of the task details. It is 28 characters long and case-sensitive. [Format validation](planner-identifiers-disclaimer.md) is done on the service.| |previewType|string|This sets the type of preview that shows up on the task. The possible values are: `automatic`, `noPreview`, `checklist`, `description`, `reference`. When set to `automatic` the displayed preview is chosen by the app viewing the task.| |references|[plannerExternalReferences](plannerexternalreferences.md)|The collection of references on the task.| ## Relationships
-None
+None.
## JSON representation
-Here is a JSON representation of the resource.
+The following is a JSON representation of the resource.
<!--{ "blockType": "resource",
Here is a JSON representation of the resource.
"previewType": "string", "references": {"@odata.type": "microsoft.graph.plannerExternalReferences"} }- ``` <!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
v1.0 Preauthorizedapplication https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/preauthorizedapplication.md
Lists the client applications that are pre-authorized with the specified permiss
| Property | Type | Description | |:|:--|:-| |appId|String| The unique identifier for the application. |
-|permissionIds|String collection| The unique identifier for the [oauth2PermissionScopes](permissionscope.md) the application requires. |
+|delegatedPermissionIds|String collection| The unique identifier for the [oauth2PermissionScopes](permissionscope.md) the application requires. |
## JSON representation Here is a JSON representation of the resource.
Here is a JSON representation of the resource.
```json { "appId": "String",
- "permissionIds": ["String"]
+ "delegatedPermissionIds": ["String"]
} ```
v1.0 Presence https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/presence.md
This resource supports subscribing to [change notifications](/graph/webhooks).
## Properties
-| Relationship | Type | Description |
+| Property | Type | Description |
| :-- | :- | : | | id | string | The user object id | | availability | string collection | The base presence information for a user. Possible values are `Available`, `AvailableIdle`, `Away`, `BeRightBack`, `Busy`, `BusyIdle`, `DoNotDisturb`, `Offline`, `PresenceUnknown` |
v1.0 Rbacapplication https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/rbacapplication.md
doc_type: "resourcePageType"
Namespace: microsoft.graph
-Role management container for unified role definitions and role assignments for Microsoft 365 role-based access control (RBAC) providers. The role assignments support only a single principal and a single scope. Currently **directory** is the only RBAC provider supported.
+Role management container for unified role definitions and role assignments for Microsoft 365 role-based access control (RBAC) providers. The role assignments support only a single principal and a single scope. Currently **directory** and **entitlementManagement** are the two RBAC providers supported.
## Methods
v1.0 Resourceaccess https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/resourceaccess.md
The following is a JSON representation of the resource.
```json {
- "id": "GUID",
+ "id": "Guid",
"type": "String" }
v1.0 Resourcedata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/resourcedata.md
ms.prod: "change-notifications"
Namespace: microsoft.graph
-Represents the resouce data attached to the change notification sent to the subscriber.
+Represents the resource data attached to the change notification sent to the subscriber. This resource is an open type and allows other properties to be passed in.
For details, see [Use the Microsoft Graph API to get change notifications](webhooks.md).
None.
## Properties
-For Outlook resources, **resourceData** contains the following fields:
+None except for Outlook resources where **resourceData** contains the following fields:
| Property | Type | Description | |:|:--|:|
-| @odata.type | string | The OData entity type in Microsoft Graph that describes the represented object. |
-| @odata.id | string | The OData identifier of the object. |
-| @odata.etag | string | The HTTP entity tag that represents the version of the object. |
-| id | string | The identifier of the object. |
+| @odata.type | String | The OData entity type in Microsoft Graph that describes the represented object. |
+| @odata.id | String | The OData identifier of the object. |
+| @odata.etag | String | The HTTP entity tag that represents the version of the object. |
+| id | String | The identifier of the object. |
-> **Note:** The `id` value provided in **resourceData** is valid at the time the change notification was generated. Some actions, such as moving a message to another folder, might result in the `id` no longer being valid when the change notification is processed.
+> **Note:** The **id** value provided in **resourceData** is valid at the time the change notification was generated. Some actions, such as moving a message to another folder, might result in the `id` no longer being valid when the change notification is processed.
## Relationships
The following is a JSON representation of the resource.
<!-- { "blockType": "resource", "optionalProperties": [-
+ "@odata.type",
+ "@odata.id",
+ "@odata.etag",
+ "id"
], "@odata.type": "microsoft.graph.resourceData" }--> ```json {
- "id": "1565293727947",
- "@odata.type": "#Microsoft.Graph.ChatMessage",
- "@odata.id": "teams('88cbc8fc-164b-44f0-b6a6-b59b4a1559d3')/channels('19:8d9da062ec7647d4bb1976126e788b47@thread.tacv2')/messages('1565293727947')/replies('1565293727947')"
+ "@odata.type": "#microsoft.graph.resourceData"
} ```
v1.0 Resourcespecificpermission https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/resourcespecificpermission.md
+
+ Title: "resourceSpecificPermission resource type"
+description: "Represents permissions used to authorize an application for direct access to data for a specific instance of resource"
+
+ms.localizationpriority: medium
++
+# resourceSpecificPermission resource type
+
+Namespace: microsoft.graph
+
+Represents permissions used to authorize an application for direct access to data for a specific instance of resource, such as a chat or team. For example, the resource-specific permission ChannelMessage.Read.Group allows a Microsoft Teams app to read the channel messages of a single team.
+
+Resource-specific permissions are only supported for Teams apps accessing to specific chats and teams using the Microsoft Graph API. For details, see [Resource-specific consent for Teams apps](/microsoftteams/platform/graph-api/rsc/resource-specific-consent).
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|description|String|Describes the level of access that the resource-specific permission represents.|
+|displayName|String|The display name for the resource-specific permission.|
+|id|Guid|The unique identifier for the resource-specific application permission.|
+|isEnabled|Boolean|Indicates whether the permission is enabled.|
+|value|String|The value of the permission.|
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.resourceSpecificPermission"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.resourceSpecificPermission",
+ "description": "String",
+ "displayName": "String",
+ "id": "String (identifier)",
+ "isEnabled": "Boolean",
+ "value": "String"
+}
+```
v1.0 Resulttemplate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/resulttemplate.md
+
+ Title: "resultTemplate resource type"
+description: "Represents a dictionary of resultTemplateIds and associated values, which include the name and JSON schema of the result templates."
+ms.localizationpriority: medium
+++
+# resultTemplate resource type
+
+Namespace: microsoft.graph
+
+Represents a dictionary of **resultTemplateIds** and associated values, which includes the name and JSON schema of the result templates.
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+|body|Json|JSON schema of the result template.|
+|displayName|String|Name of the result template.|
+|key|String|ID of a result template. The **key** property must map to a **resultTemplateId** in the [searchHit](searchhit.md) collection.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+
+ ],
+ "@odata.type": "microsoft.graph.resultTemplate",
+ "baseType": null
+}-->
++
+```json
+{
+ "resultTemplateId": {
+ "displayName": "String",
+ "body":{
+ "@odata.type":"microsoft.graph.Json"
+ }
+ }
+}
+```
++
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "resultTemplate resource",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
++
v1.0 Resulttemplateoption https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/resulttemplateoption.md
+
+ Title: "resultTemplateOption resource type"
+description: "Provides the search result template options to render search results from connectors."
+ms.localizationpriority: medium
+++
+# resultTemplateOption resource type
+
+Namespace: microsoft.graph
+
+Provides the search result template options to render search results from connectors.
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+|enableResultTemplate|Boolean|Indicates whether search display layouts are enabled. If enabled, the user will get the result template to render the search results content in the **resultTemplates** property of the [response](/graph/api/resources/searchresponse). The result template is based on [Adaptive Cards](https://adaptivecards.io/). Optional. |
++
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+
+ ],
+ "@odata.type": "microsoft.graph.resultTemplateOption",
+ "baseType": null
+}-->
+
+```json
+ {
+ "enableResultTemplate": "Boolean"
+ }
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "resultTemplateOption resource",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Riskdetection https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/riskdetection.md
For more information about risk events, see [Azure Active Directory Identity Pro
## Properties |Property|Type|Description| |:|:|:|
-|activity|activityType|Indicates the activity type the detected risk is linked to. . Possible values are: `signin`, `user`, `unknownFutureValue`.|
+|activity|activityType|Indicates the activity type the detected risk is linked to. Possible values are: `signin`, `user`, `unknownFutureValue`.|
|activityDateTime|DateTimeOffset|Date and time that the risky activity occurred. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is look like this: `2014-01-01T00:00:00Z`|
-|additionalInfo|String|Additional information associated with the risk detection in JSON format.|
+|additionalInfo|String|Additional information associated with the risk detection in JSON format. For example, `"[{\"Key\":\"userAgent\",\"Value\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36\"}]"`. Possible keys in the additionalInfo JSON string are: `userAgent`, `alertUrl`, `relatedEventTimeInUtc`, `relatedUserAgent`, `deviceInformation`, `relatedLocation`, `requestId`, `correlationId`, `lastActivityTimeInUtc`, `malwareName`, `clientLocation`, `clientIp`, `riskReasons`. <br/>For more information about riskReasons and possible values, see [riskReasons values](#riskreasons-values). |
|correlationId|String|Correlation ID of the sign-in associated with the risk detection. This property is `null` if the risk detection is not associated with a sign-in.|
-|detectedDateTime|DateTimeOffset|Date and time that the risk was detected. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is look like this: `2014-01-01T00:00:00Z`|
+|detectedDateTime|DateTimeOffset|Date and time that the risk was detected. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: `2014-01-01T00:00:00Z`|
|detectionTimingType|riskDetectionTimingType|Timing of the detected risk (real-time/offline). Possible values are: `notDefined`, `realtime`, `nearRealtime`, `offline`, `unknownFutureValue`.| |id|String|Unique ID of the risk detection. Inherited from [entity](../resources/entity.md)| |ipAddress|String|Provides the IP address of the client from where the risk occurred.|
For more information about risk events, see [Azure Active Directory Identity Pro
|location|[signInLocation](../resources/signinlocation.md)|Location of the sign-in.| |requestId|String|Request ID of the sign-in associated with the risk detection. This property is null if the risk detection is not associated with a sign-in.| |riskDetail|riskDetail|Details of the detected risk. Possible values are: `none`, `adminGeneratedTemporaryPassword`, `userPerformedSecuredPasswordChange`, `userPerformedSecuredPasswordReset`, `adminConfirmedSigninSafe`, `aiConfirmedSigninSafe`, `userPassedMFADrivenByRiskBasedPolicy`, `adminDismissedAllRiskForUser`, `adminConfirmedSigninCompromised`, `hidden`, `adminConfirmedUserCompromised`, `unknownFutureValue`.|
-|riskEventType|String|The type of risk event detected. The possible values are `unlikelyTravel`, `anonymizedIPAddress`, `maliciousIPAddress`, `unfamiliarFeatures`, `malwareInfectedIPAddress`, `suspiciousIPAddress`, `leakedCredentials`, `investigationsThreatIntelligence`, `generic`,`adminConfirmedUserCompromised`, `mcasImpossibleTravel`, `mcasSuspiciousInboxManipulationRules`, `investigationsThreatIntelligenceSigninLinked`, `maliciousIPAddressValidCredentialsBlockedIP`, and `unknownFutureValue`. If the risk detection is a premium detection, will show `generic`|
+|riskEventType|String|The type of risk event detected. The possible values are `unlikelyTravel`, `anonymizedIPAddress`, `maliciousIPAddress`, `unfamiliarFeatures`, `malwareInfectedIPAddress`, `suspiciousIPAddress`, `leakedCredentials`, `investigationsThreatIntelligence`, `generic`,`adminConfirmedUserCompromised`, `passwordSpray`, `impossibleTravel`, `newCountry`, `anomalousToken`, `tokenIssuerAnomaly`,`suspiciousBrowser`, `riskyIPAddress`, `mcasSuspiciousInboxManipulationRules`, `suspiciousInboxForwarding`, and `unknownFutureValue`. If the risk detection is a premium detection, will show `generic`. <br/>For more information about each value, see [riskEventType values](#riskeventtype-values).|
|riskLevel|riskLevel|Level of the detected risk. Possible values are: `low`, `medium`, `high`, `hidden`, `none`, `unknownFutureValue`.| |riskState|riskState|The state of a detected risky user or sign-in. Possible values are: `none`, `confirmedSafe`, `remediated`, `dismissed`, `atRisk`, `confirmedCompromised`, `unknownFutureValue`.| |source|String|Source of the risk detection. For example, `activeDirectory`. |
For more information about risk events, see [Azure Active Directory Identity Pro
|userId|String|Unique ID of the user.| |userPrincipalName|String|The user principal name (UPN) of the user.|
+### riskEventType values
+
+| Name | UI Display Name | Description |
+|--|--|--|
+| unlikelyTravel | Atypical travel | Identifies two sign-ins originating from geographically distant locations, where at least one of the locations may also be atypical for the user, given past behavior. |
+| anonymizedIPAddress | Anonymous IP address | Indicates sign-ins from an anonymous IP address, for example, using an anonymous browser or VPN. |
+| maliciousIPAddress | Malicious IP address | Indicates sign-ins from a malicious IP address. An IP address is considered malicious based on high failure rates because of invalid credentials received from the IP address or other IP reputation sources. |
+| unfamiliarFeatures | Unfamiliar sign-in properties | Indicates sign-ins with characteristics that deviate from past sign-in properties. |
+| malwareInfectedIPAddress | Malware linked IP address | Indicates sign-ins from IP addresses infected with malware. Deprecated and no longer generated for new detections. |
+| suspiciousIPAddress | Malicious IP address | Identifies logins from IP addresses that are known to be malicious at the time of the sign in. |
+| leakedCredentials | Leaked credentials | Indicates that the user's valid credentials have been leaked. This sharing is typically done by posting publicly on the dark web, paste sites, or by trading and selling the credentials on the black market. When the Microsoft leaked credentials service acquires user credentials from the dark web, paste sites, or other sources, they are checked against Azure AD users' current valid credentials to find valid matches. |
+| investigationsThreatIntelligence | Azure AD threat intelligence | Indicates a sign-in activity that is unusual for the given user or is consistent with known attack patterns based on Microsoft's internal and external threat intelligence sources. |
+| generic | Additional risk detected | Indicates that the user was not enabled for Identity Protection. |
+| adminConfirmedUserCompromised | Admin confirmed user compromised | Indicates that an administrator has [confirmed the user is compromised](../api/riskyuser-confirmcompromised.md). |
+| passwordSpray | Password spray | Indicates that multiple usernames are attacked using common passwords in a unified brute force manner to gain unauthorized access. |
+| anomalousToken | Anomalous Token | Indicates that there are abnormal characteristics in the token such as an unusual token lifetime or a token that is played from an unfamiliar location. |
+| tokenIssuerAnomaly | Token Issuer Anomaly | Indicates that The SAML token issuer for the associated SAML token is potentially compromised. The claims included in the token are unusual or match known attacker patterns. |
+| suspiciousBrowser | Suspicious browser | Suspicious sign-in activity across multiple tenants from different countries in the same browser. |
+| impossibleTravel | Impossible travel | Discovered by Microsoft Defender for Cloud Apps (MDCA). Identifies two user activities (a single or multiple sessions) originating from geographically distant locations within a time period shorter than the time it would have taken the user to travel from the first location to the second, indicating that a different user is using the same credentials. |
+| newCountry | New country | This detection is discovered by Microsoft Cloud App Security (MCAS). The sign-in occurred from a location that wasn't recently or never visited by the given user. |
+| riskyIPAddress | Activity from anonymous IP address | This detection is discovered by Microsoft Cloud App Security (MCAS). Users were active from an IP address that has been identified as an anonymous proxy IP address. |
+| mcasSuspiciousInboxManipulationRules | Suspicious inbox manipulation rules | Discovered by Microsoft Defender for Cloud Apps (MDCA). Identifies suspicious email forwarding rules, for example, if a user created an inbox rule that forwards a copy of all emails to an external address.|
+| suspiciousInboxForwarding | Suspicious inbox forwarding | This detection is discovered by Microsoft Cloud App Security (MCAS). It looks for suspicious email forwarding rules, for example, if a user created an inbox rule that forwards a copy of all emails to an external address. |
+| unknownFutureValue | N/A | Evolvable enumeration sentinel value. Do not use. |
+
+### riskReasons values
+
+| riskEventType | Value | UI display string |
+|--|--|--|
+| `investigationsThreatIntelligence` | `suspiciousIP` | This sign-in was from a suspicious IP address |
+| `investigationsThreatIntelligence` | `passwordSpray` | This user account was attacked by a password spray. |
+ ## Relationships None.
v1.0 Rolemanagement https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/rolemanagement.md
doc_type: "resourcePageType"
Namespace: microsoft.graph
-Represents a Microsoft 365 role-based access control (RBAC) role management entity. This resource provides access to role definitions and role assignments surfaced from RBAC providers. **directory** (Azure Active Directory) and **deviceManagement** (Intune) providers are currently supported.
+Represents a Microsoft 365 role-based access control (RBAC) role management entity. This resource provides access to role definitions and role assignments surfaced from RBAC providers. **directory** (Azure Active Directory), **entitlementManagement**, and **deviceManagement** (Intune) providers are currently supported.
For more information, see: * [Administrator role permissions in Azure Active Directory](/azure/active-directory/roles/custom-overview).
+* [Delegation and roles in Azure AD entitlement management](/azure/active-directory/governance/entitlement-management-delegate).
* [Role-based access control (RBAC) with Microsoft Intune](/mem/intune/fundamentals/role-based-access-control) ## Methods
None.
| Relationship | Type | Description | |:-|:|:| |directory|[rbacApplication](rbacapplication.md)| Read-only. Nullable.|
-|entitlementManagement|[entitlementManagement](entitlementmanagement.md)| Container for all entitlement management resources in Azure AD identity governance.|
+|entitlementManagement|[rbacApplication](rbacapplication.md)| Container for roles and assignments for [entitlement management](entitlementmanagement.md) resources.|
## JSON representation
v1.0 Schemaextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/schemaextension.md
See the [schema extension example](/graph/extensibility-schema-groups) to learn
| Property | Type |Description| |:|:--|:-| |description|String|Description for the schema extension. Supports `$filter` (`eq`).|
-|id|String|The unique identifier for the schema extension definition. <br>You can assign a value in one of two ways: <ul><li>Concatenate the name of one of your verified domains with a name for the schema extension to form a unique string in this format, \{_&#65279;domainName_\}\_\{_&#65279;schemaName_\}. As an example, `contoso_mySchema`. </li><li>Provide a schema name, and let Microsoft Graph use that schema name to complete the **id** assignment in this format: ext\{_&#65279;8-random-alphanumeric-chars_\}\_\{_&#65279;schema-name_\}. An example would be `extkvbmkofy_mySchema`.</li></ul>This property cannot be changed after creation. Supports `$filter` (`eq`). |
+|id|String|The unique identifier for the schema extension definition. <br>You can assign a value in one of two ways: <ul><li>Concatenate the name of one of your verified domains with a name for the schema extension to form a unique string in this format, \{_&#65279;domainName_\}\_\{_&#65279;schemaName_\}. As an example, `contoso_mySchema`. </li><li>Provide a schema name, and let Microsoft Graph use that schema name to complete the **id** assignment in this format: ext\{_&#65279;8-random-alphanumeric-chars_\}\_\{_&#65279;schema-name_\}. An example would be `extkvbmkofy_mySchema`.</li></ul>This property cannot be changed after creation. Supports `$filter` (`eq`). **Note:** We recommend that your **id** starts with an alphabetic letter between A-Z because query capabilities might be limited for IDs that begin with integers. |
|owner|String|The `appId` of the application that is the owner of the schema extension. This property can be supplied on creation, to set the owner. If not supplied, then the calling application's `appId` will be set as the owner. In either case, the signed-in user must be the owner of the application. So, for example, if creating a new schema extension definition using Graph Explorer, you **must** supply the owner property. Once set, this property is read-only and cannot be changed. Supports `$filter` (`eq`).| |properties|[extensionSchemaProperty](extensionschemaproperty.md) collection|The collection of property names and types that make up the schema extension definition.| |status|String|The lifecycle state of the schema extension. Possible states are **InDevelopment**, **Available**, and **Deprecated**. Automatically set to **InDevelopment** on creation. [Schema extensions](/graph/extensibility-overview#schema-extensions) provides more information on the possible state transitions and behaviors. Supports `$filter` (`eq`).|
v1.0 Search Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/search-api-overview.md
Search requests run on behalf of the user. Search results are scoped to enforce
|[Use KQL in query terms](#keyword-query-language-kql-support) | **query** | |[Sort search results](#sort-search-results)| **sort** | |[Refine results using aggregations](#refine-results-using-aggregations)| **aggregations** |
+|[Request spelling correction](#request-spelling-correction)| **queryAlterationOptions** |
+|[Search display layout](#search-display-layout) (preview)| **resultTemplateOptions**|
## Scope search based on entity types
Once the response is returned containing the collection of [searchBucket](search
Aggregations are currently supported for any refinable property on the following SharePoint and OneDrive types: [driveItem](driveitem.md), [listItem](listitem.md), [list](list.md), [site](site.md), and on Microsoft Graph connectors [externalItem](externalconnectors-externalitem.md).
-See [refine search results](/graph/search-concept-aggregation) for examples that show using aggregation to enhance and narrow down search results.
+For examples that show how to use aggregation to enhance and narrow down search results, see [Refine search results](/graph/search-concept-aggregation).
+
+## Request spelling correction
+
+Spelling correction is a popular way to handle mismatches between typos in a user query and the correct words in matched contents. When typos are detected in the original user query, you can get the search result either for the original user query or the corrected alternate query. You can also get the spelling correction information for typos in the **queryAlterationResponse** property of the [searchResponse](searchresponse.md).
+
+In the request body of the [query](/graph/api/search-query) method, specify the **queryAlterationOptions** that should be applied to the query for the spelling corrections. The description of **queryAlterationOptions** is defined in the [searchRequest](./searchrequest.md).
+
+For examples that show how to use spelling corrections, see [Request spelling correction](/graph/search-concept-speller).
+
+## Search display layout
+
+The search API allows you to render search results from [connectors](/microsoftsearch/connectors-overview) by using the display layout or the result template configured by the IT admin for each connector. The result templates are [Adaptive Cards](https://adaptivecards.io/), which are a semantically meaningful combination of layout and data.
+
+To get the result template in the [searchResponse](searchresponse.md) you have to set the **enableResultTemplate** property to **true**, which is defined in the [resultTemplateOptions](./resulttemplateoption.md) in the [searchRequest](./searchrequest.md). The response includes a **resultTemplateId** for every [searchHit](./searchhit.md), which maps to one of the display layouts included in the **resultTemplates** dictionary that is part of the response.
+
+For examples that show how to render search results, see [Use search display layout](/graph/search-concept-display-layout).
## Error handling
Any combinations involving **message**, **event**, SharePoint and OneDrive types
- [Search content in SharePoint and OneDrive](/graph/search-concept-files) - [Sort search results](/graph/search-concept-sort) - [Refine search results](/graph/search-concept-aggregation)
+ - [Request spelling correction](/graph/search-concept-speller)
+ - [Use search display layout](/graph/search-concept-display-layout)
- Explore the search APIs in [Graph Explorer](https://developer.microsoft.com/graph/graph-explorer). - Find out about the [latest new features and updates](/graph/whats-new-overview) for this API set.
v1.0 Searchalteration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/searchalteration.md
+
+ Title: "searchAlteration resource type"
+description: "Provides the details about the search alteration for spelling correction."
+ms.localizationpriority: medium
+++
+# searchAlteration resource type
+
+Namespace: microsoft.graph
+
+Provides the details about the search alteration for spelling correction.
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+|alteredHighlightedQueryString|String| Defines the altered highlighted query string with spelling correction. The annotation around the corrected segment is: `\ue000, \ue001`.|
+|alteredQueryString|String| Defines the altered query string with spelling correction.|
+|alteredQueryTokens|[alteredQueryToken](alteredquerytoken.md) collection| Represents changed segments related to an original user query.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+
+ ],
+ "@odata.type": "microsoft.graph.searchAlteration",
+ "baseType": null
+}-->
+
+```json
+{
+ "alteredHighlightedQueryString": "String",
+ "alteredQueryString": "String",
+ "alteredQueryTokens": [{"@odata.type": "microsoft.graph.alteredQueryToken"}]
+}
+```
v1.0 Searchalterationoptions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/searchalterationoptions.md
+
+ Title: "searchAlterationOptions resource type"
+description: "Provides the search alteration options for spelling correction."
+ms.localizationpriority: medium
+++
+# searchAlterationOptions resource type
+
+Namespace: microsoft.graph
+
+Provides the search alteration options for spelling correction.
+
+## Properties
+
+| Property | Type | Description |
+|:-|:|:|
+|enableModification|Boolean|Indicates whether spelling modifications are enabled. If enabled, the user will get the search results for the corrected query *in case of no results* for the original query with typos. The [response](/graph/api/resources/searchresponse) will also include the spelling modification information in the **queryAlterationResponse** property. Optional.|
+|enableSuggestion|Boolean|Indicates whether spelling suggestions are enabled. If enabled, the user will get the search results for the original search query and suggestions for spelling correction in the **queryAlterationResponse** property of the [response](/graph/api/resources/searchresponse) for the typos in the query. Optional.|
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "optionalProperties": [
+
+ ],
+ "@odata.type": "microsoft.graph.searchAlterationOptions",
+ "baseType": null
+}-->
+
+```json
+{
+ "enableModification": "Boolean",
+ "enableSuggestion": "Boolean"
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "searchAlterationOptions resource",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Searchhit https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/searchhit.md
Represents a single result within the list of search results.
| Property | Type | Description | |:-|:|:|
+|contentSource|String|The name of the content source which the **externalItem** is part of .|
|hitId|String|The internal identifier for the item.| |rank|Int32|The rank or the order of the result.|
-|contentSource|String|The name of the content source which the **externalItem** is part of .|
-|summary|String|A summary of the result, if a summary is available.|
+|resultTemplateId|String|ID of the result template used to render the search result. This ID must map to a display layout in the **resultTemplates** dictionary that is also included in the [searchResponse](searchresponse.md).|
|resource|[entity](entity.md)|The underlying Microsoft Graph representation of the search result.|
+|summary|String|A summary of the result, if a summary is available.|
## JSON representation
The following is a JSON representation of the resource.
```json {
- "hitId": "String",
- "rank": 1,
- "summary": "String",
"contentSource": "String",
- "resource": { "@odata.type": "microsoft.graph.entity" }
+ "hitId": "String",
+ "rank": "Int32",
+ "resultTemplateId": "String",
+ "resource": { "@odata.type": "microsoft.graph.entity" },
+ "summary": "String"
} ```
v1.0 Searchrequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/searchrequest.md
The JSON blob contains the types of resources expected in the response, the unde
## Properties
-| Property | Type | Description
-|:-|:|:
-|aggregations|[aggregationOption](aggregationOption.md) collection|Specifies aggregations (also known as refiners) to be returned alongside search results. Optional.|
+| Property | Type | Description|
+|:-|:|:|
|aggregationFilters|String collection|Contains one or more filters to obtain search results aggregated and filtered to a specific value of a field. Optional.<br>Build this filter based on a prior search that aggregates by the same field. From the response of the prior search, identify the [searchBucket](searchBucket.md) that filters results to the specific value of the field, use the string in its **aggregationFilterToken** property, and build an aggregation filter string in the format **"{field}:\\"{aggregationFilterToken}\\""**. <br>If multiple values for the same field need to be provided, use the strings in its **aggregationFilterToken** property and build an aggregation filter string in the format **"{field}:or(\\"{aggregationFilterToken1}\\",\\"{aggregationFilterToken2}\\")"**. <br>For example, searching and aggregating drive items by file type returns a **searchBucket** for the file type `docx` in the response. You can conveniently use the **aggregationFilterToken** returned for this **searchBucket** in a subsequent search query and filter matches down to drive items of the `docx` file type. [Example 1](/graph/search-concept-aggregation#example-1-request-aggregations-by-string-fields) and [example 2](/graph/search-concept-aggregation#example-2-apply-an-aggregation-filter-based-on-a-previous-request) show the actual requests and responses.|
+|aggregations|[aggregationOption](aggregationOption.md) collection|Specifies aggregations (also known as refiners) to be returned alongside search results. Optional.|
|contentSources|String collection|Contains the connection to be targeted.| |enableTopResults|Boolean|This triggers hybrid sort for messages : the first 3 messages are the most relevant. This property is only applicable to entityType=`message`. Optional.| |entityTypes|entityType collection| One or more types of resources expected in the response. Possible values are: `list`, `site`, `listItem`, `message`, `event`, `drive`, `driveItem`, `externalItem`. See [known limitations](search-api-overview.md#known-limitations) for those combinations of two or more entity types that are supported in the same search request. Required.|
-|fields|String collection |Contains the fields to be returned for each resource object specified in **entityTypes**, allowing customization of the fields returned by default otherwise, including additional fields such as custom managed properties from SharePoint and OneDrive. Optional.|
+|fields|String collection |Contains the fields to be returned for each resource object specified in **entityTypes**, allowing customization of the fields returned by default; otherwise, including additional fields such as custom managed properties from SharePoint and OneDrive, or custom fields in **externalItem** from the content that Microsoft Graph connectors bring in. The **fields** property can use the [semantic labels](/microsoftsearch/configure-connector#step-6-assign-property-labels) applied to properties. For example, if a property is labeled as title, you can retrieve it using the following syntax: `label_title`. Optional.|
|from|Int32|Specifies the offset for the search results. Offset 0 returns the very first result. Optional.| |query|[searchQuery](searchquery.md)|Contains the query terms. Required.|
+|queryAlterationOptions|[searchAlterationOptions](searchalterationoptions.md)|Query alteration options formatted in a JSON blob that contains two optional flags related to spelling correction. Optional. |
+|resultTemplateOptions|[resultTemplateOption](resulttemplateoption.md) collection|Provides the search result template options to render search results from connectors.|
|size|Int32|The size of the page to be retrieved. Optional.| |sortProperties|[sortProperty](sortProperty.md) collection|Contains the ordered collection of fields and direction to sort results. There can be at most 5 sort properties in the collection. Optional.|
The following is a JSON representation of the resource.
```json {
+ "aggregationFilters": ["String"],
+ "aggregations": {"@odata.type": "microsoft.graph.aggregationOption"},
+ "enableTopResults": "Boolean",
"entityTypes": ["String"], "contentSources": ["String"],
- "query": {"@odata.type": "microsoft.graph.searchQuery"},
- "from": 1024,
- "size": 1024,
"fields": ["String"],
- "enableTopResults": true
+ "from": "Int32",
+ "query": {"@odata.type": "microsoft.graph.searchQuery"},
+ "queryAlterationOptions": {"@odata.type": "microsoft.graph.searchAlterationOptions"},
+ "resultTemplateOptions": [{"@odata.type": "microsoft.graph.resultTemplateOption"}],
+ "size": "Int32"
} ```
The following is a JSON representation of the resource.
- Search content in SharePoint and OneDrive ([files, lists and sites](/graph/search-concept-files)) - [Sort](/graph/search-concept-sort) search results - Use [aggregations](/graph/search-concept-aggregations) to refine search results-
+- Use [display layout](/graph/search-concept-display-layout.md)
+- Enable [spell corrections](/graph/search-concept-speller) in search results
<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
v1.0 Searchresponse https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/searchresponse.md
Represents results from a search query, and the terms used for the query.
| Property | Type | Description | |:-|:|:| |hitsContainers|[searchHitsContainer](searchhitscontainer.md) collection|A collection of search results.|
+|resultTemplates|[resultTemplate](resulttemplate.md) collection|A dictionary of **resultTemplateIds** and associated values, which include the name and JSON schema of the result templates.|
|searchTerms|String collection|Contains the search terms sent in the initial search query.|
+|queryAlterationResponse|[alterationResponse](alterationresponse.md)|Provides information related to spelling corrections in the alteration response.|
## JSON representation
The following is a JSON representation of the resource.
```json { "hitsContainers": [{"@odata.type": "microsoft.graph.searchHitsContainer"}],
+ "queryAlterationResponse": {"@odata.type": "microsoft.graph.alterationResponse"},
+ "resultTemplates": [{"@odata.type":"microsoft.graph.resultTemplateDictionary"}],
"searchTerms": ["String"] } ```
v1.0 Serviceannouncement https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/serviceannouncement.md
A top-level container for service communications resources.
None. ## Relationships
-|Property|Type|Description|
+|Relationship|Type|Description|
|-|-|-| |messages|Collection([serviceUpdateMessage](serviceupdatemessage.md))|A collection of service messages for tenant. This property is a contained navigation property, it is nullable and readonly.| |healthOverviews|Collection([serviceHealth](servicehealth.md))|A collection of service health information for tenant. This property is a contained navigation property, it is nullable and readonly.|
v1.0 Serviceplaninfo https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/serviceplaninfo.md
Here is a JSON representation of the resource
```json {
- "appliesTo": "string",
- "provisioningStatus": "string",
- "servicePlanId": "guid",
- "servicePlanName": "string"
+ "appliesTo": "String",
+ "provisioningStatus": "String",
+ "servicePlanId": "Guid",
+ "servicePlanName": "String"
} ```
v1.0 Serviceprincipal https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/serviceprincipal.md
This resource supports using [delta query](/graph/delta-query-overview) to track
|appDisplayName|String|The display name exposed by the associated application.| |appId|String|The unique identifier for the associated application (its **appId** property). Supports `$filter` (`eq`, `ne`, `not`, `in`, `startsWith`).| |applicationTemplateId|String|Unique identifier of the applicationTemplate that the servicePrincipal was created from. Read-only. Supports `$filter` (`eq`, `ne`, `NOT`, `startsWith`).|
-|appOwnerOrganizationId|String|Contains the tenant id where the application is registered. This is applicable only to service principals backed by applications. Supports `$filter` (`eq`, `ne`, `NOT`, `ge`, `le`).|
+|appOwnerOrganizationId|Guid|Contains the tenant id where the application is registered. This is applicable only to service principals backed by applications. Supports `$filter` (`eq`, `ne`, `NOT`, `ge`, `le`).|
|appRoleAssignmentRequired|Boolean|Specifies whether users or other service principals need to be granted an app role assignment for this service principal before users can sign in or apps can get tokens. The default value is `false`. Not nullable. <br><br>Supports `$filter` (`eq`, `ne`, `NOT`). | |appRoles|[appRole](approle.md) collection|The roles exposed by the application which this service principal represents. For more information see the **appRoles** property definition on the [application](application.md) entity. Not nullable. | | deletedDateTime | DateTimeOffset | The date and time the service principal was deleted. Read-only. |
This resource supports using [delta query](/graph/delta-query-overview) to track
| passwordCredentials | [passwordCredential](passwordcredential.md) collection|The collection of password credentials associated with the application. Not nullable.| |preferredSingleSignOnMode|string|Specifies the single sign-on mode configured for this application. Azure AD uses the preferred single sign-on mode to launch the application from Microsoft 365 or the Azure AD My Apps. The supported values are `password`, `saml`, `notSupported`, and `oidc`.| |replyUrls|String collection|The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application. Not nullable. |
+|resourceSpecificApplicationPermissions|[resourceSpecificPermission](../resources/resourcespecificpermission.md) collection|The resource-specific application permissions exposed by this application. Currently, resource-specific permissions are only supported for [Teams apps accessing to specific chats and teams](/microsoftteams/platform/graph-api/rsc/resource-specific-consent) using Microsoft Graph. Read-only.|
|samlSingleSignOnSettings|[samlSingleSignOnSettings](samlsinglesignonsettings.md)|The collection for settings related to saml single sign-on.| |servicePrincipalNames|String collection|Contains the list of **identifiersUris**, copied over from the associated [application](application.md). Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Azure AD. For example,<ul><li>Client apps can specify a resource URI which is based on the values of this property to acquire an access token, which is the URI returned in the ΓÇ£audΓÇ¥ claim.</li></ul><br>The any operator is required for filter expressions on multi-valued properties. Not nullable. <br><br> Supports `$filter` (`eq`, `not`, `ge`, `le`, `startsWith`).| |servicePrincipalType|String|Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Azure AD internally. The **servicePrincipalType** property can be set to three different values: <ul><li>__Application__ - A service principal that represents an application or service. The **appId** property identifies the associated app registration, and matches the **appId** of an [application](application.md), possibly from a different tenant. If the associated app registration is missing, tokens are not issued for the service principal.</li><li>__ManagedIdentity__ - A service principal that represents a [managed identity](/azure/active-directory/managed-identities-azure-resources/overview). Service principals representing managed identities can be granted access and permissions, but cannot be updated or modified directly.</li><li>__Legacy__ - A service principal that represents an app created before app registrations, or through legacy experiences. Legacy service principal can have credentials, service principal names, reply URLs, and other properties which are editable by an authorized user, but does not have an associated app registration. The **appId** value does not associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.</li><li>__SocialIdp__ - For internal use. </ul>|
Here is a JSON representation of the resource
{ "accountEnabled": true, "addIns": [{"@odata.type": "microsoft.graph.addIn"}],
- "alternativeNames": ["string"] ,
- "appDisplayName": "string",
- "appId": "string",
- "appOwnerOrganizationId": "guid",
+ "alternativeNames": ["String"] ,
+ "appDisplayName": "String",
+ "appId": "String",
+ "appOwnerOrganizationId": "Guid",
"appRoleAssignmentRequired": true, "appRoles": [{"@odata.type": "microsoft.graph.appRole"}],
- "disabledByMicrosoftStatus": "string",
- "displayName": "string",
- "homepage": "string",
- "id": "string (identifier)",
+ "disabledByMicrosoftStatus": "String",
+ "displayName": "String",
+ "homepage": "String",
+ "id": "String (identifier)",
"info": {"@odata.type": "microsoft.graph.informationalUrl"}, "keyCredentials": [{"@odata.type": "microsoft.graph.keyCredential"}],
- "logoutUrl": "string",
- "notes": "string",
+ "logoutUrl": "String",
+ "notes": "String",
"oauth2PermissionScopes": [{"@odata.type": "microsoft.graph.permissionScope"}], "passwordCredentials": [{"@odata.type": "microsoft.graph.passwordCredential"}],
- "replyUrls": ["string"],
- "servicePrincipalNames": ["string"],
- "servicePrincipalType": "string",
- "tags": ["string"],
+ "replyUrls": ["String"],
+ "resourceSpecificApplicationPermissions": [{"@odata.type": "microsoft.graph.resourceSpecificPermission"}],
+ "servicePrincipalNames": ["String"],
+ "servicePrincipalType": "String",
+ "tags": ["String"],
"tokenEncryptionKeyId": "String", "verifiedPublisher": {"@odata.type": "microsoft.graph.verifiedPublisher"} }
v1.0 Shiftactivity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/shiftactivity.md
Title: "shiftActivity resource type" description: "Represents an activity in a shift."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: resourcePageType_
v1.0 Shiftitem https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/shiftitem.md
Title: "shiftItem resource type" description: "A shiftItem represents a version of the shift."-+ ms.localizationpriority: medium ms.prod: "microsoft-teams" doc_type: resourcePageType
v1.0 Subscribedsku https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/subscribedsku.md
The following is a JSON representation of the resource
```json {
- "appliesTo": "string",
- "capabilityStatus": "string",
+ "appliesTo": "String",
+ "capabilityStatus": "String",
"consumedUnits": 1024,
- "id": "string (identifier)",
+ "id": "String (identifier)",
"prepaidUnits": {"@odata.type": "microsoft.graph.licenseUnitsDetail"}, "servicePlans": [{"@odata.type": "microsoft.graph.servicePlanInfo"}],
- "skuId": "guid",
- "skuPartNumber": "string"
+ "skuId": "Guid",
+ "skuPartNumber": "String"
} ```
v1.0 Subscription https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/subscription.md
For the possible resource path values for each supported resource and to learn h
| Property | Type | Description | Supported Resources | |:|:--|:|:--|
-| applicationId | String | Identifier of the application used to create the subscription. Read-only. | All |
+| applicationId | String | Optional. Identifier of the application used to create the subscription. Read-only. | All |
| changeType | String | Required. Indicates the type of change in the subscribed resource that will raise a change notification. The supported values are: `created`, `updated`, `deleted`. Multiple values can be combined using a comma-separated list. <br><br>**Note:** <li> Drive root item and list change notifications support only the `updated` changeType. <li>[User](../resources/user.md) and [group](../resources/user.md) change notifications support `updated` and `deleted` changeType. | All | | clientState | String | Optional. Specifies the value of the `clientState` property sent by the service in each change notification. The maximum length is 128 characters. The client can check that the change notification came from the service by comparing the value of the `clientState` property sent with the subscription with the value of the `clientState` property received with each change notification. | All |
-| creatorId | String | Identifier of the user or service principal that created the subscription. If the app used delegated permissions to create the subscription, this field contains the id of the signed-in user the app called on behalf of. If the app used application permissions, this field contains the id of the service principal corresponding to the app. Read-only. | All |
-| encryptionCertificate | String | A base64-encoded representation of a certificate with a public key used to encrypt resource data in change notifications. Optional but required when **includeResourceData** is `true`. | All |
+| creatorId | String | Optional. Identifier of the user or service principal that created the subscription. If the app used delegated permissions to create the subscription, this field contains the id of the signed-in user the app called on behalf of. If the app used application permissions, this field contains the id of the service principal corresponding to the app. Read-only. | All |
+| encryptionCertificate | String | Optional. A base64-encoded representation of a certificate with a public key used to encrypt resource data in change notifications. Optional but required when **includeResourceData** is `true`. | All |
| encryptionCertificateId | String | Optional. A custom app-provided identifier to help identify the certificate needed to decrypt resource data. | All | | expirationDateTime | DateTimeOffset | Required. Specifies the date and time when the webhook subscription expires. The time is in UTC, and can be an amount of time from subscription creation that varies for the resource subscribed to. For the maximum supported subscription length of time, see [the table below](#maximum-length-of-subscription-per-resource-type). | All |
-| id | String | Unique identifier for the subscription. Read-only. | All |
+| id | String | Optional. Unique identifier for the subscription. Read-only. | All |
| includeResourceData | Boolean | Optional. When set to `true`, change notifications [include resource data](/graph/webhooks-with-resource-data) (such as content of a chat message). | All |
-| latestSupportedTlsVersion | String | Specifies the latest version of Transport Layer Security (TLS) that the notification endpoint, specified by **notificationUrl**, supports. The possible values are: `v1_0`, `v1_1`, `v1_2`, `v1_3`. </br></br>For subscribers whose notification endpoint supports a version lower than the currently recommended version (TLS 1.2), specifying this property by a set [timeline](https://developer.microsoft.com/graph/blogs/microsoft-graph-subscriptions-deprecating-tls-1-0-and-1-1/) allows them to temporarily use their deprecated version of TLS before completing their upgrade to TLS 1.2. For these subscribers, not setting this property per the timeline would result in subscription operations failing. </br></br>For subscribers whose notification endpoint already supports TLS 1.2, setting this property is optional. In such cases, Microsoft Graph defaults the property to `v1_2`. | All |
+| latestSupportedTlsVersion | String | Optional. Specifies the latest version of Transport Layer Security (TLS) that the notification endpoint, specified by **notificationUrl**, supports. The possible values are: `v1_0`, `v1_1`, `v1_2`, `v1_3`. </br></br>For subscribers whose notification endpoint supports a version lower than the currently recommended version (TLS 1.2), specifying this property by a set [timeline](https://developer.microsoft.com/graph/blogs/microsoft-graph-subscriptions-deprecating-tls-1-0-and-1-1/) allows them to temporarily use their deprecated version of TLS before completing their upgrade to TLS 1.2. For these subscribers, not setting this property per the timeline would result in subscription operations failing. </br></br>For subscribers whose notification endpoint already supports TLS 1.2, setting this property is optional. In such cases, Microsoft Graph defaults the property to `v1_2`. | All |
| lifecycleNotificationUrl | String | Optional. The URL of the endpoint that receives lifecycle notifications, including `subscriptionRemoved` and `missed` notifications. This URL must make use of the HTTPS protocol. | All |
-| notificationContentType | String | Desired **content-type** for Microsoft Graph change notifications for supported resource types. The default content-type is `application/json`. | All |
-| notificationQueryOptions | String | OData query options for specifying value for the targeting resource. Clients receive notifications when resource reaches the state matching the query options provided here. With this new property in the subscription creation payload along with all existing properties, Webhooks will deliver notifications whenever a resource reaches the desired state mentioned in the notificationQueryOptions property. For example, when the print job is completed or when a print job resource `isFetchable` property value becomes `true` etc. | [Universal Print Service](/graph/universal-print-webhook-notifications) |
+| notificationQueryOptions | String | Optional. OData query options for specifying value for the targeting resource. Clients receive notifications when resource reaches the state matching the query options provided here. With this new property in the subscription creation payload along with all existing properties, Webhooks will deliver notifications whenever a resource reaches the desired state mentioned in the notificationQueryOptions property. For example, when the print job is completed or when a print job resource `isFetchable` property value becomes `true` etc. | [Universal Print Service](/graph/universal-print-webhook-notifications) |
| notificationUrl | String | Required. The URL of the endpoint that will receive the change notifications. This URL must make use of the HTTPS protocol. | All |
+| notificationUrlAppId| String | Optional. The app ID that the subscription service can use to generate the validation token. This allows the client to validate the authenticity of the notification received. | All |
| resource | String | Required. Specifies the resource that will be monitored for changes. Do not include the base URL (`https://graph.microsoft.com/v1.0/`). See the possible resource path [values](webhooks.md) for each supported resource.| All | ### Maximum length of subscription per resource type
For the possible resource path values for each supported resource and to learn h
| SharePoint **list** | 42300 minutes (under 30 days) | | Outlook **message**, **event**, **contact** | 4230 minutes (under 3 days) | | **user**, **group**, other directory resources | 41760 minutes (under 29 days) |
+| **presence** | 60 minutes (1 hour) |
| Print **printer** | 4230 minutes (under 3 days) | | Print **printTaskDefinition** | 4230 minutes (under 3 days) |
Here is a JSON representation of the resource.
] }-->
-```json
+``` json
{
+ "@odata.type": "#microsoft.graph.subscription",
+ "id": "String (identifier)",
+ "resource": "String",
"changeType": "String",
+ "clientState": "String",
"notificationUrl": "String",
- "lifecycleNotificationUrl": "String",
- "resource": "String",
- "applicationId" : "String",
"expirationDateTime": "String (timestamp)",
- "id": "String (identifier)",
- "clientState": "String",
+ "applicationId": "String",
"creatorId": "String", "includeResourceData": "Boolean",
+ "lifecycleNotificationUrl": "String",
"encryptionCertificate": "String", "encryptionCertificateId": "String", "latestSupportedTlsVersion": "String",
- "notificationContentType": "String",
- "notificationQueryOptions": "String"
+ "notificationQueryOptions": "String",
+ "notificationUrlAppId": "String"
} ```
v1.0 Team https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/team.md
Namespace: microsoft.graph
A team in Microsoft Teams is a collection of [channel](channel.md) objects. A channel represents a topic, and therefore a logical isolation of discussion, within a team.
-Every team is associated with a [group](../resources/group.md).
+Every team is associated with a [Microsoft 365 group](../resources/group.md).
The group has the same ID as the team - for example, `/groups/{id}/team` is the same as `/teams/{id}`. For more information about working with groups and members in teams, see [Use the Microsoft Graph REST API to work with Microsoft Teams](teams-api-overview.md).
For more information about working with groups and members in teams, see [Use th
| Method | Return Type |Description| |:|:--|:-| |[Create team](../api/team-post.md) | [teamsAsyncOperation](teamsasyncoperation.md) | Create a team from scratch. |
-|[Create team from group](../api/team-put-teams.md) | [team](team.md) | Create a new team, or add a team to an existing group.|
+|[Create team from group](../api/team-put-teams.md) | [team](team.md) | Create a new team, or add a team to an existing Microsoft 365 group.|
|[Get team](../api/team-get.md) | [team](team.md) | Retrieve the properties and relationships of the specified team.| |[Update team](../api/team-update.md) | [team](team.md) |Update the properties of the specified team. | |[Delete team](../api/group-delete.md) | None |Delete the team and its associated group. |
v1.0 User https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/user.md
This resource supports:
### mail and proxyAddresses properties **mail** and **proxyAddresses** are both email-related properties. **proxyAddresses** is a collection of addresses only relevant for Microsoft Exchange server. It's used to store a list of mail addresses for a user that are tied to a single mailbox. **mail** property is used as the user's email address for various purposes including user sign in and defines the primary proxy address.
-Both **mail** and **proxyAddresses** can be retrieved through the [GET user](add link) API on MS Graph. **mail** can be updated via the [PATCH method of the Update user](add link) API, but **proxyAddresses** can't be updated via Microsoft Graph. When a user's **mail** property is updated, it triggers recalculation of **proxyAddresses** and the newly updated mail is set to be the primary proxy address, except in the following scenarios:
+Both **mail** and **proxyAddresses** can be retrieved through the [GET user](/graph/api/user-get) API on MS Graph. **mail** can be updated via the [PATCH method of the Update user](/graph/api/user-update) API, but **proxyAddresses** can't be updated via Microsoft Graph. When a user's **mail** property is updated, it triggers recalculation of **proxyAddresses** and the newly updated mail is set to be the primary proxy address, except in the following scenarios:
1. If a user has a license that includes Microsoft Exchange, all their proxy addresses must belong to a verified domain on the tenant. Any that don't belong to verified domains are silently removed. 2. A user's mail will NOT be set to the primary proxy address if the user is a guest and the primary proxy address contains the guest user UPN string with #EXT#.
v1.0 Usersettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/usersettings.md
doc_type: resourcePageType
Namespace: microsoft.graph The current user settings for content discovery.
-To learn how to get or update user settings, see [Get settings](../api/usersettings-get.md) and [Update settings](../api/usersettings-update.md).
+
+Inherits from [entity](entity.md). To learn how to get or update user settings, see [Get settings](../api/usersettings-get.md) and [Update settings](../api/usersettings-update.md).
This resource supports:
This resource supports:
|:|:--|:-| |contributionToContentDiscoveryDisabled|Boolean|When set to true, the delegate access to the user's [trending](/graph/api/resources/insights-trending?view=graph-rest-beta) API is disabled. When set to true, documents in the user's Office Delve are disabled. When set to true, the relevancy of the content displayed in Microsoft 365, for example in Suggested sites in SharePoint Home and the Discover view in OneDrive for Business is affected. Users can control this setting in [Office Delve](https://support.office.com/en-us/article/are-my-documents-safe-in-office-delve-f5f409a2-37ed-4452-8f61-681e5e1836f3?ui=en-US&rs=en-US&ad=US#bkmk_optout). | |contributionToContentDiscoveryAsOrganizationDisabled|Boolean|Reflects the [organization level setting](https://support.office.com/en-us/article/office-delve-for-office-365-admins-54f87a42-15a4-44b4-9df0-d36287d9531b#bkmk_delveonoff) controlling delegate access to the [trending](/graph/api/resources/insights-trending?view=graph-rest-beta) API. When set to true, the organization doesn't have access to Office Delve. The relevancy of the content displayed in Microsoft 365, for example in Suggested sites in SharePoint Home and the Discover view in OneDrive for Business is affected for the whole organization. This setting is read-only and can only be changed by administrators in the [SharePoint admin center](https://support.office.com/article/about-the-office-365-admin-center-758befc4-0888-4009-9f14-0d147402fd23?ui=en-US&rs=en-US&ad=US).|
+|id|String|Unique identifier of the user setting. Read-only. Inherited from [entity](entity.md).|
## JSON representation
v1.0 Windowshelloforbusinessauthenticationmethod https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/windowshelloforbusinessauthenticationmethod.md
Inherits from [authenticationMethod](../resources/authenticationmethod.md).
## Relationships |Relationship|Type|Description| |:|:|:|
-|device|[device](../resources/device.md)|The registered device on which this Windows Hello for Business key resides.|
+|device|[device](../resources/device.md)|The registered device on which this Windows Hello for Business key resides. Supports `$expand`. <br/><br/>When you get a user's Windows Hello for Business registration information, this property is returned only on a single GET and when you specify `?$expand`. For example, GET `/users/admin@contoso.com/authentication/windowsHelloForBusinessMethods/_jpuR-TGZtk6aQCLF3BQjA2?$expand=device`.|
## JSON representation The following is a JSON representation of the resource.
v1.0 Toc.Yml https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/toc.yml a/api-reference/v1.0/toc.yml
items:
- name: Group setting href: resources/groupsetting.md items:
- - name: Create setting
- href: api/groupsetting-post-groupsettings.md
- - name: Get setting
+ - name: Create
+ href: api/group-post-settings.md
+ - name: Get
href: api/groupsetting-get.md
- - name: List settings
- href: api/groupsetting-list.md
- - name: Update setting
+ - name: List
+ href: api/group-list-settings.md
+ - name: Update
href: api/groupsetting-update.md
- - name: Delete setting
+ - name: Delete
href: api/groupsetting-delete.md - name: Group setting template href: resources/groupsettingtemplate.md
items:
href: api/application-list-extensionproperty.md - name: Create href: api/application-post-extensionproperty.md
+ - name: Get
+ href: api/extensionproperty-get.md
- name: Delete
- href: api/application-delete-extensionproperty.md
+ href: api/extensionproperty-delete.md
+ - name: Get available extension properties
+ href: api/directoryobject-getavailableextensionproperties.md
- name: Owners items: - name: List
items:
href: api/bookingstaffmember-update.md - name: Delete href: api/bookingstaffmember-delete.md
- - name: Devices and apps
+ - name: Device and app management
expanded: true items: - name: Cloud printing
items:
href: api/intune-auditing-devicemanagement-get.md - name: Update href: api/intune-auditing-devicemanagement-update.md
- - name: Device management
- href: resources/intune-auditing-devicemanagement.md
- items:
- - name: Get
- href: api/intune-auditing-devicemanagement-get.md
- - name: Update
- href: api/intune-auditing-devicemanagement-update.md
- - name: Device management
- href: resources/intune-auditing-devicemanagement.md
- items:
- - name: Get
- href: api/intune-auditing-devicemanagement-get.md
- - name: Update
- href: api/intune-auditing-devicemanagement-update.md
- - name: Device management
- href: resources/intune-auditing-devicemanagement.md
- items:
- - name: Get
- href: api/intune-auditing-devicemanagement-get.md
- - name: Update
- href: api/intune-auditing-devicemanagement-update.md
- - name: Device management
- href: resources/intune-auditing-devicemanagement.md
- items:
- - name: Get
- href: api/intune-auditing-devicemanagement-get.md
- - name: Update
- href: api/intune-auditing-devicemanagement-update.md
- name: Device management exchange access state href: resources/intune-devices-devicemanagementexchangeaccessstate.md - name: Device management exchange access state reason
items:
- name: Windows Hello for business PIN usage href: resources/intune-onboarding-windowshelloforbusinesspinusage.md - name: Role-based access control (RBAC)
- href: /resources/intune-rbac-conceptual.md
+ href: resources/intune-rbac-conceptual.md
items: - name: Device and app management role assignment href: resources/intune-rbac-deviceandappmanagementroleassignment.md
items:
href: api/organizationalbrandinglocalization-update.md - name: Delete href: api/organizationalbrandinglocalization-delete.md
- - name: Policy
- href: resources/policy-overview.md
+ - name: Policies
items:
+ - name: Overview
+ href: resources/policy-overview.md
- name: Activity-based timeout policy href: resources/activitybasedtimeoutpolicy.md items:
items:
- name: List contacted reviewers href: api/accessreviewinstance-list-contactedreviewers.md - name: Access review instance decision item
+ displayName: access review decisions
href: resources/accessreviewinstancedecisionitem.md items: - name: Get
items:
href: api/accessreviewinstancedecisionitem-update.md - name: Filter by current user href: api/accessreviewinstancedecisionitem-filterbycurrentuser.md
+ - name: Access review history definition
+ href: resources/accessreviewhistorydefinition.md
+ items:
+ - name: Get
+ href: api/accessreviewhistorydefinition-get.md
+ - name: List
+ href: api/accessreviewset-list-historydefinitions.md
+ - name: Create
+ href: api/accessreviewset-post-historydefinitions.md
+ - name: Access review history instance
+ href: resources/accessreviewhistoryinstance.md
+ items:
+ - name: List
+ href: api/accessreviewhistorydefinition-list-instances.md
+ - name: Generate download URI
+ displayName: Downloadable access review history report
+ href: api/accessreviewhistoryinstance-generatedownloaduri.md
- name: Consent requests href: resources/consentrequests-overview.md items:
items:
href: api/entitlementmanagement-list-assignments.md - name: Filter by current user href: api/accesspackageassignment-filterbycurrentuser.md
+ - name: Access package assignment request approval
+ items:
+ - name: Approval
+ href: resources/approval.md
+ - name: Get
+ href: api/approval-get.md
+ - name: Filter by current user
+ href: api/approval-filterbycurrentuser.md
+ - name: Approval stage
+ items:
+ - name: Approval stage
+ href: resources/approvalstage.md
+ - name: List
+ href: api/approval-list-stages.md
+ - name: Get
+ href: api/approvalstage-get.md
+ - name: Update
+ href: api/approvalstage-update.md
- name: Access package assignment request href: resources/accesspackageassignmentrequest.md items:
items:
href: api/agreement-update.md - name: Delete href: api/agreement-delete.md
- - name: List acceptance status
- href: api/user-list-agreementacceptances.md
+ - name: Agreement acceptances
+ href: resources/agreementacceptance.md
+ items:
+ - name: List acceptances
+ href: api/user-list-agreementacceptances.md
+ - name: List acceptance status
+ href: api/agreement-list-acceptances.md
+ - name: Agreement files
+ items:
+ - name: Default agreement file
+ href: resources/agreementfile.md
+ - name: Localized agreement files
+ href: resources/agreementfilelocalization.md
+ - name: Get default file
+ href: api/agreementfile-get.md
+ - name: Create localized files
+ href: api/agreement-post-files.md
+ - name: List localized files
+ href: api/agreement-list-files.md
- name: Mail displayName: Outlook, Outlook mail items: