Updates from: 03/24/2023 02:20:53
Service Microsoft Docs article Related commit history on GitHub Change details
v1.0 Accesspackageassignmentpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentpolicy-get.md
Content-type: application/json
} ```
+### Example 3: Retrieve the custom extension stage settings for a policy
+
+#### Request
+
+The following is an example of a request to retrieve the collection of custom extension stage settings that are defined for a policy and their associated access package custom workflow extension.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_accesspackageassignmentpolicy_expand_customextensionstagesettings"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies/4540a08f-8ab5-43f6-a923-015275799197?$expand=customExtensionStageSettings($expand=customExtension)
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++++
+#### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentPolicy"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "id": "4540a08f-8ab5-43f6-a923-015275799197",
+ "displayName": "policy with custom access package workflow extension",
+ "description": "Run specified custom access package workflow extension at different stages.",
+ "canExtend": true,
+ "durationInDays": 0,
+ "expirationDateTime": null,
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "accessReviewSettings": null,
+ "requestorSettings": {
+ "scopeType": "AllExistingDirectorySubjects",
+ "acceptRequests": true,
+ "allowedRequestors": []
+ },
+ "requestApprovalSettings": {
+ "isApprovalRequired": false,
+ "isApprovalRequiredForExtension": false,
+ "isRequestorJustificationRequired": false,
+ "approvalMode": "NoApproval",
+ "approvalStages": []
+ },
+ "customExtensionStageSettings": [
+ {
+ "id": "5a38d27a-b702-48d9-ac72-dcf158ba1b0d",
+ "stage": "assignmentRequestCreated",
+ "customExtension": {
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id": "219f57b6-7983-45a1-be01-2c228b7a43f8",
+ "displayName": "test_action_1",
+ "description": "Test logic app",
+ "createdDateTime": "2022-01-11T05:19:16.97Z",
+ "lastModifiedDateTime": "2022-01-11T05:19:16.97Z",
+ "endpointConfiguration": {
+ "@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId": "38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName": "resourcegroup",
+ "logicAppWorkflowName": "customextension_test",
+ "url": "https://prod-31.eastus.logic.azure.com:443/workflows/8ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration": {
+ "@odata.type": "#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+ }
+ ]
+}
+```
+ <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98 2019-02-04 14:57:30 UTC --> <!-- {
v1.0 Accesspackageassignmentpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentpolicy-update.md
Content-Type: application/json
"accessReviewSettings": null } ```
+### Example 3: Remove the customExtensionStageSettings from a policy
+
+To remove the collection of **customExtensionStageSettings** and their associated custom workflow extension objects from a policy, assign an empty collection to the **customExtensionStageSettings** object.
+
+#### Request
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_accesspackageassignmentpolicy_delete_customExtensionStageSettings"
+}
+-->
+
+```http
+PUT https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies/4540a08f-8ab5-43f6-a923-015275799197
+Content-Type: application/json
+
+{
+ "id": "5540a08f-8ab5-43f6-a923-015275799197",
+ "displayName": "policy with access package custom workflow extension",
+ "description": "Run specified access package custom workflow extension at different stages.",
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "expiration": {
+ "type": "afterDuration",
+ "duration": "P365D"
+ },
+ "requestApprovalSettings": null,
+ "requestorSettings": {
+ "acceptRequests": true,
+ "scopeType": "AllExistingDirectorySubjects",
+ "allowedRequestors": []
+ },
+ "accessReviewSettings": null,
+ "customExtensionHandlers": []
+}
+```
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++++
+#### Response
+> **Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentPolicy"
+}
+-->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "id": "4540a08f-8ab5-43f6-a923-015275799197",
+ "displayName": "policy with access package custom workflow extension",
+ "description": "Run specified access package custom workflow extension at different stages.",
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "expiration": {
+ "type": "afterDuration",
+ "duration": "P365D"
+ },
+ "requestApprovalSettings": null,
+ "requestorSettings": {
+ "acceptRequests": true,
+ "scopeType": "AllExistingDirectorySubjects",
+ "allowedRequestors": []
+ },
+ "accessReviewSettings": null
+}
+```
<!-- {
v1.0 Accesspackageassignmentrequest Resume https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentrequest-resume.md
+
+ Title: "accessPackageAssignmentRequest: resume"
+description: "Resume accessPackageAssignmentRequest objects."
+ms.localizationpriority: medium
+++
+# accessPackageAssignmentRequest: resume
+Namespace: microsoft.graph
++
+In [Azure AD entitlement management](../resources/entitlementmanagement-overview.md), when an access package policy has been enabled to call out a custom extension and the request processing is waiting for the callback from the customer, the customer can initiate a resume action. It is performed on an [accessPackageAssignmentRequest](../resources/accesspackageassignmentrequest.md) object whose **requestStatus** is in a `WaitingForCallback` state.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+| Delegated (work or school account) | EntitlementManagement.ReadWrite.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identityGovernance/entitlementManagement/accessPackageAssignmentRequests/{accessPackageAssignmentRequestId}/resume
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the parameters.
+
+The following table shows the parameters that can be used with this action.
+
+|Parameter|Type|Description|
+|:|:|:|
+|source|String|Source from where customer is trying to resume the request, which can be stored in service and will be helpful for auditing.|
+|type|String|Indicate at which stage the custom callout extension was executed. The possible values are: `microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated`, `microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestApproved`, `microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestGranted`, `microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestRemoved`|
+|data|[accessPackageAssignmentRequestCallbackData](../resources/accesspackageassignmentrequestcallbackdata.md)| Contains information about the instance of the callout that was made to the customer endpoint. |
+++
+## Response
+
+If successful, this action returns a `204 No Content` response code.
+
+## Examples
+
+### Example 1: Resume an access package assignment request
+
+#### Request
+The following is an example of a call to resume an access package assignment request that's waiting for a callback.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "accesspackageassignmentrequestthis.resume"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentRequests/0e60f18c-b2a0-4887-9da8-da2e30a39d99/resume
+Content-Type: application/json
+
+{
+ "source": "Contoso.SodCheckProcess",
+ "type": "microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated",
+ "data": {
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestCallbackData",
+ "stage": "assignmentRequestCreated",
+ "customExtensionStageInstanceId": "957d0c50-466b-4840-bb5b-c92cea7141ff",
+ "customExtensionStageInstanceDetail": "This user is all verified"
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
++++
+#### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
+### Example 2: Resume and deny an access package assignment request
+
+#### Request
+The following is an example to resume the processing of an access package assignment request by denying the request that's waiting for a callback. A request cannot be denied at the `assignmentRequestCreated` stage of the callout.
+<!-- {
+ "blockType": "request"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentRequests/9e60f18c-b2a0-4887-9da8-da2e30a39d99/resume
+Content-Type: application/json
+
+{
+ "source": "Contoso.SodCheckProcess",
+ "type": "microsoft.graph.accessPackageCustomExtensionStage.assignmentRequestCreated",
+ "data": {
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestCallbackData",
+ "stage": "AssignmentRequestCreated",
+ "customExtensionStageInstanceId": "857d0c50-466b-4840-bb5b-c92cea7141ff",
+ "state": "denied",
+ "customExtensionStageInstanceDetail": "Potential risk user based on the SOD check"
+ }
+}
+```
++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Accesspackageassignmentrequestworkflowextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentrequestworkflowextension-delete.md
+
+ Title: "Delete accessPackageAssignmentRequestWorkflowExtension"
+description: "Delete an accessPackageAssignmentRequestWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Delete accessPackageAssignmentRequestWorkflowExtension
+Namespace: microsoft.graph
++
+Delete an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object. The custom workflow extension must first be removed from any associated [policies](../resources/accesspackageassignmentpolicy.md) before it can be deleted. Follow these steps to remove the custom workflow extension from any associated policies:
+1. First retrieve the accessPackageCatalogId by calling the [Get accessPackageAssignmentPolicies](accesspackageassignmentpolicy-get.md) operation and appending `?$expand=accessPackage($expand=accessPackageCatalog)` to the query. For example, `https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies?$expand=accessPackage($expand=accessPackageCatalog)`.
+2. Use the access package catalog ID and retrieve the ID of the **accessPackageCustomWorkflowExtension** object that you want to delete by running the [List accessPackageCustomWorkflowExtensions](accesspackagecatalog-list-accesspackagecustomworkflowextensions.md) operation.
+3. Call the [Update accessPackageAssignmentPolicy](accesspackageassignmentpolicy-update.md) operation to remove the custom workflow extension object from the policy. For an example, see [Example 3: Remove the customExtensionStageSettings from a policy](accesspackageassignmentpolicy-update.md#example-3-remove-the-customextensionstagesettings-from-a-policy).
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application| EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions/{customAccessPackageWorkflowExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "delete_accesspackageassignmentrequestworkflowextension"
+}
+-->
+``` http
+DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/customAccessPackageWorkflowExtensions/E3D4CE35-B16A-4E19-ADF2-616B64D336DC
+```
++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Accesspackageassignmentrequestworkflowextension Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentrequestworkflowextension-get.md
+
+ Title: "Get accessPackageAssignmentRequestWorkflowExtension"
+description: "Read the properties and relationships of an accessPackageAssignmentRequestWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Get accessPackageAssignmentRequestWorkflowExtension
+Namespace: microsoft.graph
++
+Read the properties and relationships of an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/accessPackageCustomWorkflowExtensions/{accessPackageCustomWorkflowExtensionId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_accesspackageassignmentrequestworkflowextension"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions/98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestWorkflowExtension"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id":"98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0124_email",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/8ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ },
+ "callbackConfiguration":{
+ "@odata.type":"microsoft.graph.customExtensionCallbackConfiguration",
+ "durationBeforeTimeout":"PT1H"
+ }
+ }
+}
+```
+
v1.0 Accesspackageassignmentrequestworkflowextension Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentrequestworkflowextension-update.md
+
+ Title: "Update accessPackageAssignmentRequestWorkflowExtension"
+description: "Update the properties of an accessPackageAssignmentRequestWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Update accessPackageAssignmentRequestWorkflowExtension
+Namespace: microsoft.graph
++
+Update the properties of an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PUT /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions/{customAccessPackageWorkflowExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
++
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Authentication type. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|description|String|Description for the accessPackageCustomWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|displayName|String|Display name for the accessPackageCustomWorkflowExtension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|callbackConfiguration|[customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md)|The timeout duration for callback. Optional.|
+++
+## Response
+
+If successful, this method returns a `200 OK` response code and an updated [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_accesspackageassignmentrequestworkflowextension"
+}
+-->
+``` http
+PUT https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions/98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "displayName": "test_action_0124_email",
+ "description": "this is for graph testing only"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestWorkflowExtension"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id":"98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0124_email",
+ "description": "this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/8ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ },
+ "callbackConfiguration":{
+ "@odata.type":"microsoft.graph.customExtensionCallbackConfiguration",
+ "durationBeforeTimeout":"PT1H"
+ }
+ }
+}
+```
+
v1.0 Accesspackageassignmentworkflowextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentworkflowextension-delete.md
+
+ Title: "Delete accessPackageAssignmentWorkflowExtension"
+description: "Delete an accessPackageAssignmentWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Delete accessPackageAssignmentWorkflowExtension
+Namespace: microsoft.graph
++
+Delete an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object. The custom workflow extension must first be removed from any associated [policies](../resources/accesspackageassignmentpolicy.md) before it can be deleted. Follow these steps to remove the custom workflow extension from any associated policies:
+1. First retrieve the accessPackageCatalogId by calling the [Get accessPackageAssignmentPolicies](accesspackageassignmentpolicy-get.md) operation and appending `?$expand=accessPackage($expand=accessPackageCatalog)` to the query. For example, `https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies?$expand=accessPackage($expand=accessPackageCatalog)`.
+2. Use the access package catalog ID and retrieve the ID of the **accessPackageCustomWorkflowExtension** object that you want to delete by running the [List accessPackageCustomWorkflowExtensions](accesspackagecatalog-list-accesspackagecustomworkflowextensions.md) operation.
+3. Call the [Update accessPackageAssignmentPolicy](accesspackageassignmentpolicy-update.md) operation to remove the custom workflow extension object from the policy. For an example, see [Example 3: Remove the customExtensionStageSettings from a policy](accesspackageassignmentpolicy-update.md#example-3-remove-the-customextensionstagesettings-from-a-policy).
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application| EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions/{customAccessPackageWorkflowExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "delete_accesspackageassignmentworkflowextension"
+}
+-->
+``` http
+DELETE /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/customAccessPackageWorkflowExtensions/5FD6D8D5-E8F1-4B54-A1E6-1D0FE0B6E6EC
+```
++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Accesspackageassignmentworkflowextension Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentworkflowextension-get.md
+
+ Title: "Get accessPackageAssignmentWorkflowExtension"
+description: "Read the properties and relationships of an accessPackageAssignmentWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Get accessPackageAssignmentWorkflowExtension
+Namespace: microsoft.graph
++
+Read the properties and relationships of an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/accessPackageCustomWorkflowExtensions/{accessPackageCustomWorkflowExtensionId}
+```
+
+## Optional query parameters
+This method supports the `$select` OData query parameter to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_accesspackageassignmentworkflowextension"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions/78ffaec5-ae8e-4902-a434-5ffc5d3d3cd0
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentWorkflowExtension"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "id":"78ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0127_email",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/7ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+}
+```
+
v1.0 Accesspackageassignmentworkflowextension Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackageassignmentworkflowextension-update.md
+
+ Title: "Update accessPackageAssignmentWorkflowExtension"
+description: "Update the properties of an accessPackageAssignmentWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Update accessPackageAssignmentWorkflowExtension
+Namespace: microsoft.graph
++
+Update the properties of an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PUT /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/customAccessPackageWorkflowExtensions/{customAccessPackageWorkflowExtensionId}
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
++
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Authentication type. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|description|String|Description for the accessPackageCustomWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|displayName|String|Display name for the accessPackageCustomWorkflowExtension. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md). Optional.|
+|callbackConfiguration|[customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md)|The timeout duration for callback. Optional.|
+++
+## Response
+
+If successful, this method returns a `200 OK` response code and an updated [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_accesspackageassignmentworkflowextension"
+}
+-->
+``` http
+PUT https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions/78ffaec5-ae8e-4902-a434-5ffc5d3d3cd0
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "displayName": "test_action_0124_email",
+ "description": "this is for graph testing only"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentWorkflowExtension"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "id":"78ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0127_email",
+ "description": "this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/7ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+}
+```
+
v1.0 Accesspackagecatalog List Accesspackagecustomworkflowextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-list-accesspackagecustomworkflowextensions.md
+
+ Title: "List accessPackagecustomWorkflowExtensions"
+description: "Get a list of the accessPackageCustomWorkflowExtension objects and their properties."
+
+ms.localizationpriority: medium
++
+# List accessPackageCustomWorkflowExtensions
+Namespace: microsoft.graph
++
+Get a list of the [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) and [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) objects and their properties. The resulting list includes all the **customAccessPackageWorkflowExtension** objects for the catalog that the caller has access to read. Each object includes an `@odata.type` property that indicates whether the object is an **accessPackageAssignmentRequestWorkflowExtension** or an **accessPackageAssignmentWorkflowExtension**.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/accessPackageCustomWorkflowExtensions
+```
+
+## Optional query parameters
+This method supports the `$select` and `$filter` OData query parameters to help customize the response. For example, to search for access packages with a particular name, include a filter such as `$filter=contains(tolower(displayName),'team')` in the query. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) objects in the response body.
+
+## Examples
+
+### Request
+
+<!-- {
+ "blockType": "request",
+ "name": "list_accesspackagecustomworkflowextension"
+}
+-->
+``` http
+GET /identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions
+```
+
+### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.customCalloutExtension)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context":"https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackageCustomWorkflowExtensions",
+ "value":[
+ {
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id":"98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0124",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/8ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ },
+ "callbackConfiguration":{
+ "@odata.type":"microsoft.graph.customExtensionCallbackConfiguration",
+ "durationBeforeTimeout":"PT1H"
+ }
+ },
+ {
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "id":"98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0124",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/9ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+ ]
+}
+```
v1.0 Accesspackagecatalog Post Accesspackagecustomworkflowextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-post-accesspackagecustomworkflowextensions.md
+
+ Title: "Create accessPackageCustomWorkflowExtension"
+description: "Create a new accessPackageCustomWorkflowExtension object."
+
+ms.localizationpriority: medium
++
+# Create accessPackageCustomWorkflowExtension
+Namespace: microsoft.graph
++
+Create a new [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object and add it to an existing [accessPackageCatalog](../resources/accesspackagecatalog.md) object.
+
+You must explicitly provide an `@odata.type` property that indicates whether the object is an **accessPackageAssignmentRequestWorkflowExtension** or an **accessPackageAssignmentWorkflowExtension**.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|EntitlementManagement.ReadWrite.All |
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|EntitlementManagement.Read.All EntitlementManagement.ReadWrite.All |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+POST /identityGovernance/entitlementManagement/accessPackageCatalogs/{catalogId}/accessPackageCustomWorkflowExtensions
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.
+
+You can specify the following properties when creating a **accessPackageCustomWorkflowExtension**.
+
+|Property|Type|Description|
+|:|:|:|
+|description|String|Description for the customAccessPackageWorkflowExtension object.|
+|displayName|String|Display name for the customAccessPackageWorkflowExtension.|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow.|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow.|
+|callbackConfiguration|[customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md)|The callback configuration for a custom extension. This is suppoted for `accessPackageAssignmentRequestWorkflowExtension`. |
+
+You must also supply an **@odata.type** property with a value of the specific access package workflow extension type. For example, `"@odata.type": "#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension"`.
+
+## Response
+
+If successful, this method returns a `201 Created` response code and a [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object in the response body.
+
+## Examples
+
+### Example 1: Create a custom extension for use with an access package assignment request
+The following is an example of a access package assignment request custom workflow extension.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_accessPackageAssignmentRequestWorkflowExtension"
+}
+-->
+
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackagecustomWorkflowExtensions
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "displayName":"test_action_0124_email",
+ "description":"this is for graph testing only",
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ },
+ "callbackConfiguration":{
+ "@odata.type":"microsoft.graph.customExtensionCallbackConfiguration",
+ "durationBeforeTimeout":"PT1H"
+ }
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++++
+#### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.customCalloutExtension"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id":"98ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0124_email",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/8ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ },
+ "callbackConfiguration":{
+ "@odata.type":"microsoft.graph.customExtensionCallbackConfiguration",
+ "durationBeforeTimeout":"PT1H"
+ }
+ }
+}
+```
+
+### Example 2: Create a custom extension for use with an access package assignment
+The following is an example of a access package assignment custom workflow extension.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_accessPackageAssignmentWorkflowExtension"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageCatalogs/32efb28c-9a7a-446c-986b-ca6528c6669d/accessPackagecustomWorkflowExtensions
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "displayName":"test_action_0127_email",
+ "description":"this is for graph testing only",
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++++
+#### Response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.customCalloutExtension"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+ "value":{
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "id":"78ffaec5-ae8e-4902-a434-5ffc5d3d3cd0",
+ "displayName":"test_action_0127_email",
+ "description":"this is for graph testing only",
+ "createdDateTime":"2022-01-24T21:48:57.15Z",
+ "lastModifiedDateTime":"2022-01-24T21:55:44.953Z",
+ "clientConfiguration":null,
+ "endpointConfiguration":{
+ "@odata.type":"#microsoft.graph.logicAppTriggerEndpointConfiguration",
+ "subscriptionId":"38ab2ccc-3747-4567-b36b-9478f5602f0d",
+ "resourceGroupName":"test",
+ "logicAppWorkflowName":"elm-extension-email",
+ "url":"https://prod-31.eastus.logic.azure.com:443/workflows/7ccffea766ae48e680gd9a22d1549bbc/triggers/manual/paths/invoke?api-version=2016-10-01"
+ },
+ "authenticationConfiguration":{
+ "@odata.type":"#microsoft.graph.azureAdPopTokenAuthentication"
+ }
+ }
+}
+```
+
v1.0 Accesspackagecatalog Post Customaccesspackageworkflowextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/accesspackagecatalog-post-customaccesspackageworkflowextensions.md
If successful, this method returns a `201 Created` response code and a [customAc
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "create_customaccesspackageworkflowextension_from_"
+ "name": "create_customaccesspackageworkflowextension_"
} --> ``` http
Content-Type: application/json
``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PHP](#tab/php) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Appmanagementpolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appManagementPolicy-delete.md
Delete an [appManagementPolicy](../resources/appManagementPolicy.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
-| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Policy.ReadWrite.ApplicationConfiguration |
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
## HTTP request
The following is an example of the request.
"name": "delete_appManagementPolicy" }-->
-```msgraph-interactive
+```http
DELETE https://graph.microsoft.com/beta/policies/appManagementPolicies/{id} ```
v1.0 Appmanagementpolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appManagementPolicy-list-appliesTo.md
List application and service principal objects assigned an [appManagementPolicy]
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
| Delegated (work or school account) | Application.Read.All and Policy.Read.All, Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
-| Delegated (personal Microsoft account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
| Application | Application.Read.All and Policy.Read.All, Application.Read.All and Policy.ReadWrite.ApplicationConfiguration | ## HTTP request
The following is an example of the request.
"name": "list_appManagementPolicyAppliesTo" }-->
-```msgraph-interactive
+```http
GET https://graph.microsoft.com/beta/policies/appManagementPolicies/{id}/appliesTo ```
The following is an example of the request using $select query option.
"name": "list_appManagementPolicyAppliesTo_select" }-->
-```msgraph-interactive
+```http
GET https://graph.microsoft.com/beta/policies/appManagementPolicies/{id}/appliesTo?$select=id,appId,displayName,createdDateTime ```
v1.0 Appmanagementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appManagementPolicy-update.md
Update an [appManagementPolicy](../resources/appManagementPolicy.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
-| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Policy.ReadWrite.ApplicationConfiguration |
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
## HTTP request
In the request body, supply the values for relevant fields from the [appManageme
Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance, don't include existing values that haven't changed.
-| Property | Type | Description |
-|:|:-|:--|
-| displayName | String | The display name of the policy. Inherited from [policyBase](../resources/policybase.md). |
-| description | String | The description of the policy. Inherited from [policyBase](../resources/policybase.md). |
-| isEnabled | Boolean | Denotes whether the policy is enabled. |
-| restrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. |
+| Property | Type | Description |
+| :-- | :-- | : |
+| displayName | String | The display name of the policy. Inherited from [policyBase](../resources/policybase.md). |
+| description | String | The description of the policy. Inherited from [policyBase](../resources/policybase.md). |
+| isEnabled | Boolean | Denotes whether the policy is enabled. |
+| restrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. |
## Response
The following is an example of the request.
"name": "update_appManagementPolicy" }-->
-```msgraph-interactive
+```http
PATCH https://graph.microsoft.com/beta/policies/appManagementPolicies/{id} {
v1.0 Application Delete Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-delete-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```http
-DELETE https://graph.microsoft.com/beta/applications/{id}/tokenLifetimePolicies/{id}/$ref
+DELETE https://graph.microsoft.com/beta/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4/$ref
``` # [C#](#tab/csharp)
DELETE https://graph.microsoft.com/beta/applications/{id}/tokenLifetimePolicies/
The following is an example of the response.
-> **Note:** The response object shown here might be shortened for readability.
- <!-- { "blockType": "response", "truncated": true
v1.0 Application List Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-list-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/applications/{id}/tokenLifetimePolicies
+GET https://graph.microsoft.com/beta/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies
``` # [C#](#tab/csharp)
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.tokenLifetimePolicy)",
+ "value": [
+ {
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"5:30:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
+ }
+ ]
} ```
v1.0 Application Post Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/application-post-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```http
-POST https://graph.microsoft.com/beta/applications/{id}/tokenLifetimePolicies
+POST https://graph.microsoft.com/beta/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies/$ref
Content-Type: application/json {
- "@odata.id":"https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/cd3d9b57-0aee-4f25-8ee3-ac74ef5986a9"
+ "@odata.id":"https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4"
} ```
Content-Type: application/json
[!INCLUDE [sample-code](../includes/snippets/go/create-tokenlifetimepolicy-from-application-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [PowerShell](#tab/powershell)
+ # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/create-tokenlifetimepolicy-from-application-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Appmanagementpolicy Delete Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-delete-appliesto.md
+
+ Title: "Remove appliesTo"
+description: "Remove an appManagementPolicy from an application or service principal object."
+ms.localizationpriority: medium
+++
+# Remove appliesTo
+
+Namespace: microsoft.graph
++
+Remove an [appManagementPolicy](../resources/appManagementPolicy.md) policy object from an application or service principal object. When you remove the appManagementPolicy, the application or service principal adopts the tenant-wide [tenantAppManagementPolicy](../resources/tenantappmanagementpolicy.md) setting.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
+| Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+DELETE /applications/{id}/appManagementPolicies/$ref
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
+
+In the request body, provide a reference to a single policy object from the [appManagementPolicies](../resources/appmanagementpolicy.md) collection.
+
+## Response
+
+If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Example 1: Remove an appManagementPolicy from an application object
+
+#### Request
+
+The following is an example of the request to remove an appManagementPolicy from an application.
++
+<!-- {
+ "blockType": "request",
+ "name": "remove_appliesTo"
+}-->
+
+```http
+DELETE https://graph.microsoft.com/beta/applications/{id}/appManagementPolicies/$ref
+Content-type: application/json
+
+{
+ "@odata.id":"https://graph.microsoft.com/beta/policies/appManagementPolicies/{id}"
+}
+```
+
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+### Example 2: Remove an appManagementPolicy from a service principal object
+
+#### Request
+
+The following is an example of the request to remove an appManagementPolicy from a service principal.
+++
+<!-- {
+ "blockType": "request",
+ "name": "remove_appliesTo"
+}-->
+
+``` http
+DELETE https://graph.microsoft.com/beta/servicePrincipals/{id}/appManagementPolicies/$ref
+
+{
+ "@odata.id":"https://graph.microsoft.com/beta/policies/appManagementPolicies/{id}"
+}
+```
++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "list resources for appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-get.md
Read the properties of an [appManagementPolicy](../resources/appManagementPolicy
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
+| Permission type | Permissions (from least to most privileged) |
| :- | : | | Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration | | Delegated (personal Microsoft account) | Not supported. |
The following is an example of the request. From the response, the app manageme
"name": "get_appManagementPolicy" }-->
-```msgraph-interactive
+```http
GET https://graph.microsoft.com/beta/policies/appManagementPolicies/{id} ```
v1.0 Appmanagementpolicy List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-list.md
Retrieve a list of [appManagementPolicy](../resources/appManagementPolicy.md) ob
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
+| Permission type | Permissions (from least to most privileged) |
| :- | : | | Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration | | Delegated (personal Microsoft account) | Not supported. |
The following is an example of the request.
"name": "list_appManagementPolicies" }-->
-```msgraph-interactive
+```http
GET https://graph.microsoft.com/beta/policies/appManagementPolicies ```
v1.0 Appmanagementpolicy Post Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-post-appliesto.md
Assign an [appManagementPolicy](../resources/appManagementPolicy.md) policy obje
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
| Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
-| Delegated (personal Microsoft account) | Not supported. |
+| Delegated (personal Microsoft account) | Not supported. |
| Application | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration | ## HTTP request
POST /applications/{id}/appManagementPolicies/$ref
## Request headers | Name | Description |
-|:--|:-|
+| : | :-- |
| Authorization | Bearer {token}. Required. | | Content-Type | application/json. Required. |
The following is an example of the request to assign an appManagementPolicy to a
"name": "ApplicationsAppManagementPolicies" }-->
-```msgraph-interactive
+```http
POST https://graph.microsoft.com/beta/applications/{id}/appManagementPolicies/$ref Content-type: application/json
v1.0 Appmanagementpolicy Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/appmanagementpolicy-post.md
Create an [appManagementPolicy](../resources/appManagementPolicy.md) object.
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-| Permission type | Permissions (from least to most privileged) |
-| :- | : |
-| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Policy.ReadWrite.ApplicationConfiguration |
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
## HTTP request
POST /policies/appManagementPolicies
| Authorization | Bearer {token}. Required. | | Content-Type | application/json. Required. |
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
## Request body
-In the request body, provide a JSON representation of an [appManagementPolicy](../resources/appManagementPolicy.md).
+In the request body, supply a JSON representation of the [appManagementPolicy](../resources/appmanagementpolicy.md) object.
+
+You can specify the following properties when creating an **appManagementPolicy**.
+
+| Property | Type | Description |
+| :-- | :- | : |
+| displayName | String | The display name of the policy. Required. |
+| description | String | The description of the policy. Required. |
+| isEnabled | Boolean | Denotes whether the policy is enabled. Optional. |
+| restrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. Optional. |
## Response
-If successful, this method returns a `201 Created` response code with the new [appManagementPolicy ](../resources/appmanagementpolicy.md) object in the response payload.
+If successful, this method returns a `201 Created` response code with the new [appManagementPolicy](../resources/appmanagementpolicy.md) object in the response payload.
## Examples
v1.0 Authenticationmethodspolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationmethodspolicy-get.md
Title: "Get authenticationMethodsPolicy" description: "Read the properties and relationships of an authenticationMethodsPolicy object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
v1.0 Authenticationmethodspolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authenticationmethodspolicy-update.md
Title: "Update authenticationMethodsPolicy" description: "Update the properties of an authenticationMethodsPolicy object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
v1.0 Authorizationpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/authorizationpolicy-get.md
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
-GET /policies/authorizationPolicy/authorizationPolicy
+GET /policies/authorizationPolicy
``` ## Request headers
If successful, this method returns a `200 OK` response code and the single [auth
The following is an example of the request. ```msgraph-interactive
-GET https://graph.microsoft.com/beta/policies/authorizationPolicy/authorizationPolicy
+GET https://graph.microsoft.com/beta/policies/authorizationPolicy
```
v1.0 Calendar List Events https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/calendar-list-events.md
Retrieve a list of events in a calendar. The calendar can be one for a [user](.
To get expanded event instances, you can [get the calendar view](calendar-list-calendarview.md), or [get the instances of an event](event-list-instances.md).
+> [!NOTE]
+> If your target mailbox calendar contains any private items, the caller must either:
+> * Be granted `FullAccess` mailbox permissions over the target mailbox (via the [Add-MailboxPermission](/powershell/module/exchange/add-mailboxpermission) cmdlet).
+> * Be granted the `Delegate` + `CanViewPrivateItems` flags (similar to the previous option, but through the [Add-MailboxFolderPermission](/powershell/module/exchange/add-mailboxfolderpermission) cmdlet). This option routes all meeting requests to the delegate mailbox. For a workaround, see [SharingPermissionFlags](/powershell/module/exchange/add-mailboxfolderpermission?view=exchange-ps#-sharingpermissionflags).
+>
+> Failure to meet these conditions will result in a `The specified object was not found in the store` response.
+ ## Permissions Depending on the type of calendar that the events are in and the permission type (delegated or application) requested, one of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Callrecords Callrecord Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/callrecords-callrecord-get.md
There are two ways to get the **id** of a **callRecord**:
* Subscribe to [change notifications](/graph/api/resources/webhooks) to the `/communications/callRecords` endpoint. * Use the **callChainId** property of a [call](../resources/call.md). The call record is available only after the associated call is completed.
+> [!WARNING]
+>
+> A call record is created after a call or meeting ends and will remain available for **30 days**. Requests for call records older than 30 days will receive a `404 Not Found` response.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and the requested [microsoft.graph.callRecords.callRecord](../resources/callrecords-callrecord.md) object in the response body.
+If successful, this method returns a `200 OK` response code and the requested [microsoft.graph.callRecords.callRecord](../resources/callrecords-callrecord.md) object in the response body. A request for a call record older than 30 days will receive a `404 Not Found` response.
## Examples
GET https://graph.microsoft.com/beta/communications/callRecords/{id}?$expand=ses
#### Response
-The following is an example of the response. If the sessions list is truncated, a `sessions@odata.nextLink` value will be provided to retrieve the next page of sessions.
+The following is an example of the response. If the sessions list is truncated, a `sessions@odata.nextLink` value will be provided to retrieve the next page of sessions. The default page size for sessions is 60 entries.
> **Note:** The response object shown here might be shortened for readability.
v1.0 Cloudpc Getcloudpclaunchinfo https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpc-getcloudpclaunchinfo.md
If successful, this function returns a `200 OK` response code and a [cloudPcLaun
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "cloudpcthis.getcloudpclaunchinfo"
+ "name": "cloudpc.getcloudpclaunchinfo"
} --> ``` http
v1.0 Cloudpc Getshiftworkcloudpcaccessstate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/cloudpc-getshiftworkcloudpcaccessstate.md
+
+ Title: "cloudPC: getShiftWorkCloudPcAccessState"
+description: "Get the access state of a shift work Cloud PC. Callers can get the latest shift work Cloud PC accessState and determine if the shift work Cloud PC is accessible to the user."
+
+ms.localizationpriority: medium
++
+# cloudPC: getShiftWorkCloudPcAccessState
+Namespace: microsoft.graph
++
+Get the [shiftWorkCloudPcAccessState](../resources/cloudpc.md#shiftworkcloudpcaccessstate-values) of a shift work Cloud PC.
+
+This API only supports shared-use licenses. For more information, see [cloudPcProvisioningPolicy](../resources/cloudpcprovisioningpolicy.md#cloudpcprovisioningtype-values). Shared-use licenses allow three users per license, with one user signed in at a time. Callers can get the latest shift work Cloud PC **accessState** and determine whether the shift work Cloud PC is accessible to the user.
+
+If a web client needs to connect to a shift work Cloud PC, the **sharedCloudPcAccessState** validates the bookmark scenario. If **sharedCloudPcAccessState** is not active/activating/hibernated, the web client shows a "bad bookmark".
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|CloudPC.Read.All, CloudPC.ReadWrite.All|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Not supported.|
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /me/cloudPCs/{cloudPCId}/getShiftWorkCloudPcAccessState
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this function returns a `200 OK` response code and a [shiftWorkCloudPcAccessState](../resources/cloudpc.md#shiftworkcloudpcaccessstate-values) object in the response body.
+
+If the Cloud PC has been provisioned as a dedicated device, this method returns `400 Bad request`.
+
+## Examples
+
+### Request
+<!-- {
+ "blockType": "request",
+ "name": "cloudpc.getShiftWorkCloudPcAccessState"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/cloudPCs/{cloudPCId}/getShiftWorkCloudPcAccessState
+```
+
+### Response
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "string"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "@odata.context":"https://graph.microsoft.com/beta/$metadata#Edm.String",
+ "value": "noLicensesAvailable"
+}
+```
+
v1.0 Directory Deleteditems List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directory-deleteditems-list.md
The OData cast type is a required part of the URI and calling `GET /directory/de
## Optional query parameters
-This method supports the query parameters that are supported by the resource that is specified by the OData cast. That is, `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` query parameters. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For example:
+This method supports the query parameters that are supported by the resource that is specified by the OData cast. That is, `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` query parameters. This API returns 100 objects by default and supports returning up to 999 objects per page using `$top`.
+
+Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For example:
```msgraph-interactive https://graph.microsoft.com/beta/directory/deletedItems/microsoft.graph.group?&$count=true&$orderBy=deletedDateTime desc&$select=id,displayName,deletedDateTime
v1.0 Directoryobject Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/directoryobject-delta.md
GET https://graph.microsoft.com/beta/directoryObjects/delta?filter=isof('microso
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization with `$filter=isof('{resource type}')`. Note the presence of the _members@delta_ property which includes the ids of member objects in the group.
GET https://graph.microsoft.com/beta/directoryObjects/delta?$filter=id eq '87d34
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization with `$filter=id eq '{id}'`.
GET https://graph.microsoft.com/beta/directoryObjects/delta?$filter=isof('micros
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization. Note that both properties are included in the response and it is not known which ones have changed since the `@odata.deltaLink` was obtained.
v1.0 Dynamics Companies Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/dynamics-companies-get.md
Title: Get companies
-description: Gets a company object in Dynamics 365 Business Central.
--
+ Title: "Get companies"
+description: "Get a companies object in Dynamics 365 Business Central."
+
+documentationcenter: ""
+ ms.localizationpriority: medium ms.prod: "dynamics-365-business-central" doc_type: apiPageType
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Retrieve the properties and relationships of a companies object for Dynamics 365 Business Central.
+Get a [companies](../resources/dynamics-companies.md) object in Dynamics 365 Business Central.
## Permissions+ One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference). |Permission type |Permissions (from least to most privileged)|
One of the following permissions is required to call this API. To learn more, in
|Application|Financials.ReadWrite.All| ## HTTP request+
+<!-- { "blockType": "ignored" } -->
```http GET /financials/companies ``` ## Optional query parameters
-This method supports the [OData Query Parameters](/graph/query-parameters) to help customize the response.
+
+This method supports the [OData query parameters](/graph/query-parameters) to help customize the response.
## Request headers+ |Header|Value| ||--| |Authorization |Bearer {token}. Required. | ## Request body+ Do not supply a request body for this method. ## Response
-If successful, this method returns a `200 OK` response code and a **companies** object in the response body.
+
+If successful, this method returns a `200 OK` response code and a [companies](../resources/dynamics-companies.md) object in the response body.
## Example
-**Request**
+### Request
+
+The following is an example of the request.
+
+<!-- {
+ "blockType": "ignored",
+ "name": "get_companies"
+}-->
-Here is an example of the request.
```http GET https://graph.microsoft.com/beta/financials/companies ```
-**Response**
+### Response
-Here is an example of the response.
+The following is an example of the response.
> **Note**: The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "ignored",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.companies"
+} -->
+ ```json
+HTTP/1.1 200 OK
+Content-Type: application/json
+ { "id": "id-value", "systemVersion": "17806",
Here is an example of the response.
"businessProfileId": "" } ```--
v1.0 Emailauthenticationmethod Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/emailauthenticationmethod-update.md
Update a user's email address associated with an [email Authentication Method](.
## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-### Permissions acting on self
-
-|Permission type | Permissions (from least to most privileged) |
-|:|:-|
-| Delegated (work or school account) | UserAuthenticationMethod.ReadWrite |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
-
-### Permissions acting on other users
- |Permission type | Permissions (from least to most privileged) | |:|:-| | Delegated (work or school account) | UserAuthenticationMethod.ReadWrite.All |
For delegated scenarios where an admin is acting on another user, the admin need
* Privileged authentication administrator * Authentication administrator
+Users without one of the supported Azure AD roles cannot update their own email authentication method.
+ ## HTTP request <!-- {
v1.0 Entitlementmanagement Post Accesspackageassignmentpolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/entitlementmanagement-post-accesspackageassignmentpolicies.md
Content-type: application/json
} ``` -- ### Example 4: Create a policy and specify the stages to trigger pre-defined custom workflow extensions #### Request
Content-type: application/json
} ```
+### Example 5: Create a policy and specify the stages to trigger pre-defined access package custom extensions
+
+#### Request
+
+In the following example, the pre-defined **accessPackageCustomWorkflowExtension** object is triggered when an access package assignment request is created and when it's granted. The identifier provided within the **customExtension** field is the **accessPackageCustomWorkflowExtension** object's ID.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "create_accesspackageassignmentpolicy_accessPackageCustomWorkflowExtension"
+}-->
++
+```msgraph-interactive
+POST https://graph.microsoft.com/beta/identityGovernance/entitlementManagement/accessPackageAssignmentPolicies
+Content-type: application/json
+
+{
+ "displayName": "extension-policy",
+ "description": "test",
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "expiration": {
+ "type": "afterDuration",
+ "duration": "P365D"
+ },
+ "canExtend": false,
+ "requestApprovalSettings": null,
+ "requestorSettings": {
+ "acceptRequests": true,
+ "scopeType": "AllExistingDirectorySubjects",
+ "allowedRequestors": [],
+ "isOnBehalfAllowed": false
+ },
+ "accessReviewSettings": null,
+ "questions": [],
+ "customExtensionStageSettings": [
+ {
+ "stage": "assignmentRequestCreated",
+ "customExtension": {
+ "id": "219f57b6-7983-45a1-be01-2c228b7a43f8"
+ }
+ },
+ {
+ "stage": "assignmentRequestGranted",
+ "customExtension": {
+ "id": "219f57b6-7983-45a1-be01-2c228b7a43f8"
+ }
+ }
+ ]
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++++
+#### Response
+
+The following is an example of the response. The **customExtensionStageSettings** object isn't returned by default. To retrieve this object, use the **GET** method with `$expand`. For more information, see [Retrieve the custom extension stage settings for a policy](accesspackageassignmentpolicy-get.md#example-3-retrieve-the-custom-extension-stage-settings-for-a-policy)
+
+> **Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.accessPackageAssignmentPolicy"
+} -->
+
+```http
+HTTP/1.1 201 Created
+Content-type: application/json
+
+{
+ "id": "d0324cbb-24a2-4edb-acca-fee5384c6a5e",
+ "displayName": "extension-policy",
+ "description": "test",
+ "canExtend": false,
+ "durationInDays": 0,
+ "expirationDateTime": null,
+ "accessPackageId": "ba5807c7-2aa9-4c8a-907e-4a17ee587500",
+ "accessReviewSettings": null,
+ "questions": [],
+ "requestorSettings": {
+ "scopeType": "AllExistingDirectorySubjects",
+ "acceptRequests": true,
+ "allowedRequestors": []
+ },
+ "requestApprovalSettings": {
+ "isApprovalRequired": false,
+ "isApprovalRequiredForExtension": false,
+ "isRequestorJustificationRequired": false,
+ "approvalMode": "NoApproval",
+ "approvalStages": []
+ }
+}
+```
+ <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98 2019-02-04 14:57:30 UTC --> <!-- {
v1.0 Group Post Groups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/group-post-groups.md
The following table shows the properties that are required when you create the [
| :-- | : | :-- | | displayName | string | The name to display in the address book for the group. Maximum length is 256 characters. Required. | | mailEnabled | boolean | Set to `true` for mail-enabled groups. Required. |
-| mailNickname | string | The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the [ASCII character set 0 - 127](/office/vba/language/reference/user-interface-help/character-set-0127) except the following: ` @ () \ [] " ; : . <> , SPACE`. Required. |
+| mailNickname | string | The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the [ASCII character set 0 - 127](/office/vba/language/reference/user-interface-help/character-set-0127) except the following: ` @ () \ [] " ; : <> , SPACE`. Required. |
| securityEnabled | boolean | Set to `true` for security-enabled groups, including Microsoft 365 groups. Required. **Note:** Groups created using the Microsoft Azure portal always have **securityEnabled** initially set to `true`. | > [!IMPORTANT]
v1.0 Identitygovernance Customtaskextension Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-customtaskextension-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_delete_customtaskextension"
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/customTaskExtensions/2af4670b-47d3-460f-ad16-fc7d4c511d33 ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response <!-- {
v1.0 Identitygovernance Customtaskextension Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-customtaskextension-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_customtaskextension"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/customTaskExtensions/ffcc4c85-5a14-448e-a390-77abf2700369 ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
v1.0 Identitygovernance Customtaskextension Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-customtaskextension-update.md
One of the following permissions is required to call this API. To learn more, in
> [!IMPORTANT] > The calling user also requires one of the following Azure Resource Manager roles for the specified Azure Logic App: **Logic App contributor**, **Contributor**, or **Owner**.
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this action returns a `204 No Content` response code.
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_update_customtaskextension"
Content-length: 588
} ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response <!-- {
v1.0 Identitygovernance Deleteditemcontainer Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-deletedItemcontainer-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_delete_deleteditems"
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/deletedItems/workflows/{workflowId} ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response <!-- {
v1.0 Identitygovernance Deleteditemcontainer Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-deleteditemcontainer-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_deleteditemcontainer"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/deletedItems/workflows/4557805a-1af5-4c29-b271-2cd7fb5de9bf ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_deleteditemcontainer_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/deletedItems/workflows/952b23c5-cc25-48c9-8848-95da4dd9dc6d?$select=id,category,displayName,description,version,executionConditions ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
v1.0 Identitygovernance Lifecyclemanagementsettings Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecyclemanagementsettings-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_lifecyclemanagementsettings"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/settings ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
-- ### Response
Content-Type: application/json
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/settings/$entity",
- "workflowScheduleIntervalInHours": 1
+ "workflowScheduleIntervalInHours": 1,
+ "emailSettings": {
+ "senderDomain": "ContosoIndustries.net",
+ "useCompanyBranding": true
+ }
} ```
v1.0 Identitygovernance Lifecyclemanagementsettings Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecyclemanagementsettings-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
PATCH /identityGovernance/lifecycleWorkflows/settings
|Property|Type|Description| |:|:|:| |workflowScheduleIntervalInHours|Int32|The workflow schedule interval. Required.|
+|emailSettings|[microsoft.graph.emailSettings](../resources/emailsettings.md)|The settings for emails sent from email-specific tasks within a workflow. Required.|
## Response
If successful, this action returns a `204 No Content` response code.
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_update_lifecyclemanagementsettings"
Content-Type: application/json
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/settings/$entity",
- "workflowScheduleIntervalInHours": 3
+ "workflowScheduleIntervalInHours": 3,
+ "emailSettings": {
+ "senderDomain": "ContosoIndustries.net",
+ "useCompanyBranding": true
+ }
} ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response <!-- { "blockType": "response",
v1.0 Identitygovernance Lifecycleworkflowscontainer List Customtaskextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-list-customtaskextensions.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_customtaskextension"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/customTaskExtensions ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
v1.0 Identitygovernance Lifecycleworkflowscontainer List Deleteditems https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-list-deleteditems.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_deleteditemcontainer"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/deletedItems/workflows ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
-- #### Response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_deleteditemcontainer_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/deletedItems/workflows?$select=id,category,displayName,description,version&$filter=category eq 'leaver' ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
v1.0 Identitygovernance Lifecycleworkflowscontainer List Taskdefinitions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-list-taskdefinitions.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_taskdefinition"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/taskDefinitions ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. Because the **category** is a flagged enumeration that can be one of `joiner`, `joiner,leaver`, or `leaver`, the `has` operator checks tasks where the category includes "joiner". -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_taskdefinition_filter_category"
The following is an example of a request. Because the **category** is a flagged
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/taskDefinitions?$filter=category has 'joiner' ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
v1.0 Identitygovernance Lifecycleworkflowscontainer List Workflows https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-list-workflows.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_workflow"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
-- #### Response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_workflow_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows?$filter=category eq 'leaver'&$select=id,category,displayName,isEnabled,isSchedulingEnabled ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response <!-- {
v1.0 Identitygovernance Lifecycleworkflowscontainer List Workflowtemplates https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-list-workflowtemplates.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_workflowtemplate"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflowTemplates ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_workflowtemplate_filter_category"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflowTemplates?$filter=category eq 'leaver' ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response <!-- {
v1.0 Identitygovernance Lifecycleworkflowscontainer Post Customtaskextensions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-post-customtaskextensions.md
One of the following permissions is required to call this API. To learn more, in
> [!IMPORTANT] > The calling user also requires one of the following Azure Resource Manager roles for the specified Azure Logic App: **Logic App contributor**, **Contributor**, or **Owner**.
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_create_customtaskextension_from_"
Content-length: 588
} ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
v1.0 Identitygovernance Lifecycleworkflowscontainer Post Workflows https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-lifecycleworkflowscontainer-post-workflows.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
The following is an example of a request that creates a workflow with the follow
+ It runs for new users that are based in Australia, on their employeeHireDate. + Two tasks are carried out when the workflow runs: the user's account is enabled and a "Welcome" email is sent to the user.
-# [HTTP](#tab/http)
+ <!-- { "blockType": "request", "name": "lifecycleworkflows_create_workflow_from_"
Content-Type: application/json
} ```
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
v1.0 Identitygovernance Run Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-run-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_workflow_run"
The following is an example of a request.
GET https://graph.microsoft.com/beta/IdentityGovernance/lifecycleWorkflows/workflows/14879e66-9ea9-48d0-804d-8fea672d0341/runs/dad77a47-6eda-4de7-bc37-fe8eb5aaf17d ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_workflow_run"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/15239232-66ed-445b-8292-2f5bbb2eb833/runs/e65e08a0-d68d-41dc-915b-8c4019af5cc2?$select=id,failedTasksCount,failedUsersCount,processingStatus,totalTasksCount,totalUnprocessedTasksCount,totalUsersCount ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response
v1.0 Identitygovernance Run List Taskprocessingresults https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-run-list-taskprocessingresults.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_run_taskprocessingresult"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/a977dbe8-0f3f-4ae6-b3a7-29e1010ac4cc/runs/33bf1a9c-2b26-49b6-996f-ca416c518341/taskProcessingResults ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_run_taskprocessingresult_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/a977dbe8-0f3f-4ae6-b3a7-29e1010ac4cc/runs/33bf1a9c-2b26-49b6-996f-ca416c518341/taskProcessingResults?$select=id,failureReason,processingStatus,subject ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
v1.0 Identitygovernance Run List Userprocessingresults https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-run-list-userprocessingresults.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_run_taskprocessingresult"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/14879e66-9ea9-48d0-804d-8fea672d0341/runs/dad77a47-6eda-4de7-bc37-fe8eb5aaf17d/userProcessingResults/ ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_run_taskprocessingresult_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/15239232-66ed-445b-8292-2f5bbb2eb833/runs/e65e08a0-d68d-41dc-915b-8c4019af5cc2/userProcessingResults?$select=id,failedTasksCount,processingStatus,totalTasksCount,totalUnprocessedTasksCount,subject ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
v1.0 Identitygovernance Run Summary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-run-summary.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this function returns a `200 OK` response code and a [microsoft.g
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_runthis.summary"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/14879e66-9ea9-48d0-804d-8fea672d0341/runs/summary(startDateTime=2022-08-01T00:00:00Z,endDateTime=2022-08-31T00:00:00Z) ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
v1.0 Identitygovernance Task Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-task-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
Content-Type: application/json
The following is an example of a request to get a task from a workflow version.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_workflowVersion_task",
The following is an example of a request to get a task from a workflow version.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/156ce798-1eb6-4e0a-8515-e79f54d04390/versions/2/tasks/4d9d41d7-a8e1-4f2f-8c8c-a883bc02e6ee ```
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
--- #### Response The following is an example of the response of a request to get a task from a workflow version.
v1.0 Identitygovernance Task Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-task-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this action returns a `204 No Content` response code.
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_update_task"
Content-length: 454
} ```
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-- ### Response
v1.0 Identitygovernance Taskdefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-taskdefinition-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_taskdefinition"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/taskDefinitions/1dfdfcc7-52fa-4c2e-bf3a-e3919cc12950 ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
v1.0 Identitygovernance Taskprocessingresult Resume https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-taskprocessingresult-resume.md
If successful, this action returns a `204 No Content` response code.
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_taskprocessingresultthis.resume"
Content-length: 155
} ```
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
--- ### Response The following is an example of the response.
v1.0 Identitygovernance Taskreport List Taskprocessingresults https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-taskreport-list-taskprocessingresults.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_taskreport_taskprocessingresult"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/14879e66-9ea9-48d0-804d-8fea672d0341/taskReports/3a3bea11-99ca-462d-86fb-d283db8d734a/taskProcessingResults ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_taskreport_taskprocessingresult_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/15239232-66ed-445b-8292-2f5bbb2eb833/taskReports/443c7611-45df-48c0-bf5e-dc6068c402f0/taskProcessingResults?$select=id,failureReason,processingStatus,subject,task ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
v1.0 Identitygovernance Taskreport Summary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-taskreport-summary.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_taskreport.summary"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/14879e66-9ea9-48d0-804d-8fea672d0341/taskReports/summary(startDateTime=2022-08-19T00:00:00.000Z,endDateTime=2022-08-25T00:33:31.533Z) ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
v1.0 Identitygovernance Userprocessingresult Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-userprocessingresult-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_run_userprocessingresult"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/14879e66-9ea9-48d0-804d-8fea672d0341/runs/dad77a47-6eda-4de7-bc37-fe8eb5aaf17d/userProcessingResults/78b83505-6967-4168-a7ea-4921c0543ce9 ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_run_userprocessingresult"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/15239232-66ed-445b-8292-2f5bbb2eb833/runs/e65e08a0-d68d-41dc-915b-8c4019af5cc2/userProcessingResults/40efc576-840f-47d0-ab95-5abca800f8a2?$select=id,failedTasksCount,processingStatus,totalTasksCount,totalUnprocessedTasksCount,subject ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
v1.0 Identitygovernance Userprocessingresult List Taskprocessingresults https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-userprocessingresult-list-taskprocessingresults.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_workflow_userprocessingresult_taskprocessingresult"
The following is an example of a request.
GET https://graph.microsoft.com/beta/IdentityGovernance/lifecycleWorkflows/workflows/14879e66-9ea9-48d0-804d-8fea672d0341/userProcessingResults/78b83505-6967-4168-a7ea-4921c0543ce9/taskProcessingResults ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_workflow_userprocessingresult_taskprocessingresult_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/15239232-66ed-445b-8292-2f5bbb2eb833/userProcessingResults/40efc576-840f-47d0-ab95-5abca800f8a2/taskProcessingResults?$select=id,processingStatus,failureReason,subject,task ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response
Content-Type: application/json
### Example 3: Get the task processing results for a user processing result in a run report for a workflow -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_workflow_userprocessingresult_taskprocessingresults"
Content-Type: application/json
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/14879e66-9ea9-48d0-804d-8fea672d0341/runs/72885f91-2cf0-44b1-b3ed-bd145af0192c/userProcessingResults/78b83505-6967-4168-a7ea-4921c0543ce9/taskProcessingResults ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. --
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_workflow_userprocessingresult_taskprocessingresults_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/15239232-66ed-445b-8292-2f5bbb2eb833/runs/e65e08a0-d68d-41dc-915b-8c4019af5cc2/userProcessingResults/40efc576-840f-47d0-ab95-5abca800f8a2/taskProcessingResults?$select=id,failureReason,processingStatus,subject,task ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
v1.0 Identitygovernance Userprocessingresult Summary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-userprocessingresult-summary.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this function returns a `200 OK` response code and a [microsoft.g
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_userprocessingresultthis.summary"
The following is an example of a request.
GET https://graph.microsoft.com/beta/IdentityGovernance/lifecycleWorkflows/workflows/14879e66-9ea9-48d0-804d-8fea672d0341/userProcessingResults/summary(startDateTime=2022-07-20T00:00:00Z,endDateTime=2022-07-23T00:00:00Z) ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
v1.0 Identitygovernance Workflow Activate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-activate.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this action returns a `204 No Content` response code.
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_workflowthis.activate"
Content-Type: application/json
} ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PHP](#tab/php)
--- ### Response <!-- {
v1.0 Identitygovernance Workflow Createnewversion https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-createnewversion.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this action returns a `200 OK` response code and a [microsoft.gra
## Examples
-### Request
+### Example 1: Create a new version of a workflow
+
+#### Request
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_workflowthis.createnewversion"
Content-length: 631
{ "workflow":{
+ "category": "joiner",
"description": "Configure new hire tasks for onboarding employees on their first day", "displayName": "Global onboard new hire employee", "isEnabled": true,
Content-length: 631
} ```
-# [JavaScript](#tab/javascript)
-# [Java](#tab/java)
+#### Response
-# [Go](#tab/go)
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.identityGovernance.workflow"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
-# [PHP](#tab/php)
-
+{
+ "workflow":{
+ "category": "joiner",
+ "description": "Configure new hire tasks for onboarding employees on their first day",
+ "displayName": "Global onboard new hire employee",
+ "isEnabled": true,
+ "isSchedulingEnabled": false,
+ "executionConditions": {
+ "@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
+ "scope": {
+ "@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
+ "rule": "(department eq 'Marketing')"
+ },
+ "trigger": {
+ "@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
+ "timeBasedAttribute": "employeeHireDate",
+ "offsetInDays": 1
+ }
+ },
+ "tasks": [
+ {
+ "continueOnError": false,
+ "description": "Enable user account in the directory",
+ "displayName": "Enable User Account",
+ "isEnabled": true,
+ "taskDefinitionId": "6fc52c9d-398b-4305-9763-15f42c1676fc",
+ "arguments": []
+ },
+ {
+ "continueOnError": false,
+ "description": "Send welcome email to new hire",
+ "displayName": "Send Welcome Email",
+ "isEnabled": true,
+ "taskDefinitionId": "70b29d51-b59a-4773-9280-8841dfd3f2ea",
+ "arguments": []
+ }
+ ]
+ }
+}
+```
+
+### Example 2: Create a new version of a task with customized email
+
+#### Request
+
+The following is an example of a request.
+
+<!-- {
+ "blockType": "request",
+ "name": "lifecycleworkflows_workflowthis.createnewversion_customemail"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/{workflowId}/createNewVersion
+Content-Type: application/json
+Content-length: 631
+
+{
+ "workflow":{
+ "category": "joiner",
+ "description": "Configure new hire tasks for onboarding employees on their first day",
+ "displayName": "Global onboard new hire employee",
+ "isEnabled": true,
+ "isSchedulingEnabled": false,
+ "executionConditions": {
+ "@odata.type": "#microsoft.graph.identityGovernance.triggerAndScopeBasedConditions",
+ "scope": {
+ "@odata.type": "#microsoft.graph.identityGovernance.ruleBasedSubjectSet",
+ "rule": "(department eq 'Marketing')"
+ },
+ "trigger": {
+ "@odata.type": "#microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
+ "timeBasedAttribute": "employeeHireDate",
+ "offsetInDays": 1
+ }
+ },
+ "tasks": [
+ {
+ "continueOnError": false,
+ "description": "Enable user account in the directory",
+ "displayName": "Enable User Account",
+ "isEnabled": true,
+ "taskDefinitionId": "6fc52c9d-398b-4305-9763-15f42c1676fc",
+ "arguments": []
+ },
+ {
+ "continueOnError": false,
+ "description": "Send welcome email to new hire",
+ "displayName": "Send Welcome Email",
+ "isEnabled": true,
+ "taskDefinitionId": "70b29d51-b59a-4773-9280-8841dfd3f2ea",
+ "arguments": [
+ {
+ "name": "cc",
+ "value": "1baa57fa-3c4e-4526-ba5a-db47a9df95f0"
+ },
+ {
+ "name": "customSubject",
+ "value": "Welcome to the organization {{userDisplayName}}!"
+ },
+ {
+ "name": "customBody",
+ "value": "Welcome to our organization {{userGivenName}}!"
+ },
+ {
+ "name": "locale",
+ "value": "en-us"
+ }
+ ]
+ }
+ ]
+ }
+}
+```
+
+#### Response
-### Response
The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
Content-Type: application/json
{ "workflow":{
+ "category": "joiner",
"description": "Configure new hire tasks for onboarding employees on their first day", "displayName": "Global onboard new hire employee", "isEnabled": true,
Content-Type: application/json
"displayName": "Send Welcome Email", "isEnabled": true, "taskDefinitionId": "70b29d51-b59a-4773-9280-8841dfd3f2ea",
- "arguments": []
+ "arguments": [
+ {
+ "name": "cc",
+ "value": "b47471b9-af8f-4a5a-bfa2-b78e82398f6e, a7a23ce0-909b-40b9-82cf-95d31f0aaca2"
+ },
+ {
+ "name": "customSubject",
+ "value": "Welcome to the organization {{userDisplayName}}!"
+ },
+ {
+ "name": "customBody",
+ "value": "Welcome to our organization {{userGivenName}} {{userSurname}}. \nFor more information, reach out to your manager {{managerDisplayName}} at {{managerEmail}}."
+ },
+ {
+ "name": "locale",
+ "value": "en-us"
+ },
+ ]
} ] }
v1.0 Identitygovernance Workflow Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-delete.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_delete_workflow"
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/4c9c57b9-e1e9-4bed-a936-4fad9d8f5638 ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response <!-- {
v1.0 Identitygovernance Workflow Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_workflow"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/156ce798-1eb6-4e0a-8515-e79f54d04390 ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
} ``` - ### Example 2: Retrieve specific properties of a workflow #### Request
v1.0 Identitygovernance Workflow List Runs https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-list-runs.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_run"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/14879e66-9ea9-48d0-804d-8fea672d0341/runs/ ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_run_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/15239232-66ed-445b-8292-2f5bbb2eb833/runs?$select=id,failedTasksCount,failedUsersCount,processingStatus,totalTasksCount,totalUnprocessedTasksCount,totalUsersCount,id ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
v1.0 Identitygovernance Workflow List Task https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-list-task.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 Identitygovernance Workflow List Taskreports https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-list-taskreports.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_taskreport"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/14879e66-9ea9-48d0-804d-8fea672d0341/taskReports ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_taskreport_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/15239232-66ed-445b-8292-2f5bbb2eb833/taskReports?$select=id,failedUsersCount,processingStatus,successfulUsersCount,totalUsersCount,unprocessedUsersCount,taskDefinition,taskProcessingResults ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
v1.0 Identitygovernance Workflow List Userprocessingresults https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-list-userprocessingresults.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_userprocessingresult"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/156ce798-1eb6-4e0a-8515-e79f54d04390/userProcessingResults ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_userprocessingresult_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/156ce798-1eb6-4e0a-8515-e79f54d04390/userProcessingResults?$select=id,failedTasksCount,processingStatus,totalTasksCount,totalUnprocessedTasksCount,workflowExecutionType,subject ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response >**Note:** The response object shown here might be shortened for readability.
v1.0 Identitygovernance Workflow List Versions https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-list-versions.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_workflowversion"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/156ce798-1eb6-4e0a-8515-e79f54d04390/versions ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_workflowversion_select"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/15239232-66ed-445b-8292-2f5bbb2eb833/versions?$select=category,displayName,versionNumber ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response <!-- {
v1.0 Identitygovernance Workflow Restore https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-restore.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this action returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_workflowthis.restore"
The following is an example of a request.
POST https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/deletedItems/workflows/4c9c57b9-e1e9-4bed-a936-4fad9d8f5638/restore ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
v1.0 Identitygovernance Workflow Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflow-update.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Lifecycle workflows administrator ## HTTP request
If successful, this action returns a `204 No Content` response code.
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_update_workflow"
Content-length: 454
} ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
-- ### Response
v1.0 Identitygovernance Workflowtemplate Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflowtemplate-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_workflowtemplate"
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflowTemplates/77179007-8114-41b5-922e-2e22109df41f ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- ### Response The following is an example of the response
v1.0 Identitygovernance Workflowversion Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflowversion-get.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_workflowversion",
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/156ce798-1eb6-4e0a-8515-e79f54d04390/versions/3 ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response The following is an example of the response
Content-Type: application/json
The following is an example of a request. -
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_get_workflowversion_select",
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/15239232-66ed-445b-8292-2f5bbb2eb833/versions/2?$select=category,displayName,versionNumber,executionConditions&$expand=tasks ```
-# [C#](#tab/csharp)
-
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
-
-# [Go](#tab/go)
-
-# [PowerShell](#tab/powershell)
-
-# [PHP](#tab/php)
--- #### Response <!-- { "blockType": "response",
v1.0 Identitygovernance Workflowversion List Tasks https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/identitygovernance-workflowversion-list-tasks.md
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
-# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "lifecycleworkflows_list_workflowversion_task",
The following is an example of a request.
GET https://graph.microsoft.com/beta/identityGovernance/lifecycleWorkflows/workflows/156ce798-1eb6-4e0a-8515-e79f54d04390/versions/2/tasks ```
-# [JavaScript](#tab/javascript)
-
-# [Java](#tab/java)
--- ### Response The following is an example of the response
v1.0 Industrydata Azuredatalakeconnector Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "delete_azuredatalakeconnector",
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/dataConnectors/8c010e87-c28b-4350-bdc1-65ec29258b93 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Azuredatalakeconnector Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_azuredatalakeconnector",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/dataConnectors/51dca0a0-85f6-4478-f526-08daddab2271 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Azuredatalakeconnector Getuploadsession https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-getuploadsession.md
If successful, this function returns a `200 OK` response code and a [microsoft.g
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "azuredatalakeconnectorthis.getuploadsession",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/dataConnectors/51dca0a0-85f6-4478-f526-08daddab2271/microsoft.graph.industryData.azureDataLakeConnector/getUploadSession ```
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Azuredatalakeconnector List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_azuredatalakeconnector" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/dataConnectors ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Azuredatalakeconnector Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_azureDataLakeConnector_from_dataConnectors"
Content-length: 104
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Azuredatalakeconnector Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-azuredatalakeconnector-update.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_azuredatalakeconnector",
Content-type: application/json
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Filevalidateoperation Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-filevalidateoperation-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_fileValidateOperation",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/operations/581b2ef8-dda2-4a3e-bb62-df13fd4a5808 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Filevalidateoperation List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-filevalidateoperation-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_fileValidateOperation" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/operations ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundfileflow Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundfileflow-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "delete_inboundflow"
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/inboundFlows/7bd62d17-8c37-4494-f68d-08daddab2911 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundfileflow Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundfileflow-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_inboundflow",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/inboundFlows/7bd62d17-8c37-4494-f68d-08daddab2911 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundfileflow List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundfileflow-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_inboundflow" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/inboundFlows ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundfileflow Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundfileflow-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_inboundfileflow_from_inboundflows"
Content-length: 246
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundfileflow Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundfileflow-update.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_inboundfileflow"
Content-length: 246
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundflow Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundflow-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "delete_inboundflow",
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/inboundFlows/0c629a1a-a85c-4365-bdf0-623a32ca69cb ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundflow Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundflow-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_inboundflow",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/inboundFlows/7bd62d17-8c37-4494-f68d-08daddab2911 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundflow List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundflow-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_inboundflow" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/inboundFlows ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundflow Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundflow-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_inboundflow_from_inboundFlows"
Content-length: 246
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Inboundflow Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-inboundflow-update.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_inboundfileflow"
Content-length: 246
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydataconnector Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydataconnector-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "delete_azuredatalakeconnector",
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/dataConnectors/8c010e87-c28b-4350-bdc1-65ec29258b93 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydataconnector Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydataconnector-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_azuredatalakeconnector",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/dataConnectors/51dca0a0-85f6-4478-f526-08daddab2271 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydataconnector List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydataconnector-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_azuredatalakeconnector" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/dataConnectors ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydataconnector Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydataconnector-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_industrydataconnector_from_dataConnectors"
Content-length: 104
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydataconnector Validate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydataconnector-validate.md
If successful, this action returns a `202 Accepted` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "industrydataconnectorthis.validate",
The following is an example of a request.
POST https://graph.microsoft.com/beta/external/industryData/dataConnectors/8c010e87-c28b-4350-bdc1-65ec29258b93/validate ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydatarun Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydatarun-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_industrydatarun",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/runs/918d4a8f-599b-4f6a-b409-e892855db534 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydatarun Getstatistics https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydatarun-getstatistics.md
If successful, this function returns a `200 OK` response code and a [microsoft.g
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "industrydatarunthis.getstatistics",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/runs/918d4a8f-599b-4f6a-b409-e892855db534/getStatistics ```
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Industrydatarun List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-industrydatarun-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_industrydatarun" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/runs ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Referencedefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-referencedefinition-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_referencedefinition",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/referenceDefinitions/RefAcademicSubject-01 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Referencedefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-referencedefinition-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_referencedefinition" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/referenceDefinitions ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Rolegroup Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-rolegroup-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_rolegroup",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/roleGroups/students ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Rolegroup List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-rolegroup-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_rolegroup" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/roleGroups ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Sourcesystemdefinition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-sourcesystemdefinition-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_sourcesystemdefinition_from_",
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/sourceSystems/0c629a1a-a85c-4365-bdf0-623a32ca69cb ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Sourcesystemdefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-sourcesystemdefinition-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_sourcesystemdefinition",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/sourceSystems/0190210e-8827-4747-6f2b-08dacc885e72 ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Sourcesystemdefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-sourcesystemdefinition-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_sourcesystemdefinition" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/sourceSystems ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Sourcesystemdefinition Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-sourcesystemdefinition-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_sourcesystemdefinition_from_sourceSystems"
Content-length: 250
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Sourcesystemdefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-sourcesystemdefinition-update.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_sourcesystemdefinition",
Content-length: 250
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Yeartimeperioddefinition Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-yeartimeperioddefinition-delete.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "delete_yearTimePeriodDefinition_from_",
The following is an example of a request.
DELETE https://graph.microsoft.com/beta/external/industryData/years/0c629a1a-a85c-4365-bdf0-623a32ca69cb ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Yeartimeperioddefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-yeartimeperioddefinition-get.md
If successful, this method returns a `200 OK` response code and a [microsoft.gra
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "get_yeartimeperioddefinition",
The following is an example of a request.
} -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/years/ebf18762-ab92-487e-21d1-08daddab28bb ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Yeartimeperioddefinition List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-yeartimeperioddefinition-list.md
If successful, this method returns a `200 OK` response code and a collection of
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_yearTimePeriodDefinition" } -->
-```http
+```msgraph-interactive
GET https://graph.microsoft.com/beta/external/industryData/years ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Yeartimeperioddefinition Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-yeartimeperioddefinition-post.md
If successful, this method returns a `201 Created` response code and a [microsof
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "create_yeartimeperioddefinition_from_years"
Content-length: 242
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+++ ### Response The following is an example of the response.
v1.0 Industrydata Yeartimeperioddefinition Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/industrydata-yeartimeperioddefinition-update.md
If successful, this method returns a `204 No Content` response code.
The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "update_yeartimeperioddefinition",
Content-length: 242
} ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response.
v1.0 Oauth2permissiongrant List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/oauth2permissiongrant-list.md
GET https://graph.microsoft.com/beta/oauth2PermissionGrants
[!INCLUDE [sample-code](../includes/snippets/go/list-oauth2permissiongrants-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/list-oauth2permissiongrants-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Organization Activateservice https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organization-activateservice.md
- Title: "organization: activateService"
-description: "Activates a service for an organization."
-
-doc_type: apiPageType
--
-# organization: activateService (deprecated)
-
-Namespace: microsoft.graph
--
-> [!CAUTION]
-> The **activateService** API is deprecated and will stop returning data on June 30, 2022.
-
-Activate a service for an organization.
-
-## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-In order to activate a service for an organization the requestor needs to have the _Company Administrator_ role with the following permissions.
-
-|Permission type|Permissions (from least to most privileged)|
-| : | : |
-| Delegated (work or school account) | Directory.ReadWrite.All|
-| Delegated (personal Microsoft account) | Not Supported. |
-| Application | Directory.ReadWrite.All|
--
-## HTTP request
-
-<!-- {
- "blockType": "ignored"
-}
>
-``` http
-POST /organization/{organizationId}/activateService
-```
-
-## Request headers
-|Name|Description|
-|:|:|
-|Authorization|Bearer {token}. Required.|
-|Content-Type|application/json. Required.|
-
-## Request body
-In the request body, supply a JSON representation of the [activateService](../resources/activateService.md) object.
-You must define **service** or (**servicePlanId** _and_ **skuId**) for this action to be valid.
-
-| Property | Type | Description |
-| -- | | - |
-| service| String | The name of the service to activate. |
-| servicePlanId | Guid | The plan identifier of the service plan to activate. |
-| skuId | Guid | The SKU identifier of the service plan. |
-
-## Response
-
-If successful, this action returns a `204 No Content` response code.
-
-## Examples
-
-### Request
-
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "organization_activateservice"
-}
>
-``` http
-POST https://graph.microsoft.com/beta/organization/{:organizationId}/activateService
-Content-Type: application/json
-
-{
- "skuId": "6fd2c87f-b296-42f0-b197-1e91e994b900",
- "servicePlanId": "a23b959c-7ce8-4e57-9140-b90eb88a9e97"
-}
-```
-
-# [JavaScript](#tab/javascript)
---
-### Response
-<!-- {
- "blockType": "response",
- "truncated": true
-}
>
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 Organizationalbranding Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbranding-get.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Organization.Read.All |
v1.0 Organizationalbranding List Localizations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbranding-list-localizations.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Organization.Read.All |
v1.0 Organizationalbrandinglocalization Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/organizationalbrandinglocalization-get.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Organization.Read.All |
v1.0 Phoneauthenticationmethod Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/phoneauthenticationmethod-update.md
If a user is enabled by policy to use SMS to sign in and the `mobile` number is
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-### Permissions acting on self
-
-|Permission type | Permissions (from least to most privileged) |
-|:|:-|
-| Delegated (work or school account) | UserAuthenticationMethod.ReadWrite |
-| Delegated (personal Microsoft account) | Not supported. |
-| Application | Not supported. |
-
-### Permissions acting on other users
- |Permission type | Permissions (from least to most privileged) | |:|:-| | Delegated (work or school account) | UserAuthenticationMethod.ReadWrite.All |
For delegated scenarios where an admin is acting on another user, the admin need
* Privileged authentication administrator * Authentication administrator
+Users without one of the supported Azure AD roles cannot update their own phone authentication method.
+ ## HTTP request <!-- { "blockType": "ignored" } --> ```http
-PATCH /me/authentication/phoneMethods/{id}
PATCH /users/{id | userPrincipalName}/authentication/phoneMethods/{id} ``` The value of `id` corresponding to the phoneType to update is one of the following:
v1.0 Plannerbucket Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/plannerbucket-get.md
Title: "Get plannerBucket"
-description: "Retrieve the properties and relationships of **plannerBucket** object."
+description: "Retrieve the properties and relationships of a plannerBucket object."
ms.localizationpriority: medium ms.prod: "planner"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Retrieve the properties and relationships of **plannerBucket** object.
+Retrieve the properties and relationships of a [plannerBucket](../resources/plannerbucket.md) object.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and [plannerBucket](../resources/plannerbucket.md) object in the response body.
+If successful, this method returns a `200 OK` response code and a [plannerBucket](../resources/plannerbucket.md) object in the response body.
This method can return any of the [HTTP status codes](/graph/errors). The most common errors that apps should handle for this method are the 403 and 404 responses. For more information about these errors, see [Common Planner error conditions](../resources/planner-overview.md#common-planner-error-conditions). ## Example
-##### Request
-Here is an example of the request.
+### Request
+The following is an example of the request.
# [HTTP](#tab/http) <!-- {
GET https://graph.microsoft.com/beta/planner/buckets/hsOf2dhOJkqyYYZEtdzDe2QAIUC
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-type: application/json
] } -->--
v1.0 Reportroot Getteamsteamcounts https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/reportroot-getteamsteamcounts.md
+
+ Title: "reportRoot: getTeamsTeamCounts"
+description: "Get the number of teams of a particular type in an instance of Microsoft Teams."
+ms.localizationpriority: medium
+++
+# reportRoot: getTeamsTeamCounts
+
+Namespace: microsoft.graph
++
+Get the number of teams of a particular type in an instance of Microsoft Teams.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Reports.Read.All |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Reports.Read.All |
+
+> **Note:** For delegated permissions to allow apps to read service usage reports on behalf of a user, the tenant administrator must have assigned the user the appropriate Azure Active Directory limited administrator role. For more details, see [Authorization for APIs to read Microsoft 365 usage reports](/graph/reportroot-authorization).
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /reports/getTeamsTeamCounts(period='{period_value}')
+```
+
+## Function parameters
+
+In the request URL, provide the following parameters with a valid value.
+
+| Parameter | Type | Description |
+| :-- | :-- | : |
+| period | string | Specifies the length of time over which the report is aggregated. The supported values for {period_value} are: `D7`, `D30`, `D90`, and `D180`. These values follow the format D*n*, where *n* represents the number of days over which the report is aggregated. Required. |
+
+> **Note:** You need to set either **period** or **date** in the request URL.
+## Optional query parameters
+
+This method supports the `$format` [OData query parameter](/graph/query-parameters) to customize the response. The default output type is `text/csv`. However, if you want to specify the output type, you can use the OData `$format` query parameter to set the default output to `text/csv` or `application/json`.
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+### CSV
+
+If successful, this method returns a `302 Found` response that redirects to a pre-authenticated download URL for the report. That URL can be found in the `Location` header in the response.
+
+Pre-authenticated download URLs are only valid for a short period (a few minutes) and do not require an `Authorization` header.
+
+The CSV file has the following headers for columns:
+
+- Report Refresh Date
+- Report Date
+- Public Teams
+- Active Public Teams
+- Private Teams
+- Active Private Teams
+
+### JSON
+
+If successful, this method returns a `200 OK` response code and a JSON object in the response body.
+
+## Examples
+
+### Example 1: CSV output
+
+The following is an example that outputs CSV.
+
+#### Request
+
+The following is an example of a request.
+
+<!-- {
+ "blockType": "ignored",
+ "name": "reportroot_getteamsteamcounts_csv"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/reports/getTeamsTeamCounts(period='D7')?$format=text/csv
+```
++
+#### Response
+
+The following is an example of the response.
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+HTTP/1.1 302 Found
+Content-Type: text/plain
+Location: https://reports.office.com/data/download/JDFKdf2_eJXKS034dbc7e0t__XDe
+```
+
+Follow the 302 redirection and the CSV file that downloads will have the following schema.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "stream"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/octet-stream
+Report Refresh Date,Report Date,Public Teams,Active Public Teams,Private Teams,Active Private Teams,
+```
+
+### Example 2: JSON output
+
+The following is an example that returns JSON.
+
+#### Request
+
+The following is an example of a request.
+
+<!-- {
+ "blockType": "ignored",
+ "name": "reportroot_getteamsteamcounts_json"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/beta/reports/getTeamsTeamCounts(period='D7')?$format=application/json
+```
++
+#### Response
+
+The following is an example of the response.
+
+> **Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "stream"
+} -->
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+Content-Length: 641
+{
+ "@odata.context": "https://graph.microsoft.com/beta/reports/getTeamsTeamCounts(period='D7')?$format=application/json&$skiptoken=D07uj",
+ "value": [
+ {
+ "reportRefreshDate": "2021-09-01",
+ "reportPeriod":7,
+ "teamsTeamUsageByDate": [
+ {
+ "reportDate": "2022-08-01",
+ "publicTeams": 26,
+ "privateTeams": 17,
+ "activePublicTeams": 20,
+ "activePrivateTeams": 12
+ }
+ ]
+ }
+ ]
+}
+```
+<!-- uuid: 8fcb5dbc-d5aa-4681-8e31-b001d5168d79
+2015-10-25 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Example",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": "",
+ "suppressions": [
+ ]
+}-->
v1.0 Riskyserviceprincipal List History https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/riskyserviceprincipal-list-history.md
GET https://graph.microsoft.com/beta/identityProtection/riskyServicePrincipals/{
[!INCLUDE [sample-code](../includes/snippets/go/list-riskyserviceprincipalhistoryitem-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/list-riskyserviceprincipalhistoryitem-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Search Query https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/search-query.md
If successful, this method returns an `HTTP 200 OK` response code and a collecti
## Examples
-### Request
+### Example 1: Basic call to perform a search request
+
+The following example shows how to perform a search to get expected connector items.
+
+#### Request
-The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "search_query"
+ "name": "query"
}--> ```HTTP
Content-type: application/json
``` # [C#](#tab/csharp) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [JavaScript](#tab/javascript) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PowerShell](#tab/powershell) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [PHP](#tab/php) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] ### Response
-The following is an example of the response.
+The following example shows the response.
> **Note:** The response object shown here might be shortened for readability.
Content-type: application/json
} ```
+### Example 2: Basic call to use queryTemplate
+
+The following example shows how to use the queryable property **createdBy** to retrieve all files created by a user.
+
+#### Request
+
+```HTTP
+POST https://graph.microsoft.com/beta/search/query
+Content-type: application/json
+
+{
+ "requests": [
+ {
+ "entityTypes": [
+ "listItem"
+ ],
+ "query": {
+ "queryString": "contoso",
+ "queryTemplate":"{searchTerms} CreatedBy:Bob"
+ },
+ "from": 0,
+ "size": 25
+ }
+ ]
+}
+```
+
+### Response
+
+The following example shows the response.
+
+```HTTP
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "value": [
+ {
+ "searchTerms": [
+ "contoso"
+ ],
+ "hitsContainers": [
+ {
+ "hits": [
+ {
+ "hitId": "1",
+ "rank": 1,
+ "summary": "_summary-value",
+ "resource": {
+ "@odata.type": "#microsoft.graph.listItem",
+ "id": "c23c7035-73d6-4bad-8901-9e2930d4be8e",
+ "createdBy": {
+ "user": {
+ "displayName": "Bob",
+ "email": "Bob@contoso.com"
+ }
+ },
+ "createdDateTime": "2021-11-19T17:04:18Z",
+ "lastModifiedDateTime": "2023-03-09T18:52:26Z"
+ }
+ }
+ ],
+ "total": 1,
+ "moreResultsAvailable": false
+ }
+ ]
+ }
+ ]
+}
+```
+ ## See also - Search [mail messages](/graph/search-concept-messages)
Content-type: application/json
- Search [person](/graph/search-concept-person) - Search content in SharePoint and OneDrive ([files, lists and sites](/graph/search-concept-files)) - Search [custom types (Graph Connectors)](/graph/search-concept-custom-types) data
+- Search with [queryTemplate](/graph/search-concept-query-template)
- [Sort](/graph/search-concept-sort) search results - Use [aggregations](/graph/search-concept-aggregation) to refine search results - Enable [spell corrections](/graph/search-concept-speller) in search results
v1.0 Security Ediscoveryexportoperation Getdownloadurl https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoveryexportoperation-getdownloadurl.md
Title: "ediscoveryExportOperation: getDownloadUrl"
-description: "return a downloadUrl from where the export content is delivered as a stream"
+ Title: "ediscoveryExportOperation: getDownloadUrl (deprecated)"
+description: "Return a download URL from where the export content is delivered as a stream."
ms.localizationpriority: medium ms.prod: "ediscovery" doc_type: "apiPageType"
-# ediscoveryExportOperation: getDownloadUrl
+# ediscoveryExportOperation: getDownloadUrl (deprecated)
+ Namespace: microsoft.graph.security [!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-If a Azure blob url is not provided in export action, the export operation exports the files to an internal store. Contents of this store can be fetched by calling into this function. This will return a downloadUrl where the zipped content is delivered as a stream.
+> [!CAUTION]
+> The **getDownloadUrl** function is deprecated and will stop returning data on April 30th, 2023. Please use the new **exportFileMetadata** property returned by the [Get caseOperation](../api/security-ediscoverycase-get.md) API instead.
+
+If an Azure blob URL is not provided in export action, the export operation exports the files to an internal store. Contents of this store can be fetched by calling into this function. This returns a download URL where the zipped content is delivered as a stream.
## Permissions
v1.0 Security Ediscoveryreviewset Export https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoveryreviewset-export.md
The following table shows the parameters that can be used with this action.
|Parameter|Type|Description| |:|:|:|
-|outputName|String| Name of the export. Required. |
-|description|String| Description of the export |
-|azureBlobContainer|String| when you export to your own Azure storage account, this is the container URL. |
-|azureBlobToken|String| when you export to your own Azure storage account, SAS token for the container URL. |
-|exportOptions|String|Specifies options that control the format of the export. Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo`, `tags`.|
+|description|String| Description of the export. |
+|exportOptions|String|Specifies options that control the format of the export. Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo`, `tags`. The `fileInfo` member is deprecated and will stop returning data on April 30th, 2023. Going forward, the summary and load file are always included.|
|exportStructure|String| Options that control file structure and packaging of the export. Possible values are: `none`, `directory`, `pst`.|
+|outputName|String| Name of the export. Required. |
+|azureBlobContainer (deprecated)|String| When you export to your own Azure storage account, this is the container URL. The **azureBlobContainer** property is deprecated and will stop returning data on April 30th, 2023. |
+|azureBlobToken (deprecated)|String| When you export to your own Azure storage account, SAS token for the container URL. The **azureBlobToken** property is deprecated and will stop returning data on April 30th, 2023. |
+ ## Response If the export has started successfully, this action returns a `202 Accepted` response code. The response will also contain a `Location` header, which contains the location of the [Export operation](../resources/security-ediscoveryexportoperation.md) that was created to handle the export.
v1.0 Security Ediscoveryreviewsetquery Export https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/security-ediscoveryreviewsetquery-export.md
The following table shows the parameters that can be used with this action.
|Parameter|Type|Description| |:|:|:|
-|outputName|String| Name of the export. Required. |
-|description|String| Description of the export |
-|azureBlobContainer|String| when you export to your own Azure storage account, this is the container URL. |
-|azureBlobToken|String| when you export to your own Azure storage account, SAS token for the container URL. |
-|exportOptions|String|Specifies options that control the format of the export. Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo`, `tags`.|
+|description|String| Description of the export. |
+|exportOptions|String|Specifies options that control the format of the export. Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo` (deprecated), `tags`. The `fileInfo` member is deprecated and will stop returning data on April 30th, 2023. Going forward, the summary and load file are always included.|
|exportStructure|String| Options that control file structure and packaging of the export. Possible values are: `none`, `directory`, `pst`.|-
+|outputName|String| Name of the export. Required. |
+|azureBlobContainer (deprecated) |String| When you export to your own Azure storage account, this is the container URL. The **azureBlobContainer** property is deprecated and will stop returning data on April 30th, 2023. |
+|azureBlobToken (deprecated) |String| When you export to your own Azure storage account, SAS token for the container URL. The **azureBlobToken** property is deprecated and will stop returning data on April 30th, 2023. |
## Response
v1.0 Servicestoragequotabreakdown Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/servicestoragequotabreakdown-get.md
+
+ Title: "Get serviceStorageQuotaBreakdown"
+description: "Read the properties and relationships of a serviceStorageQuotaBreakdown object."
+
+ms.localizationpriority: medium
++
+# Get serviceStorageQuotaBreakdown
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| Not supported. |
+|Delegated (personal Microsoft account)| Files.Read, Files.Read.All, Files.ReadWrite, Files.ReadWrite.All |
+|Application| Not supported. |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /me/settings/storage/quota/services/{serviceStorageQuotaBreakdownId}
+GET /users/{usersId}/settings/storage/quota/services/{serviceStorageQuotaBreakdownId}
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "get_servicestoragequotabreakdown"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/settings/storage/quota/services/OneDrive
+```
++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.serviceStorageQuotaBreakdown"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "displayName": "OneDrive",
+ "id": "OneDrive",
+ "used": 102633320226,
+ "manageWebUrl": "String"
+}
+```
+
v1.0 Sitepage Getwebpartsbyposition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/sitepage-getwebpartsbyposition.md
The following is an example of a request.
<!-- { "blockType": "request",
- "name": "list_webpart"
+ "name": "get_webparts_by_position"
} -->
The following is an example of a request.
GET https://graph.microsoft.com/beta/sites/{siteId}/pages/{sitePageId}/getWebPartsByPosition(horizontalSectionId={horizontalSectionId},columnId={columnId},webPartIndex={webPartIndex},isInVerticalSection={isInVerticalSection}) ``` - ### Response The following is an example of the response
v1.0 Smsauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/smsauthenticationmethodconfiguration-update.md
PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/s
|Content-Type|application/json. Required.| ## Request body
-In the request body, supply a JSON representation of the [smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md) object with the values of fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance, don't include existing values that haven't changed.
-
-The following table shows the properties that are required when you update the [smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md) object.
|Property|Type|Description| |:|:|:|
-|id|String|The authentication method policy identifier.|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|state|authenticationMethodState|Possible values are: `enabled`, `disabled`.| >**Note:** The `@odata.type` property with a value of `#microsoft.graph.smsAuthenticationMethodConfiguration` must be included in the body.
v1.0 Team Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/team-post.md
Content-Type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go)
Location: /teams('dbd8de4f-5d47-48da-87f1-594bed003375')/operations('3a6fdce1-c2
Content-Location: /teams('dbd8de4f-5d47-48da-87f1-594bed003375') Content-Length: 0 ```
+### Example 7: Create a team with a localized non-standard base template type
+Base template types can be localized to your preferred language choice, which enables you to create templates in your preferred language.
-### Example 7: Create a team with a non-standard base template type with extended properties
+Choose your team template from the defintion list returned by the [List definitions](/graph/api/teamtemplate-list-definitions) operation.
+
+#### Request
+
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "convert_team_from_non_standard_localized"
+}-->
+
+```http
+POST https://graph.microsoft.com/beta/teams
+Content-Type: application/json
+
+{
+
+    "templateDefinition@odata.bind": "https://graph.microsoft.com/betC50ZWFtcy50ZW1wbGF0ZS5NYW5hZ2VBUHJvamVjdCMjUHVibGljIyNhci1TQQ==",
+
+    "displayName": "My Sample Team",
+
+    "description": "My Sample Team’s Description"
+
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+#### Response
+<!-- {
+ "blockType": "response",
+ "name": "convert_team_from_non_standard_localized"
+}-->
+```http
+HTTP/1.1 202 Accepted
+Content-Type: application/json
+Location: /teams('dbd8de4f-5d47-48da-87f1-594bed003375')/operations('3a6fdce1-c261-48bc-89de-1cfef658c0d5')
+Content-Location: /teams('dbd8de4f-5d47-48da-87f1-594bed003375')
+Content-Length: 0
+```
+
+### Example 8: Create a team with a non-standard base template type with extended properties
Base template types can be extended with additional properties, enabling you to build on an existing base template with additional team settings, channels, apps, or tabs.
Content-Location: /teams('dbd8de4f-5d47-48da-87f1-594bed003375')
Content-Length: 0 ```
-### Example 8: Create a team in migration mode
+### Example 9: Create a team in migration mode
#### Request
v1.0 Teamtemplatedefinition Get Teamdefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/teamtemplatedefinition-get-teamdefinition.md
Namespace: microsoft.graph
Get the properties of the [team](../resources/team.md) associated with a [teamTemplateDefinition](../resources/teamstemplate.md) object.
+> **Note**: This API is currently in private preview only. When it reaches public preview, we will publish a blog post announcement on the [Microsoft 365 Developer blog](https://devblogs.microsoft.com/microsoft365dev/).
++ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Teamtemplatedefinition Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/teamtemplatedefinition-get.md
Namespace: microsoft.graph
Read the properties and relationships of a [teamTemplateDefinition](../resources/teamtemplatedefinition.md) object.
+> **Note**: This API is currently in private preview only. When it reaches public preview, we will publish a blog post announcement on the [Microsoft 365 Developer blog](https://devblogs.microsoft.com/microsoft365dev/).
++ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Tenantappmanagementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tenantappmanagementpolicy-update.md
PATCH /policies/defaultAppManagementPolicy
| Authorization | Bearer {token}. Required. | | Content-Type | application/json. Required. |
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
+ ## Request body In the request body, supply the values for relevant fields from the [tenantAppManagementPolicy](../resources/tenantAppManagementPolicy.md) that should be updated. Existing properties that are not included in the request body will maintain their previous values. For best performance, do not include unchanged values in the request payload.
In the request body, supply the values for relevant fields from the [tenantAppMa
| isEnabled | Boolean | Denotes if the policy is enabled. Default value is false. | | servicePrincipalRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all service principal objects in the tenant. |
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
+ ## Response If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
v1.0 Tokenlifetimepolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-delete.md
The following is an example of the request.
}--> ```http
-DELETE https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/{id}
+DELETE https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
``` # [C#](#tab/csharp)
v1.0 Tokenlifetimepolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-get.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/{id}
+GET https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
``` # [C#](#tab/csharp)
HTTP/1.1 200 OK
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/tokenLifetimePolicies/$entity",
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
v1.0 Tokenlifetimepolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-list-appliesto.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/{id}/appliesTo
+GET https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4/appliesTo
``` # [JavaScript](#tab/javascript)
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "id": "id-value",
- "deletedDateTime": "datetime-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#directoryObjects",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.application",
+ "id": "3ccc9971-9ae7-45d6-8de8-263fd25fe116",
+ "appId": "6e4a2285-a438-4bcc-9d76-6c45fb91d4b0",
+ "applicationTemplateId": "8adf8e6e-67b2-4cf2-a259-e3dc5476c621",
+ "displayName": "Contoso IWA App",
+ "publisherDomain": "Contoso.com",
+ "signInAudience": "AzureADMyOrg"
+ }
+ ]
} ```
v1.0 Tokenlifetimepolicy List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-list.md
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/tokenLifetimePolicies",
+ "value": [
+ {
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
+ }
+ ]
} ```
v1.0 Tokenlifetimepolicy Post Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-post-tokenlifetimepolicies.md
If successful, this method returns a `201 Created` response code and a new [toke
### Request
-The following is an example of the request.
+The following is an example of a request that creates a token lifetime policy that sets the access and ID token lifetime to eight hours.
# [HTTP](#tab/http) <!-- {
POST https://graph.microsoft.com/beta/policies/tokenLifetimePolicies
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
HTTP/1.1 201 Created
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/tokenLifetimePolicies/$entity",
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
v1.0 Tokenlifetimepolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/tokenlifetimepolicy-update.md
In the request body, supply the values for relevant fields that should be update
| Property | Type | Description | |:-|:|:|
-|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. Required.|
+|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. For more information about the JSON schema for this property, see [Properties of a token lifetime policy definition](../resources/tokenlifetimepolicy.md#properties-of-a-token-lifetime-policy-definition). Required.|
|description|String| Description for this policy.| |displayName|String| Display name for this policy. Required.|
-|isOrganizationDefault|Boolean|If set to true, activates this policy. There can be many policies for the same policy type, but only one can be activated as the organization default. Optional, default value is false.|
+|isOrganizationDefault|Boolean|If set to `true`, activates this policy. There can be many policies for the same policy type, but only one can be activated as the organization default. Optional, default value is `false`.|
## Response
The following is an example of the request.
}--> ```http
-PATCH https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/{id}
+PATCH https://graph.microsoft.com/beta/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"5:30:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
Content-type: application/json
The following is an example of the response.
-> **Note:** The response object shown here might be shortened for readability.
- <!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.tokenLifetimePolicy"
+ "blockType": "response"
} --> ```http HTTP/1.1 204 No Content
-Content-type: application/json
-
-{
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
-}
``` <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
v1.0 Unifiedstoragequota Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/unifiedstoragequota-get.md
+
+ Title: "Get unifiedStorageQuota"
+description: "Read the properties and relationships of a unifiedStorageQuota object."
+
+ms.localizationpriority: medium
++
+# Get unifiedStorageQuota
+Namespace: microsoft.graph
++
+Read the properties and relationships of a [unifiedStorageQuota](../resources/unifiedstoragequota.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| Not supported. |
+|Delegated (personal Microsoft account)| Files.Read, Files.Read.All, Files.ReadWrite, Files.ReadWrite.All |
+|Application| Not supported. |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /me/settings/storage/quota
+GET /users/{user-id}/settings/storage/quota
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [unifiedStorageQuota](../resources/unifiedstoragequota.md) object in the response body.
+
+## Examples
+
+### Example 1: Get the unified quota information for the current user
+#### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "get_unifiedstoragequota"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/settings/storage/quota
+```
++
+#### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedStorageQuota"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.unifiedStorageQuota",
+ "manageWebUrl": "String",
+ "remaining": 1066671526110,
+ "state": "normal",
+ "total": 1169304846336,
+ "used": 102633320226
+ }
+}
+```
+
+### Example 2: Get the unified quota information for the current user
+#### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "get_unifiedstoragequotabyuserid"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/users/1234BBS1121YY95/settings/storage/quota
+```
++
+#### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedStorageQuota"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.unifiedStorageQuota",
+ "manageWebUrl": "String",
+ "remaining": 1066671526110,
+ "state": "normal",
+ "total": 1169304846336,
+ "used": 102633320226
+ }
+}
+```
+
+### Example 3: Get the unified quota information, along with the service breakdowns, for the current user
+#### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "get_unifiedstoragequotaandservices"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/settings/storage/quota?$expand=services
+```
++
+#### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.unifiedStorageQuota"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.unifiedStorageQuota",
+ "manageWebUrl": "String",
+ "remaining": 1066671526110,
+ "state": "normal",
+ "total": 1169304846336,
+ "used": 102633320226,
+ "services": [
+ {
+ "displayName": "OneDrive",
+ "id": "OneDrive",
+ "used": 102633320226
+ },
+ {
+ "displayName": "Outlook (Attachments)",
+ "id": "Outlook",
+ "used": 123
+ }
+ ]
+ }
+}
+```
v1.0 Unifiedstoragequota List Services https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/unifiedstoragequota-list-services.md
+
+ Title: "List serviceStorageQuotaBreakdown"
+description: "Get a list of serviceStorageQuotaBreakdown objects and their properties."
+
+ms.localizationpriority: medium
++
+# List serviceStorageQuotaBreakdown
+Namespace: microsoft.graph
++
+Get a list of [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) objects and their properties.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)| Not supported. |
+|Delegated (personal Microsoft account)| Files.Read, Files.Read.All, Files.ReadWrite, Files.ReadWrite.All |
+|Application| Not supported. |
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /me/settings/storage/quota/services
+GET /users/{usersId}/settings/storage/quota/services
+```
+
+## Optional query parameters
+This method supports some of the OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) objects in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+<!-- {
+ "blockType": "request",
+ "name": "list_servicestoragequotabreakdown"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/me/settings/storage/quota/services
+```
++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "Collection(microsoft.graph.serviceStorageQuotaBreakdown)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": [
+ {
+ "displayName": "OneDrive",
+ "id": "OneDrive",
+ "used": 102633320226
+ },
+ {
+ "displayName": "Outlook (Attachments)",
+ "id": "Outlook",
+ "used": 123456
+ }
+ ]
+}
+```
+
v1.0 User Activateserviceplan https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-activateserviceplan.md
- Title: "user: activateServicePlan"
-description: "Activate a service plan with a given `servicePlanId` and `skuId` for a given user."
-
-doc_type: apiPageType
--
-# user: activateServicePlan (deprecated)
-
-Namespace: microsoft.graph
--
-> [!CAUTION]
-> The **activateServicePlan** API is deprecated and will stop returning data on June 30, 2022.
-
-Activate a service plan with a given `servicePlanId` and `skuId` for a given user.
-
-## Permissions
-
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
-
-|Permission type|Permissions (from most to least privileged)|
-| : | : |
-| Delegated (work or school account) | Directory.ReadWrite.All |
-| Delegated (personal Microsoft account) | Not Supported. |
-| Application | Directory.ReadWrite.All |
-
-## HTTP request
-
-<!-- {
- "blockType": "ignored"
-}
>-
-``` http
-POST /users/{id | userPrincipalName}/activateServicePlan
-```
-
-## Request headers
-
-| Name | Description |
-| : | : |
-| Authorization | Bearer {token}. Required. |
-| Content-Type | application/json. Required. |
-
-## Request body
-
-In the request body, provide a JSON object with the following parameter:
-
-| Parameter | Type | Description |
-| : | : | : |
-| servicePlanId | Guid | PlanId of the ServicePlan to activate. |
-| skuId | Guid | SkuId of SKU the service plan is on. |
-
-## Response
-
-If successful, this action returns a `204 No Content` response code.
-
-## Examples
-
-### Request
--
-# [HTTP](#tab/http)
-<!-- {
- "blockType": "request",
- "name": "user_activateserviceplan"
-}
>-
-``` http
-POST https://graph.microsoft.com/beta/me/activateServicePlan
-Content-type: application/json
-
-{
- "servicePlanId": "28f42d6f-8034-4a0f-9d8a-a218a63b3299",
- "skuId": "465a2a90-5e59-456d-a7b8-127b9fb2e484"
-}
-```
-
-# [JavaScript](#tab/javascript)
---
-### Response
-
-<!-- {
- "blockType": "response",
- "truncated": true
-}
>-
-``` http
-HTTP/1.1 204 No Content
-```
v1.0 User List Transitivememberof https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-list-transitivememberof.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | | :- | : |
-| Delegated (work or school account) | User.Read, GroupMember.Read.All, Directory.Read.All, Directory.ReadWrite.All |
+| Delegated (work or school account) | User.Read, User.Read.All, GroupMember.Read.All, Group.Read.All, Directory.Read.All, Directory.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. |
-| Application | Directory.Read.All, Directory.ReadWrite.All |
+| Application | User.Read.All, GroupMember.Read.All, Group.Read.All, Directory.Read.All, Directory.ReadWrite.All |
## HTTP request <!-- { "blockType": "ignored" } --> ```http
+GET /me/transitiveMemberOf
GET /users/{id | userPrincipalName}/transitiveMemberOf ```
v1.0 User Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/user-update.md
In the request body, supply the values for relevant fields that should be update
|identities|[objectIdentity](../resources/objectidentity.md) collection| Represents the identities that can be used to sign in to this user account. An identity can be provided by Microsoft, by organizations, or by social identity providers such as Facebook, Google, and Microsoft, and tied to a user account. Any update to **identities** will replace the entire collection and you must supply the userPrincipalName **signInType** identity in the collection.| |interests|String collection|A list for the user to describe their interests.| |jobTitle|String|The userΓÇÖs job title.|
-|mail|String|The SMTP address for the user, for example, `jeff@contoso.onmicrosoft.com`. For Azure AD B2C accounts, this property can be updated up to only ten times with unique SMTP addresses. Changes to this property will also update the user's **proxyAddresses** collection to include the value as a SMTP address.|
+|mail|String|The SMTP address for the user, for example, `jeff@contoso.onmicrosoft.com`. For Azure AD B2C accounts, this property can be updated up to only ten times with unique SMTP addresses. Changes to this property will also update the user's **proxyAddresses** collection to include the value as a SMTP address. Cannot be updated to `null`.|
|mailNickname|String|The mail alias for the user. This property must be specified when a user is created.| |mobilePhone|String|The primary cellular telephone number for the user.| |mySite|String|The URL for the user's personal site.|
v1.0 Virtualendpoint Post Onpremisesconnections https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/virtualendpoint-post-onpremisesconnections.md
Title: "Create cloudPcOnPremisesConnection" description: "Create an Azure network connection for provisioning Cloud PCs."-+ ms.localizationpriority: medium ms.prod: "cloud-pc" doc_type: apiPageType
POST https://graph.microsoft.com/beta/deviceManagement/virtualEndpoint/onPremise
Content-Type: application/json {
- "@odata.type": "#microsoft.graph.cloudPcOnPremisesConnection",
"displayName": "test-canary-02", "type": "hybridAzureADJoin", "subscriptionId": "0ac520ee-14c0-480f-b6c9-0a90c585ffff",
- "subscriptionName": "CPC customer 001 test subscription",
"adDomainName": "contoso001.com", "adDomainUsername": "dcadmin", "organizationalUnit": "OU=Domain Controllers, DC=contoso001, DC=com",
v1.0 Voiceauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/voiceauthenticationmethodconfiguration-update.md
PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/v
|Content-Type|application/json. Required.| ## Request body
-In the request body, supply a JSON representation of the [voiceAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object with the values of fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance, don't include existing values that haven't changed.
-For the list of properties, see [voiceAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md).
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|isOfficePhoneAllowed|Boolean|`true` if users can register office phones, otherwise, `false`.|
+|state|authenticationMethodState|Possible values are: `enabled`, `disabled`.|
>**Note:** The `@odata.type` property with a value of `#microsoft.graph.voiceAuthenticationMethodConfiguration` must be included in the body.
v1.0 Webpart List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/webpart-list.md
Content-Type: application/json
"innerHtml": "<h2>How do you get started?</h2>" }, {
- "@odata.type": "#microsoft.graph.textWebPart",
+ "@odata.type": "#microsoft.graph.standardWebPart",
"id": "6346d908-f20d-4528-902f-3c2a9c8c2442", "webPartType": "d1d91016-032f-456d-98a4-721247c305e8", "data": {
+ "audiences": [],
"dataVersion": "1.9", "description": "Show an image on your page", "title": "Image",
Content-Type: application/json
"alignment": "Center" }, "serverProcessedContent": {
+ "componentDependencies": [],
+ "htmlStrings": [],
+ "links": [],
+ "searchablePlainTexts": [],
"imageSources": [ {
+ "@odata.type": "#microsoft.graph.metaDataKeyStringPair",
"key": "imageSource", "value": "/_LAYOUTS/IMAGES/VISUALTEMPLATEIMAGE1.JPG" } ], "customMetadata": [ {
+ "@odata.type": "#microsoft.graph.metaDataKeyValuePair",
"key": "imageSource", "value": { "siteid": "0264cabe-6b92-450a-b162-b0c3d54fe5e8",
v1.0 Workflow List Executionscope https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/workflow-list-executionscope.md
Namespace: microsoft.graph.identityGovernance
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Lists the users who are in the scope of the execution conditions of a [workflow](../resources/identitygovernance-workflow.md). Users who initially fall in the scope of the execution conditions, but are updated to no longer meet the conditions after it's scheduled to run, will remain on the list for a short period of time before being removed. If the execution scope is changed, users who initially met it's conditions, but no longer do so will be cleared from the list after a short period of time. New users who meet the conditions for the workflow will then be listed.
+List the users that meet the [execution conditions](../resources/identitygovernance-workflowexecutionconditions.md) regardless of whether they have already been processed by the [workflow](../resources/identitygovernance-workflow.md).
-This API call requires workflow scheduling to be enabled.
+The workflow engine periodically evaluates the users that meet the execution conditions. The results will not be up to date if the execution conditions have been changed recently, relevant attributes on the user have been changed recently or the [time based trigger](../resources/identitygovernance-timebasedattributetrigger.md) has been reached recently.
+
+The API is only supported for workflows with [trigger and scope based](../resources/identitygovernance-triggerandscopebasedconditions.md) [execution conditions](../resources/identitygovernance-workflowexecutionconditions.md). Furthermore, results are only returned if the workflows schedule (isSchedulingEnabled) is enabled.
## Permissions
One of the following permissions is required to call this API. To learn more, in
|Delegated (personal Microsoft account)|Not supported.| |Application|LifecycleWorkflows.Read.All, LifecycleWorkflows.ReadWrite.All|
-For delegated scenarios, the admin needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
--- Global administrator-- Global reader-- Lifecycle workflows administrator ## HTTP request
v1.0 X509certificateauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/api/x509certificateauthenticationmethodconfiguration-update.md
PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/x
## Request body [!INCLUDE [table-intro](../../includes/update-property-table-intro.md)]
-The following properties can be updated.
-
-|Property|Type|Description|
-|:|:|:|
-|state|authenticationMethodState|The possible values are: `enabled`, `disabled`. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).|
-|certificateUserBindings|[x509CertificateUserBinding](../resources/x509certificateuserbinding.md) collection|Defines fields in the X.509 certificate that map to attributes of the Azure AD user object in order to bind the certificate to the user. The **priority** of the object determines the order in which the binding is carried out. The first binding that matches will be used and the rest ignored. |
-|authenticationModeConfiguration|[x509CertificateAuthenticationModeConfiguration](../resources/x509certificateauthenticationmodeconfiguration.md)|Defines strong authentication configurations. This configuration includes the default authentication mode and the different rules for strong authentication bindings. |
>**Note:** The `@odata.type` property with a value of `#microsoft.graph.x509CertificateAuthenticationMethodConfiguration` must be included in the body.
v1.0 Accesspackageassignment https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignment.md
In [Azure AD Entitlement Management](entitlementmanagement-overview.md), an acce
|assignmentState|String|The state of the access package assignment. Possible values are `Delivering`, `Delivered`, or `Expired`. Read-only. Supports `$filter` (`eq`).| |assignmentStatus|String|More information about the assignment lifecycle. Possible values include `Delivering`, `Delivered`, `NearExpiry1DayNotificationTriggered`, or `ExpiredNotificationTriggered`. Read-only.| |catalogId|String|The identifier of the catalog containing the access package. Read-only.|
+|customExtensionCalloutInstances|[customExtensionCalloutInstance](customextensioncalloutinstance.md) collection|Information about all the custom extension calls that were made during the access package assignment workflow.|
|expiredDateTime|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`| |id|String| Read-only.| |isExtended|Boolean|Indicates whether the access package assignment is extended. Read-only.|
The following is a JSON representation of the resource.
<!-- { "blockType": "resource",
- "optionalProperties": [
-
- ],
+ "keyProperty": "id",
"@odata.type": "microsoft.graph.accessPackageAssignment",
- "keyProperty": "id"
-}-->
-
-```json
+ "openType": false
+}
+-->
+``` json
{
- "id":"9bdae7b4-6ece-487b-9eb8-9679dbd67aa2",
- "catalogId":"cc30dc98-6d3c-4fa0-bed8-fd76d0efd993",
- "accessPackageId":"e3f47362-993f-4fcb-8a38-532ffca16150",
- "assignmentPolicyId":"63ebd106-8116-40e7-a0ab-01ae475d11bb",
- "targetId":"ab4291f6-66b7-42bf-b597-a05b29414f5c",
- "assignmentStatus":"ExpiredNotificationTriggered",
- "assignmentState":"Expired",
- "isExtended":false,
- "expiredDateTime":"2019-04-25T23:45:40.42Z"
+ "@odata.type": "#microsoft.graph.accessPackageAssignment",
+ "id": "String (identifier)",
+ "catalogId": "String",
+ "accessPackageId": "String",
+ "assignmentPolicyId": "String",
+ "targetId": "String",
+ "assignmentStatus": "String",
+ "assignmentState": "String",
+ "isExtended": "Boolean",
+ "expiredDateTime": "String (timestamp)",
+ "schedule": {
+ "@odata.type": "microsoft.graph.requestSchedule"
+ },
+ "customExtensionCalloutInstances": [
+ {
+ "@odata.type": "microsoft.graph.customExtensionCalloutInstance"
+ }
+ ]
} ```
v1.0 Accesspackageassignmentpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentpolicy.md
To assign a user to an access package, [create an accessPackageAssignmentRequest
|:-|:|:| |accessPackage|[accessPackage](accesspackage.md)| The access package with this policy. Read-only. Nullable. Supports `$expand`.| |customExtensionHandlers|[customExtensionHandler](../resources/customextensionhandler.md) collection| The collection of stages when to execute one or more custom access package workflow extensions. Supports `$expand`.|
+|customExtensionStageSettings|[customExtensionStageSetting](../resources/customextensionstagesetting.md) collection|The collection of stages when to execute one or more custom access package workflow extensions. Supports `$expand`.|
The following is a JSON representation of the resource.
```json {
- "@odata.type": "#microsoft.graph.accessPackageAssignmentPolicy",
- "id": "String (identifier)",
- "accessPackageId": "String",
- "displayName": "String",
- "description": "String",
- "canExtend": "Boolean",
- "durationInDays": "Integer",
- "expirationDateTime": "String (timestamp)",
- "createdBy": "String",
- "createdDateTime": "String (timestamp)",
- "modifiedBy": "String",
- "modifiedDateTime": "String (timestamp)",
- "questions": [
- {
- "@odata.type": "microsoft.graph.accessPackageQuestion"
- }
- ],
- "requestorSettings": {
- "@odata.type": "microsoft.graph.requestorSettings"
- },
- "requestApprovalSettings": {
- "@odata.type": "microsoft.graph.approvalSettings"
- },
- "accessReviewSettings": {
- "@odata.type": "microsoft.graph.assignmentReviewSettings"
- }
+ "@odata.type":"#microsoft.graph.accessPackageAssignmentPolicy",
+ "id":"String (identifier)",
+ "accessPackageId":"String",
+ "displayName":"String",
+ "description":"String",
+ "canExtend":"Boolean",
+ "durationInDays":"Integer",
+ "expirationDateTime":"String (timestamp)",
+ "createdBy":"String",
+ "createdDateTime":"String (timestamp)",
+ "modifiedBy":"String",
+ "modifiedDateTime":"String (timestamp)",
+ "questions":[
+ {
+ "@odata.type":"microsoft.graph.accessPackageQuestion"
+ }
+ ],
+ "requestorSettings":{
+ "@odata.type":"microsoft.graph.requestorSettings"
+ },
+ "requestApprovalSettings":{
+ "@odata.type":"microsoft.graph.approvalSettings"
+ },
+ "accessReviewSettings":{
+ "@odata.type":"microsoft.graph.assignmentReviewSettings"
+ }
} ```
v1.0 Accesspackageassignmentrequest https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentrequest.md
In [Azure AD Entitlement Management](entitlementmanagement-overview.md), an acce
|:-|:|:| |completedDate|DateTimeOffset|The date of the end of processing, either successful or failure, of a request. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.| |createdDateTime|DateTimeOffset|The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`. Read-only.|
-|customExtensionHandlerInstances|[customExtensionHandlerInstance](../resources/customextensionhandlerinstance.md) collection| A collection of [custom workflow extension](customaccesspackageworkflowextension.md) instances being run on an assignment request. Read-only. |
+|customExtensionCalloutInstances|[customExtensionCalloutInstance](../resources/customextensioncalloutinstance.md) collection|Information about all the custom extension calls that were made during the access package assignment request workflow.|
+|customExtensionHandlerInstances|[customExtensionHandlerInstance](../resources/customextensionhandlerinstance.md) collection| A collection of [custom workflow extension](customaccesspackageworkflowextension.md) instances being run on an assignment request. Read-only.|
|id|String| Read-only.| |isValidationOnly|Boolean|True if the request is not to be processed for assignment.| |justification|String|The requestor's supplied justification.|
The following is a JSON representation of the resource.
{ "@odata.type": "microsoft.graph.customExtensionHandlerInstance" }
+ ],
+ "customExtensionCalloutInstances": [
+ {
+ "@odata.type": "microsoft.graph.customExtensionCalloutInstance"
+ }
] } ```
v1.0 Accesspackageassignmentrequestcallbackdata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentrequestcallbackdata.md
+
+ Title: "accessPackageAssignmentRequestCallbackData resource type"
+description: "Access package assignment request workflow calllback back that custom extension endpoint callback."
+
+ms.localizationpriority: medium
++
+# accessPackageAssignmentRequestCallbackData resource type
+
+Namespace: microsoft.graph
++
+Access package assignment request workflow calllback back that custom extension endpoint callback, derived from [customextensiondata](../resources/customextensiondata.md)
++
+Inherits from [customExtensionData](../resources/customextensiondata.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|customExtensionStageInstanceId|String|Unique identifier of the callout to the custom extension.|
+|customExtensionStageInstanceDetail|String|Details for the callback.|
+|stage|accessPackageCustomExtensionStage|Indicates the stage at which the custom callout extension will be executed. The possible values are: `assignmentRequestCreated`, `assignmentRequestApproved`, `assignmentRequestGranted`, `assignmentRequestRemoved`, `assignmentFourteenDaysBeforeExpiration`, `assignmentOneDayBeforeExpiration`, `unknownFutureValue`.|
+|state|String|Allow the extension to be able to deny or cancel the request submitted by the requestor. The supported values are `Denied` and `Canceled`. This property can only be set for an `assignmentRequestCreated` stage.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestCallbackData"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentRequestCallbackData",
+ "stage": "String",
+ "customExtensionStageInstanceId": "String",
+ "customExtensionStageInstanceDetail": "String",
+ "state": "String"
+}
+```
+
v1.0 Accesspackageassignmentrequestworkflowextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentrequestworkflowextension.md
+
+ Title: "accessPackageAssignmentRequestWorkflowExtension resource type"
+description: "Defines the attributes of a logic app that can be called at various stages of an access package request cycle."
+
+ms.localizationpriority: medium
++
+# accessPackageAssignmentRequestWorkflowExtension resource type
+
+Namespace: microsoft.graph
++
+Defines the attributes of a logic app that can be called at various stages of an access package request cycle. You can integrate logic apps with entitlement management to broaden your governance workflows beyond the core entitlement management use cases.
+
+The following use cases can be integrated with logic apps using [access package assignment request](accesspackageassignmentrequest.md) workflow:
+- When an [access package is requested](accesspackageassignmentrequest.md)
+- When an [access package request is approved](accesspackageassignmentrequest.md)
+- When an [access package request is granted](accesspackageassignmentrequest.md)
+- When an [access package assignment expires](accesspackageassignmentrequest.md)
++
+Inherits from [customCalloutExtension](../resources/customcalloutextension.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List accessPackageAssignmentRequestWorkflowExtension](../api/accesspackagecatalog-list-accesspackagecustomworkflowextensions.md)|[customCalloutExtension](../resources/accesspackageassignmentrequestworkflowextension.md) collection|Get a list of the [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) objects and their properties.|
+|[Create accessPackageAssignmentRequestWorkflowExtension](../api/accesspackagecatalog-post-accesspackagecustomworkflowextensions.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md)| Create a new [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.|
+|[Get accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-get.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md)|Read the properties and relationships of an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.|
+|[Update accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-update.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md)|Update the properties of an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.|
+|[Delete accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-delete.md)|None|Delete an [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|callbackConfiguration|[customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md)|The callback configuration for a custom extension.|
+|createdBy|String|The userPrincipalName of the user or identity of the subject that created this resource. Read-only.|
+|createdDateTime|DateTimeOffset|When the object was created.|
+|description|String|Description for the customAccessPackageWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|displayName|String|Display name for the customAccessPackageWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|id|String|Read-only.|
+|lastModifiedBy|String|The userPrincipalName of the identity that last modified the object. |
+|lastModifiedDateTime|DateTimeOffset|When the object was last modified.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "baseType": "microsoft.graph.customCalloutExtension",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentRequestWorkflowExtension",
+ "id": "String (identifier)",
+ "authenticationConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionAuthenticationConfiguration"
+ },
+ "description": "String",
+ "displayName": "String",
+ "endpointConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionEndpointConfiguration"
+ },
+ "createdBy": "String",
+ "lastModifiedBy": "String",
+ "createdDateTime": "String (timestamp)",
+ "lastModifiedDateTime": "String (timestamp)",
+ "callbackConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionCallbackConfiguration"
+ }
+}
+```
+
v1.0 Accesspackageassignmentworkflowextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackageassignmentworkflowextension.md
+
+ Title: "accessPackageAssignmentWorkflowExtension resource type"
+description: "Defines the attributes of a logic app that can be called at various stages of an access package assignment cycle."
+
+ms.localizationpriority: medium
++
+# accessPackageAssignmentWorkflowExtension resource type
+
+Namespace: microsoft.graph
++
+Defines the attributes of a logic app that can be called at various stages of an access package request cycle. You can integrate logic apps with entitlement management to broaden your governance workflows beyond the core entitlement management use cases.
+
+The following use cases can be integrated with logic apps in the [access package assignment](accesspackageassignment.md) workflow:
+- When an [access package assignment will expire in fourteen days](accesspackageassignment.md)
+- When an [access package assignment will expire in one day](accesspackageassignment.md)
+
+Inherits from [customCalloutExtension](../resources/customcalloutextension.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List accessPackageAssignmentWorkflowExtensions](../api/accesspackagecatalog-list-accesspackagecustomworkflowextensions.md)|[customCalloutExtension](../resources/accesspackageassignmentworkflowextension.md) collection|Get a list of the [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) objects and their properties.|
+|[Create accessPackageAssignmentWorkflowExtension](../api/accesspackagecatalog-post-accesspackagecustomworkflowextensions.md)|[accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md)|Create a new [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.|
+|[Get accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-get.md)|[accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md)|Read the properties and relationships of an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.|
+|[Update accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-update.md)|[accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md)|Update the properties of an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.|
+|[Delete accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-delete.md)|None|Delete an [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|authenticationConfiguration|[customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md)|Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|callbackConfiguration|[customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md)|The callback configuration for a custom extension.|
+|createdBy|String|The userPrincipalName of the user or identity of the subject that created this resource. Read-only.|
+|createdDateTime|DateTimeOffset|When the entity was created.|
+|description|String|Description for the customAccessPackageWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|displayName|String|Display name for the customAccessPackageWorkflowExtension object. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|endpointConfiguration|[customExtensionEndpointConfiguration](../resources/customextensionendpointconfiguration.md)|The type and details for configuring the endpoint to call the logic app's workflow. Inherited from [customCalloutExtension](../resources/customcalloutextension.md).|
+|id|String|Read-only.|
+|lastModifiedBy|String|The userPrincipalName of the identity that last modified the entity. |
+|lastModifiedDateTime|DateTimeOffset|When the entity was last modified.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "baseType": "microsoft.graph.customCalloutExtension",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.accessPackageAssignmentWorkflowExtension",
+ "id": "String (identifier)",
+ "authenticationConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionAuthenticationConfiguration"
+ },
+ "clientConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionClientConfiguration"
+ },
+ "description": "String",
+ "displayName": "String",
+ "endpointConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionEndpointConfiguration"
+ },
+ "createdBy": "String",
+ "lastModifiedBy": "String",
+ "createdDateTime": "String (timestamp)",
+ "lastModifiedDateTime": "String (timestamp)",
+ "callbackConfiguration": {
+ "@odata.type": "microsoft.graph.customExtensionCallbackConfiguration"
+ }
+}
+```
+
v1.0 Accesspackagecatalog https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/accesspackagecatalog.md
An access package catalog might also have linked resources that are used in thos
| [List accessPackageCatalog resources](../api/accesspackagecatalog-list-accesspackageresources.md) | [accessPackageResource](accesspackageresource.md) collection | Retrieve a list of accessPackageResource objects in a catalog. | | **Access package resource roles**| | | | [List accessPackageCatalog resource roles](../api/accesspackagecatalog-list-accesspackageresourceroles.md) | [accessPackageResourceRole](accesspackageresourcerole.md) collection | Retrieve a list of accessPackageResourceRole objects for resources in a catalog. |
+| **Access package custom package workflow extensions**| | |
+|[List accessPackageCustomWorkflowExtensions](../api/accesspackagecatalog-list-accessPackageCustomWorkflowExtensions.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) and [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) collection|Get a list of the [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) and [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) objects and their properties.|
+|[Create accessPackageCustomWorkflowExtensions](../api/accesspackagecatalog-post-accessPackageCustomWorkflowExtensions.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md)|Create a new [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.|
+|[Get accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-get.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md)|Read the properties and relationships of a [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) object.|
+|[Update accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-update.md)|[accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md)|Update the properties of a [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) object.|
+|[Delete accessPackageAssignmentRequestWorkflowExtension](../api/accesspackageassignmentrequestworkflowextension-delete.md)|None|Deletes a [accessPackageAssignmentRequestWorkflowExtension](../resources/accessPackageAssignmentRequestWorkflowExtension.md) object.|
+|[Get accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-get.md)|[accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md)|Read the properties and relationships of a [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.|
+|[Update accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-update.md)|[accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md)|Update the properties of a [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.|
+|[Delete accessPackageAssignmentWorkflowExtension](../api/accesspackageassignmentworkflowextension-delete.md)|None|Deletes a [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.|
| **Custom access package package workflow extensions**| | | |[List customAccessPackageWorkflowExtensions](../api/accesspackagecatalog-list-customaccesspackageworkflowextensions.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) collection|Get a list of the [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) objects and their properties.| |[Create customAccessPackageWorkflowExtensions](../api/accesspackagecatalog-post-customaccesspackageworkflowextensions.md)|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md)|Create a new [customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) object.|
An access package catalog might also have linked resources that are used in thos
| Relationship | Type | Description | |:-|:|:| |accessPackages|[accessPackage](accesspackage.md) collection| The access packages in this catalog. Read-only. Nullable. Supports `$expand`.|
+|accessPackageCustomWorkflowExtensions|[customCalloutExtension](../resources/customcalloutextension.md) collection|The attributes of a logic app, which can be called at various stages of an access package request and assignment cycle. |
|accessPackageResources|[accessPackageResource](accesspackageresource.md) collection| Read-only. Nullable.| |accessPackageResourceRoles|[accessPackageResourceRole](accesspackageresourcerole.md) collection|The roles in each resource in a catalog. Read-only.| |accessPackageResourceScopes|[accessPackageResourceScope](accesspackageresourcescope.md) collection|Read-only.|
-|customAccessPackageWorkflowExtension|[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) collection|The attributes of a logic app, which can be called at various stages of an access package request and assignment cycle. |
+|customAccessPackageWorkflowExtension |[customAccessPackageWorkflowExtension](../resources/customaccesspackageworkflowextension.md) collection|The attributes of a logic app, which can be called at various stages of an access package request and assignment cycle. |
## JSON representation
v1.0 Activateservice https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/activateservice.md
- Title: "activateService resource type"
-description: "Represents a service to be activated."
-
-doc_type: apiPageType
--
-# activateService resource type (deprecated)
-
-Namespace: microsoft.graph
--
-Represents a service to be activated.
-
-## Properties
-
-| Property | Type | Description |
-| -- | | - |
-| service| String | The name of the service to activate. |
-| servicePlanId | Guid | The plan identifier of the service plan to activate. |
-| skuId | Guid | The SKU identifier of the service plan. |
-
-## JSON representation
-
-Here is a JSON representation of the resource.
-
-<!-- {
- "blockType": "resource",
- "optionalProperties": [
-
- ],
- "@odata.type": "microsoft.graph.activateService"
-}-->
-
-```json
-{
- "service": "String",
- "skuId": "Guid",
- "servicePlanId": "Guid"
-}
-
-```
-
-<!-- uuid: 20fd7863-9545-40d4-ae8f-fee2d115a690
-2015-10-25 14:57:30 UTC -->
-<!--
-{
- "type": "#page.annotation",
- "description": "activateService",
- "keywords": "",
- "section": "documentation",
- "tocPath": "",
- "suppressions": []
-}
>
v1.0 Applicationauthenticationmethodpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/applicationauthenticationmethodpolicy.md
ms.prod: "identity-and-sign-in"
doc_type: "conceptualPageType"
-# Azure AD application authentication methods API overview (preview)
+# Azure AD application authentication methods API overview
Namespace: microsoft.graph
v1.0 Authenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationmethodconfiguration.md
The following authentication methods are derived from the **authenticationMethod
+ [emailAuthenticationMethodConfiguration](emailauthenticationmethodconfiguration.md) + [fido2AuthenticationMethodConfiguration](fido2authenticationmethodconfiguration.md) + [microsoftAuthenticatorAuthenticationMethodConfiguration](microsoftauthenticatorauthenticationmethodconfiguration.md)++ [voiceAuthenticationMethodConfiguration](voiceauthenticationmethodconfiguration.md) + [smsAuthenticationMethodConfiguration](smsauthenticationmethodconfiguration.md)++ [softwareOathAuthenticationMethodConfiguration](softwareoathauthenticationmethodconfiguration.md) + [temporaryAccessPassAuthenticationMethodConfiguration](smsauthenticationmethodconfiguration.md) + [x509CertificateAuthenticationMethodConfiguration](x509certificateauthenticationmethodconfiguration.md)
The following is a JSON representation of the resource.
{ "@odata.type": "#microsoft.graph.authenticationMethodConfiguration", "id": "String (identifier)",
- "state": "String"
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ]
} ```
v1.0 Authenticationmethodspolicies Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/authenticationmethodspolicies-overview.md
The authentication method policies APIs are used to manage policy settings. For
|Authentication method policy | Description | |:|:|
-|[smsAuthenticationMethodConfiguration](smsAuthenticationMethodConfiguration.md)| Define users who can use Text Message on the Azure AD tenant.|
+|[emailauthenticationmethodconfiguration](emailauthenticationmethodconfiguration.md)|Define users who can use email OTP on the Azure AD tenant.|
|[fido2authenticationmethodconfiguration](fido2authenticationmethodconfiguration.md)| Define FIDO2 security key restrictions and users who can use them to sign in to Azure AD.| |[microsoftauthenticatorauthenticationmethodconfiguration](microsoftauthenticatorauthenticationmethodconfiguration.md)|Define users who can use Microsoft Authenticator on the Azure AD tenant.|
-|[emailauthenticationmethodconfiguration](emailauthenticationmethodconfiguration.md)|Define users who can use email OTP on the Azure AD tenant.|
|[passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration](passwordlessmicrosoftauthenticatorauthenticationmethodconfiguration.md) (deprecated)|Define users who can use Passwordless Phone Sign-in to sign in to Azure AD.|
+|[smsAuthenticationMethodConfiguration](smsAuthenticationMethodConfiguration.md)| Define users who can use Text Message on the Azure AD tenant.|
+|[softwareOathAuthenticationMethodConfiguration](softwareOathAuthenticationMethodConfiguration.md)|Define users who can use a third-party software OATH authentication method.|
|[temporaryaccesspassauthenticationmethodconfiguration](temporaryaccesspassauthenticationmethodconfiguration.md)|Define users who can use Temporary Access Pass to sign in to Azure AD.|
+|[voiceAuthenticationMethodConfiguration](voiceAuthenticationMethodConfiguration.md)|Define users or groups that are enabled to use the voice call authentication method.|
|[x509CertificateAuthenticationMethodConfiguration](x509CertificateAuthenticationMethodConfiguration.md)|Define users who can use X.509 certificate to sign in to Azure AD.| ## Policies available to push users to set up authentication methods:
v1.0 Azureadpoptokenauthentication https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/azureadpoptokenauthentication.md
+
+ Title: "azureAdPopTokenAuthentication resource type"
+description: "Defines the Azure AD Proof Of Possession (PoP) used to authenticate with a workflow extension."
+
+ms.localizationpriority: medium
++
+# azureAdPopTokenAuthentication resource type
+
+Namespace: microsoft.graph
++
+Defines the Proof Of Possession (PoP) token authentication model to authenticate a logic app with a [accessPackageAssignmentRequestWorkflowExtensions](../resources/accessPackageAssignmentRequestWorkflowExtension.md) or a [accessPackageAssignmentWorkflowExtensions](../resources/accessPackageAssignmentWorkflowExtension.md) object.
+
+Inherits from [customExtensionAuthenticationConfiguration](../resources/customextensionauthenticationconfiguration.md).
+
+## Properties
+None.
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "baseType": "microsoft.graph.customExtensionAuthenticationConfiguration",
+ "@odata.type": "microsoft.graph.azureAdPopTokenAuthentication"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.azureAdPopTokenAuthentication"
+}
+```
v1.0 Callrecords Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/callrecords-api-overview.md
Title: "Working with the call records API in Microsoft Graph" description: "The Microsoft Graph call records API allows you to retrieve usage and diagnostics data for calls and online meetings within your organization."-+ doc_type: conceptualPageType ms.prod: cloud-communications ms.localizationpriority: high
ms.localizationpriority: high
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Call records provide usage and diagnostic information about the calls and online meetings that occur within your organization when using Microsoft Teams or Skype for Business. You can use the call records APIs to subscribe to call records and look up call records by IDs.
+Call records provide usage and diagnostic information about the calls and online meetings that occur within your organization when using Microsoft Teams or Skype for Business. You can use the call records APIs to subscribe to call records and look up call records by IDs. A call record is created after a call or meeting ends and the record is retained for 30 days.
The call records API is defined in the OData sub-namespace, `microsoft.graph.callRecords`.
v1.0 Callrecords Callrecord https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/callrecords-callrecord.md
Title: "callRecord resource type" description: "Represents a single peer-to-peer call or a group call between multiple participants, sometimes referred to as an online meeting." ms.localizationpriority: medium-+ ms.prod: "cloud-communications" doc_type: "resourcePageType"
Namespace: microsoft.graph.callRecords
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents a single peer-to-peer call or a group call between multiple participants, sometimes referred to as an online meeting.
+Represents a single peer-to-peer call or a group call between multiple participants, sometimes referred to as an online meeting. A call record is created after a call or meeting ends.
## Methods
v1.0 Cloudpc https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpc.md
Represents a cloud-managed virtual desktop. This Cloud PC is also enrolled into
|[List for user](../api/user-list-cloudpcs.md)|[cloudPC](../resources/cloudpc.md) collection|List the [cloudPC](../resources/cloudpc.md) devices that are attributed to the signed-in user.| |[Get launch info for user](../api/cloudpc-getcloudpclaunchinfo.md)|[cloudPCLaunchInfo](../resources/cloudpclaunchinfo.md)|Get the [cloudPCLaunchInfo](../resources/cloudpclaunchinfo.md) for the signed-in user.| |[Get connectivity history](../api/cloudpc-getcloudpcconnectivityhistory.md)|[cloudPcConnectivityEvent](../resources/cloudpcconnectivityevent.md) collection|Get the Cloud PC connectivity history.|
+|[Get shift work access state](../api/cloudpc-getshiftworkcloudpcaccessstate.md)|[shiftWorkCloudPcAccessState](#shiftworkcloudpcaccessstate-values)|Get the access state of the shift work Cloud PC. The possible values are: {unassigned, noLicensesAvailable, activationFailed, active, activating, waitlisted, unknownFutureValue, hibernated}. Note that you must use the `Prefer: include-unknown-enum-members` request header to get the following value in this [shiftWorkCloudPcAccessState](#shiftworkcloudpcaccessstate-values): {hibernated}.|
|[Get supported remote actions](../api/cloudpc-getsupportedcloudpcremoteactions.md)|[cloudPcRemoteActionCapability](../resources/cloudpcremoteactioncapability.md) collection|Get a list of supported Cloud PC remote actions for a specific Cloud PC device, including the action names and capabilities.| |[Retry partner agent installation](../api/cloudpc-retrypartneragentinstallation.md)|None|Retry installation for the partner agents which failed to install on the [cloudPC](../resources/cloudpc.md).|
Represents a cloud-managed virtual desktop. This Cloud PC is also enrolled into
|Property|Type|Description| |:|:|:| |aadDeviceId|String|The Azure Active Directory (Azure AD) device ID of the Cloud PC.|
-|connectivityResult|[cloudPcConnectivityResult](../resources/cloudpcconnectivityresult.md)|The connectivity health check result of a Cloud PC, including the updated timestamp and whether the Cloud PC is able to be connected or not.|
+|connectivityResult|[cloudPcConnectivityResult](../resources/cloudpcconnectivityresult.md)|The connectivity health check result of a Cloud PC, including the updated timestamp and whether the Cloud PC can be connected.|
|diskEncryptionState|[cloudPcDiskEncryptionState](#cloudpcdiskencryptionstate-values)|The disk encryption applied to the Cloud PC. Possible values: `notAvailable`, `notEncrypted`, `encryptedUsingPlatformManagedKey`, `encryptedUsingCustomerManagedKey`, and `unknownFutureValue`.| |displayName|String|The display name of the Cloud PC.| |gracePeriodEndDateTime|DateTimeOffset|The date and time when the grace period ends and reprovisioning/deprovisioning happens. Required only if the status is `inGracePeriod`. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.|
Represents a cloud-managed virtual desktop. This Cloud PC is also enrolled into
|restoring|The Cloud PC is restoring.| |unknownFutureValue|Evolvable enumeration sentinel value. Do not use.|
+### shiftWorkCloudPcAccessState values
+The following table lists the members of an [evolvable enumeration](#shiftworkcloudpcaccessstate-values). You must use the `Prefer: include-unknown-enum-members` request header to get the following values in this evolvable enum: `hibernated`.
+
+|Member|Description|
+|:|:|
+|unassigned|Set to unassigned if the Cloud PC is not consuming any shared-use licenses. The default value is unassigned.|
+|noLicensesAvailable|Indicates that all shared-use licenses are in use.|
+|activationFailed|Indicates that the shift work Cloud PC activation failed after the user requested a shift work Cloud PC.|
+|active|Indicates that the shift work Cloud PC is in an active state with a shared-use license assigned, and the user can connect to the Cloud PC.|
+|activating|Indicates that a user requested to connect the Cloud PC and the service is starting.|
+|waitlisted (deprecated)|Indicates that the shift work Cloud PC is in waitlisted state after the user requests to connect this Cloud PC and all shared use licenses are being actively used. This value is deprecated and will stop returning on May 17, 2023. |
+|unknownFutureValue|Evolvable enumeration sentinel value. Do not use.|
+|hibernated|Indicates that the shift work Cloud PC is in the hibernated state before it's shut down and deallocated. A shift work Cloud PC in hibernated state is still accessible by the user.|
+ ## Relationships None.
v1.0 Cloudpcserviceplan https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/cloudpcserviceplan.md
Title: "cloudPcServicePlan resource type"
-description: "Represents a Windows 365 service plan configured for a Cloud PC."
+description: "Represents a Windows 365 service plan that can be purchased and configured for a Cloud PC."
ms.localizationpriority: medium ms.prod: "cloud-pc"
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Represents a Windows 365 service plan configured for a Cloud PC.
+Represents a Windows 365 service plan that can be purchased and configured for a Cloud PC.
-For examples of currently available service plans, see [Windows 365 compare plans and pricing](https://www.microsoft.com/windows-365/business/compare-plans-pricing). Currently, Microsoft Graph API is available for Windows 365 Enterprise.
+For examples of currently available service plans, see [Windows 365 compare plans and pricing](https://www.microsoft.com/windows-365/business/compare-plans-pricing). Currently, the Microsoft Graph API is available for Windows 365 Enterprise.
## Methods
For examples of currently available service plans, see [Windows 365 compare plan
|type|[cloudPcServicePlanType](#cloudpcserviceplantype-values)|The type of the service plan. Possible values are: `enterprise`, `business`, `unknownFutureValue`. Read-only.| |userProfileInGB|Int32|The size of the user profile disk in GB. Read-only.| |vCpuCount|Int32|The number of vCPUs. Read-only.|
+|supportedSolution|[cloudPcManagementService](../resources/cloudpconpremisesconnection.md#cloudpcmanagementservice-values)|The supported service or solution for the region. The possible values are: `windows365`, `devBox`, `rpaBox`, `unknownFutureValue`. Read-only.|
+|provisioningType|[cloudPcProvisioningType](../resources/cloudpcprovisioningpolicy.md#cloudpcprovisioningtype-values)|Specifies the type of license used when provisioning Cloud PCs. By default, the license type is `dedicated`. Possible values are: `dedicated`, `shared`, `unknownFutureValue`.|
### cloudPcServicePlanType values
The following is a JSON representation of the resource.
"vCpuCount": "Int32", "ramInGB": "Int32", "storageInGB": "Int32",
- "userProfileInGB": "Int32"
+ "userProfileInGB": "Int32",
+ "supportedSolution": "String",
+ "provisioningType": "String"
} ```
v1.0 Customcalloutextension https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customcalloutextension.md
Title: "customCalloutExtension resource type" description: "An abstract type that defines the configuration for logic apps that can be integrated with the customer's entitlement management use cases to implement broader governance workflows. This abstract type is inherited by the customAccessPackageWorkflowExtension resource type"-+ ms.localizationpriority: medium ms.prod: "governance" doc_type: resourcePageType
This abstract type is inherited by:
- [customAccessPackageWorkflowExtension](customaccesspackageworkflowextension.md) - [customTaskExtension](../resources/identitygovernance-customtaskextension.md)
+- [accessPackageAssignmentRequestWorkflowExtension](accesspackageassignmentrequestworkflowextension.md)
+- [accessPackageAssignmentWorkflowExtension](../resources/accesspackageassignmentworkflowextension.md)
Inherits from [entity](entity.md).
v1.0 Customextensionauthenticationconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensionauthenticationconfiguration.md
Title: "customExtensionAuthenticationConfiguration resource type" description: "Abstract base type that exposes the configuration for the **authenticationConfiguration** property of the derived types that inherit from the customCalloutExtension abstract type"-+ ms.localizationpriority: medium ms.prod: "governance" doc_type: resourcePageType
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Abstract base type that exposes the configuration for the **authenticationConfiguration** property of the derived types that inherit from the [customCalloutExtension](customcalloutextension.md) abstract type. This abstract type is inherited by the [azureAdTokenAuthentication](../resources/azureadtokenauthentication.md) resource type.
+Abstract base type that exposes the configuration for the **authenticationConfiguration** property of the derived types that inherit from the [customCalloutExtension](customcalloutextension.md) abstract type.
+
+This abstract type is inherited by the following resource types:
+- [azureAdTokenAuthentication](../resources/azureadtokenauthentication.md)
+- [azureAdPopTokenAuthentication](../resources/azureAdPopTokenAuthentication.md)
+
+The type of token authentication used depends on the token security. If the token security value is normal, you will use the [azureAdTokenAuthentication](../resources/azureadtokenauthentication.md) resource type. If the value is Proof of Possession, you will use the [azureAdPopTokenAuthentication](../resources/azureAdPopTokenAuthentication.md) resource type.
## Properties
The following is a JSON representation of the resource.
``` json {
- "@odata.type": "#microsoft.graph.customExtensionAuthenticationConfiguration "
+ "@odata.type": "#microsoft.graph.customExtensionAuthenticationConfiguration"
}
-```
+```
v1.0 Customextensioncallbackconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensioncallbackconfiguration.md
Title: "customExtensionCallbackConfiguration resource type"
-description: "The callback configuration for a custom task extension that's linked to an Azure Logic App."
-
+description: "Callback settings that define how long Azure AD can wait for a resume signal for the callout that it made to the logic app."
+ ms.localizationpriority: medium ms.prod: "governance" doc_type: resourcePageType
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-This is an abstract type describing the callback configuration of a [custom callout extension](../resources/customcalloutextension.md).
-This abstract type is inherited by:
-+ [customTaskExtensionCallbackConfiguration](../resources/identitygovernance-customtaskextensioncallbackconfiguration.md)
+Callback settings that define how long Azure AD can wait for a resume signal for the callout that it made to the logic app. This is an abstract type that's inherited by [customTaskExtensionCallbackConfiguration](../resources/identitygovernance-customtaskextensioncallbackconfiguration.md).
## Properties |Property|Type|Description| |:|:|:|
-|timeoutDuration|Duration|Callback time out in ISO 8601 time duration. Accepted time durations are between five minutes to three hours. For example, PT5M for five minutes and PT3H for three hours.|
+|timeoutDuration|Duration|The maximum duration in ISO 8601 format that Azure AD will wait for a resume action for the callout it sent to the logic app. The valid range for custom extensions in lifecycle workflows is five minutes to three hours. The valid range for custom extensions in entitlement management is between 5 minutes and 14 days. For example, `PT3H` refers to three hours, `P3D` refers to three days, `PT10M` refers to ten minutes.|
-## Relationships
+## Relationships
None. ## JSON representation- The following is a JSON representation of the resource. <!-- { "blockType": "resource",
The following is a JSON representation of the resource.
"timeoutDuration": "String (duration)" } ```+
v1.0 Customextensioncalloutinstance https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensioncalloutinstance.md
+
+ Title: "customExtensionCalloutInstance resource type"
+description: "Defines the calls that were made by an instance of a custom extension callout."
+
+ms.localizationpriority: medium
++
+# customExtensionCalloutInstance resource type
+
+Namespace: microsoft.graph
++
+Defines the calls that were made by an instance of a custom extension callout.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|customExtensionId|String|Identification of the custom extension that was triggered at this instance.|
+|detail|String|Details provided by the logic app during the callback of the request instance.|
+|externalCorrelationId|String|The unique run identifier for the logic app.|
+|id|String|Unique identifier for the callout instance. Read-only.|
+|status|customExtensionCalloutInstanceStatus| The status of the request to the custom extension. The possible values are: `calloutSent`, `callbackReceived`, `calloutFailed`, `callbackTimedOut`, `waitingForCallback`, `unknownFutureValue`.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.customExtensionCalloutInstance"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.customExtensionCalloutInstance",
+ "id": "String (identifier)",
+ "customExtensionId": "String",
+ "externalCorrelationId": "String",
+ "detail": "String",
+ "status": "String"
+}
+```
+
v1.0 Customextensiondata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensiondata.md
Title: "customExtensionData resource type" description: "An abstract type noting the data being sent and received as part of extensibility scenarios based on custom callout extensions"-+ ms.localizationpriority: medium ms.prod: "governance" doc_type: resourcePageType
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)] This is an abstract type noting the data being sent and received as part of extensibility scenarios based on [custom callout extensions](../resources/customcalloutextension.md). The following types are derived from this abstract type:
-+ [customTaskExtensionCalloutData](../resources/identitygovernance-customtaskextensioncalloutdata.md)
-+ [customTaskExtensionCallbackData](../resources/identitygovernance-customtaskextensioncallbackdata.md)
+- [accessPackageAssignmentRequestCallbackData](../resources/accesspackageassignmentrequestcallbackdata.md)
+- [customTaskExtensionCalloutData](../resources/identitygovernance-customtaskextensioncalloutdata.md)
+- [customTaskExtensionCallbackData](../resources/identitygovernance-customtaskextensioncallbackdata.md)
## Properties- None. ## Relationships- None. ## JSON representation- The following is a JSON representation of the resource. <!-- { "blockType": "resource",
v1.0 Customextensionstagesetting https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/customextensionstagesetting.md
+
+ Title: "customExtensionStageSetting resource type"
+description: "Defines when to execute an access package custom workflow extension."
+
+ms.localizationpriority: medium
++
+# customExtensionStageSetting resource type
+
+Namespace: microsoft.graph
++
+Defines when to execute a [accessPackageAssignmentRequestWorkflowExtension](../resources/accesspackageassignmentrequestworkflowextension.md) or [accessPackageAssignmentWorkflowExtension](../resources/accessPackageAssignmentWorkflowExtension.md) object.
++
+Inherits from [entity](../resources/entity.md).
+
+To read the **customExtensionStageSettings** objects on a policy, append `?$expand=customExtensionStageSettings` to a [GET accessPackageAssignmentPolicy](../api/accesspackageassignmentpolicy-get.md) request. For example, `GET https://graph.microsoft.com/bet#example-2-retrieve-the-custom-extension-handlers-for-a-policy).
+
+To delete the **customExtensionStageSettings** objects from a policy, call the [Update accessPackageAssignmentPolicy](../api/accesspackageassignmentpolicy-update.md) and specify the customExtensionHandlers property as an empty collection. For more details, see [Example 2: Remove the customExtensionStageSettings from a policy](../api/accesspackageassignmentpolicy-update.md#example-3-remove-the-customextensionstagesettings-from-a-policy).
+
+## Methods
+None
++
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String| Identifier of the stage. Inherited from [entity](../resources/entity.md).|
+|stage|accessPackageCustomExtensionStage|Indicates the stage of the access package assignment request workflow when the access package custom extension runs. The possible values are: `assignmentRequestCreated`, `assignmentRequestApproved`, `assignmentRequestGranted`, `assignmentRequestRemoved`, `assignmentFourteenDaysBeforeExpiration`, `assignmentOneDayBeforeExpiration`, `unknownFutureValue`.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|customExtension|[customCalloutExtension](../resources/customcalloutextension.md)|Indicates the custom workflow extension that will be executed at this stage. Nullable. Supports `$expand`.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.customExtensionStageSetting",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.customExtensionStageSetting",
+ "id": "String (identifier)",
+ "stage": "String"
+}
+```
+
v1.0 Dynamics Graph Reference https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/dynamics-graph-reference.md
Use the Azure AD v2.0 endpoint to authenticate Dynamics 365 Business Central API
## Common Dynamics 365 Business Central scenarios The Dynamics 365 Business Central API allows you to read and modify business data through apps that are connected and integrated through a single endpoint. Use the API to, for example, get access to [customer](../resources/dynamics-customer.md) and [vendor](../resources/dynamics-vendor.md) information, or [view overdue payments](../resources/dynamics-agedaccountspayable.md).
+## Environment
+To enable the Dynamics 365 Business Central API, you must ensure that the **Environment Name** in the Business Central Admin Center is **Production**.
+++ ## What's new Find out about the [latest new features and updates](/graph/whats-new-overview) for this API set.
v1.0 Emailauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/emailauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents this tenant's email OTP authentication methods policy. Authentication methods policies define configuration settings and users or groups who are enabled to use the authentication method. Email OTP may be used by the tenant's cloud-native users for self-service password reset, or by external users for authentication during invitation redemption and self-service sign-up for specific apps in user flows.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description|
Represents this tenant's email OTP authentication methods policy. Authentication
|Property|Type|Description| |:|:|:|
+|allowExternalIdToUseEmailOtp|externalEmailOtpState|Determines whether email OTP is usable by external users for authentication. Possible values are: `default`, `enabled`, `disabled`, `unknownFutureValue`. Tenants in the `default` state who did not use public preview will automatically have email OTP enabled beginning in October 2021.|
|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.| |id|String|The authentication method policy identifier. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).| |state|authenticationMethodState|Indicates whether this authentication method is enabled or not. Possible values are: `enabled`, `disabled`.|
-|allowExternalIdToUseEmailOtp|externalEmailOtpState|Determines whether email OTP is usable by external users for authentication. Possible values are: `default`, `enabled`, `disabled`, `unknownFutureValue`. Tenants in the `default` state who did not use public preview will automatically have email OTP enabled beginning in October 2021.|
## Relationships
The following is a JSON representation of the resource.
```json { "@odata.type": "#microsoft.graph.emailAuthenticationMethodConfiguration",
- "id": "String (identifier)",
- "state": "String",
- "excludeTargets": [
+ "allowExternalIdToUseEmailOtp": "String",
+ "excludeTargets": [
{ "@odata.type": "microsoft.graph.excludeTarget" } ],
- "allowExternalIdToUseEmailOtp": "String",
- "includeTargets": [ { "@odata.type": "microsoft.graph.authenticationMethodTarget" } ]
+ "id": "String (identifier)",
+ "includeTargets": [ { "@odata.type": "microsoft.graph.authenticationMethodTarget" } ],
+ "state": "String"
}
-```
+```
v1.0 Emailsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/emailsettings.md
+
+ Title: "emailSettings resource type"
+description: "Defines the settings for emails sent using Lifecycle Workflows."
+
+ms.localizationpriority: medium
++
+# emailSettings resource type
+
+Namespace: microsoft.graph
++
+Defines the settings for emails sent from Lifecycle workflow [tasks](identitygovernance-task.md). Allows you to use a verified custom [domain](domain.md) and [organizationalBranding](organizationalbranding.md) with emails sent out via workflow tasks.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|senderDomain|String|Specifies the [domain](domain.md) that should be used when sending email notifications. This domain must be [verified](../api/domain-verify.md) in order to be used.|
+|useCompanyBranding|Boolean|Specifies if the organizationΓÇÖs banner logo should be included in email notifications. The banner logo will replace the Microsoft logo at the top of the email notification. If `true` the banner logo will be taken from the tenantΓÇÖs [branding settings](organizationalbranding.md). This value can only be set to `true` if the [organizationalBranding](organizationalbranding.md) **bannerLogo** property is set. |
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.emailSettings"
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.emailSettings",
+ "senderDomain": "String",
+ "useCompanyBranding": "Boolean"
+}
+```
v1.0 Enums https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/enums.md
Namespace: microsoft.graph
+### usqState values
+
+| Member |
+|:-|
+| norma. |
+| nearing |
+| critical |
+| full |
+| overLimit |
+ ### userPurpose values | Member |
Namespace: microsoft.graph
|requestReceived| |unknownFutureValue|
+### customExtensionCalloutInstanceStatus values
+
+|Member|
+|:|
+|calloutSent|
+|callbackReceived|
+|calloutFailed|
+|callbackTimedOut|
+|waitingForCallback|
+|unknownFutureValue|
+ ### accessPackageCustomExtensionStage values |Member|
Possible values for user account types (group membership), per Windows definitio
|premigration| |migrationInProgress| |migrationComplete|
+|unknownFutureValue|
### authenticationEventType values
v1.0 Externalconnectors Urltoitemresolverbase https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/externalconnectors-urltoitemresolverbase.md
Namespace: microsoft.graph.externalConnectors
Defines the rules for resolving a URL to the ID of an [externalItem](externalconnectors-externalitem.md).
-This is an abstract type.
+This is an abstract base type of [itemIdResolver](externalconnectors-itemidresolver.md)..
## Properties |Property|Type|Description|
v1.0 Fido2authenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/fido2authenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a FIDO2 authentication methods policy. Authentication methods policies define configuration settings and users or groups who are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description|
The following is a JSON representation of the resource.
"@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration", "id": "String (identifier)", "state": "String",
- "excludeTargets": [
+ "excludeTargets": [
{ "@odata.type": "microsoft.graph.excludeTarget" }
v1.0 Identitygovernance Customtaskextensioncallbackconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-customtaskextensioncallbackconfiguration.md
Namespace: microsoft.graph.identityGovernance
Defines if, and in, which time span a callback is expected from the Azure Logic App.
-Inherits from [customTaskExtensionCallbackConfiguration](../resources/identitygovernance-customtaskextensioncallbackconfiguration.md).
+Inherits from [customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md).
## Properties |Property|Type|Description| |:|:|:|
-|timeoutDuration|Duration| Callback time out in ISO 8601 time duration. Accepted time durations are between five minutes to three hours. For example, PT5M for five minutes and PT3H for three hours. Inherited from [customTaskExtensionCallbackConfiguration](../resources/identitygovernance-customtaskextensioncallbackconfiguration.md).|
+|timeoutDuration|Duration| Callback time out in ISO 8601 time duration. Accepted time durations are between five minutes to three hours. For example, PT5M for five minutes and PT3H for three hours. Inherited from [customExtensionCallbackConfiguration](../resources/customextensioncallbackconfiguration.md).|
+|authorizedApps|microsoft.graph.application collection| Unique identifier for the application object. |
+ ## Relationships
None.
The following is a JSON representation of the resource. <!-- { "blockType": "resource",
- "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCallbackConfiguration"
+ "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCallbackConfiguration",
+ "baseType": "microsoft.graph.customExtensionCallbackConfiguration"
} --> ``` json { "@odata.type": "#microsoft.graph.identityGovernance.customTaskExtensionCallbackConfiguration",
- "timeoutDuration": "String (duration)"
+ "timeoutDuration": "String (duration)",
+ "authorizedApps":[
+ {
+ "@odata.type": "microsoft.graph.application"
+ }
+]
} ```
v1.0 Identitygovernance Customtaskextensioncallbackdata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-customtaskextensioncallbackdata.md
None.
The following is a JSON representation of the resource. <!-- { "blockType": "resource",
- "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCallbackData"
+ "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCallbackData",
+ "baseType": "microsoft.graph.customExtensionData"
} --> ``` json
v1.0 Identitygovernance Customtaskextensioncalloutdata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-customtaskextensioncalloutdata.md
None.
The following is a JSON representation of the resource. <!-- { "blockType": "resource",
- "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCalloutData"
+ "@odata.type": "microsoft.graph.identityGovernance.customTaskExtensionCalloutData",
+ "baseType": "microsoft.graph.customExtensionData"
} --> ``` json
v1.0 Identitygovernance Lifecyclemanagementsettings https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-lifecyclemanagementsettings.md
The settings of Azure AD Lifecycle Workflows in the tenant.
|:|:|:| |id|String|Identifier used for individually addressing Lifecycle Workflow settings.| |workflowScheduleIntervalInHours|Int32|The interval in hours at which all [workflows](../resources/identitygovernance-workflow.md) running in the tenant should be scheduled for execution. This interval has a minimum value of 1 and a maximum value of 24. The default value is 3 hours. |
+|emailSettings|[microsoft.graph.emailSettings](../resources/emailsettings.md)|Defines the settings for emails sent out from email-specific [tasks](../resources/identitygovernance-task.md) within workflows. Accepts 2 parameters<br><br>senderDomain- Defines the domain of who is sending the email. <br>useCompanyBranding- A boolean value that defines if company branding is to be used with the email.|
## Relationships
The following is a JSON representation of the resource.
--> ``` json {
- "@odata.context": "https://graph.microsoft.com/beta/$metadata#identityGovernance/lifecycleWorkflows/settings/$entity",
- "workflowScheduleIntervalInHours": 1
+ "@odata.type": "#microsoft.graph.identityGovernance.lifecycleManagementSettings",
+ "workflowScheduleIntervalInHours": "Integer",
+ "emailSettings": {
+ "@odata.type": "microsoft.graph.emailSettings"
+ }
} ```
v1.0 Identitygovernance Lifecycleworkflows Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-lifecycleworkflows-overview.md
Each workflow contains general descriptive information such as it's identifier,
Workflow tasks are specific actions that run automatically when a workflow is triggered. Lifecycle Workflows defines the following preconfigured and read-only tasks that are allowed for the specified workflow categories. These task definitions show the settings for the task type, guiding you as you create tasks for your workflow.
-<!-- Comment out CRR until we can resolve the links problem
->- [!INCLUDE [lifecycle-workflows-tasks-table](../includes/identitygovernance-lifecycleworkflows-tasks-table.md)] Use the [taskDefinition resource type](identitygovernance-taskdefinition.md) and its associated methods to discover all the predefined tasks that you can configure for your workflow and the settings for the properties The [task](identitygovernance-task.md) resource type and its associated GET methods allow you to view the tasks that are configured for your workflow.
The following [Azure AD roles](/azure/active-directory/roles/permissions-referen
| Operation | Application permissions | Required directory role of the calling user | |:|:|:--|
-| Read | LifecycleWorkflows.Read.All or LifecycleWorkflows.ReadWrite.All | Global Admin, Global Reader or Lifecycle Workflows Administrator |
-| Create, Update or Delete | LifecycleWorkflows.ReadWrite.All | Global Administrator or Lifecycle Workflows Administrator |
+| Read | LifecycleWorkflows.Read.All or LifecycleWorkflows.ReadWrite.All |Global Reader or Lifecycle Workflows Administrator |
+| Create, Update or Delete | LifecycleWorkflows.ReadWrite.All | Lifecycle Workflows Administrator |
## See also
v1.0 Identitygovernance Lifecycleworkflows Reporting Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-lifecycleworkflows-reporting-overview.md
The following [Azure AD roles](/azure/active-directory/roles/permissions-referen
| Operation | Application permissions | Required directory role of the calling user | |:|:|:--|
-| Read | LifecycleWorkflows.Read.All or LifecycleWorkflows.ReadWrite.All | Global Admin, Global Reader or Lifecycle Workflows Administrator |
-| Create, Update or Delete | LifecycleWorkflows.ReadWrite.All | Global Administrator or Lifecycle Workflows Administrator |
+| Read | LifecycleWorkflows.Read.All or LifecycleWorkflows.ReadWrite.All |Global Reader or Lifecycle Workflows Administrator |
+| Create, Update or Delete | LifecycleWorkflows.ReadWrite.All | Lifecycle Workflows Administrator |
## See also
v1.0 Identitygovernance Lifecycleworkflowscontainer https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-lifecycleworkflowscontainer.md
The following is a JSON representation of the resource.
"id": "String (identifier)" } ```+
v1.0 Identitygovernance Ondemandexecutiononly https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-ondemandexecutiononly.md
None.
The following is a JSON representation of the resource. <!-- { "blockType": "resource",
- "@odata.type": "microsoft.graph.identityGovernance.onDemandExecutionOnly"
+ "@odata.type": "microsoft.graph.identityGovernance.onDemandExecutionOnly",
+ "baseType": "microsoft.graph.identityGovernance.workflowExecutionConditions"
} --> ``` json
v1.0 Identitygovernance Run https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-run.md
Inherits from [entity](../resources/entity.md).
|[List runs](../api/identitygovernance-workflow-list-runs.md)|[microsoft.graph.identityGovernance.run](../resources/identitygovernance-run.md) collection|Get a list of the [run](../resources/identitygovernance-run.md) objects and their properties.| |[Get run](../api/identitygovernance-run-get.md)|[microsoft.graph.identityGovernance.run](../resources/identitygovernance-run.md)|Read the properties and relationships of a [run](../resources/identitygovernance-run.md) object.| |[summary](../api/identitygovernance-run-summary.md)|[microsoft.graph.identityGovernance.runSummary](../resources/identitygovernance-runsummary.md)|Get a summary of workflows runs.|
-|[List user processing results](../api/identitygovernance-run-summary.md)|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md) collection|Get a list of user processing results of a run.|
-|[Get user processing result](../api/identitygovernance-run-summary.md)|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md)|Get a user processing result of a run|
|[List task processing results of a run](../api/identitygovernance-run-list-taskprocessingresults.md)|[microsoft.graph.identityGovernance.taskReportSummary](../resources/identitygovernance-taskprocessingresult.md)|List task processing results from a run.| ## Properties
Inherits from [entity](../resources/entity.md).
|completedDateTime|DateTimeOffset|The date time that the run completed. Value is `null` if the workflow hasn't completed.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |failedTasksCount|Int32|The number of tasks that failed in the run execution.| |failedUsersCount|Int32|The number of users that failed in the run execution.|
+|id|String|A unique identifier for the workflow run.|
|lastUpdatedDateTime|DateTimeOffset|The datetime that the run was last updated.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.|
-|processingStatus|String|The run execution status. The possible values are: `queued`, `inProgress`, `completed`, `completedWithErrors`, `canceled`, `failed`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
+|processingStatus|microsoft.graph.identityGovernance.lifecycleWorkflowProcessingStatus|The run execution status. The possible values are: `queued`, `inProgress`, `completed`, `completedWithErrors`, `canceled`, `failed`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
|startedDateTime|DateTimeOffset|The date time that the run execution started.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |scheduledDateTime|DateTimeOffset|The date time that the run is scheduled to be executed for a workflow.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |successfulUsersCount|Int32|The number of successfully completed users in the run.| |totalUsersCount|Int32|The total number of users in the workflow execution.|
+|totalTasksCounts|Int32|The total number of tasks in the run execution.|
|totalUnprocessedTasksCount|Int32|The total number of unprocessed tasks in the run execution.|
-|workflowExecutionType|String|The execution type of the workflows associated with the run. The possible values are: `scheduled`, `onDemand`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
+|workflowExecutionType|microsoft.graph.identityGovernance.workflowExecutionType|The execution type of the workflows associated with the run. The possible values are: `scheduled`, `onDemand`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
## Relationships
The following is a JSON representation of the resource.
"blockType": "resource", "keyProperty": "id", "@odata.type": "microsoft.graph.identityGovernance.run",
- "baseType": "microsoft.graph.entity",
"openType": false } -->
The following is a JSON representation of the resource.
"startedDateTime": "String (timestamp)", "scheduledDateTime": "String (timestamp)", "successfulUsersCount": "Integer",
+ "totalTasksCounts": "Integer",
"totalUsersCount": "Integer", "totalUnprocessedTasksCount": "Integer", "workflowExecutionType": "String"
v1.0 Identitygovernance Runsummary https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-runsummary.md
A summary of runs for a specified time period. This summary allows the administr
|failedTasks|Int32|The number of failed tasks of a workflow.| |successfulRuns|Int32|The number of successful workflow runs.| |totalRuns|Int32|The total number of runs for a workflow.|
+|totalTasks|Int32|The total number of tasks processed by a workflow.|
+|totalUsers|Int32|The total number of users processed by a workflow.|
## Relationships
The following is a JSON representation of the resource.
"failedRuns": "Integer", "failedTasks": "Integer", "successfulRuns": "Integer",
- "totalRuns": "Integer"
+ "totalRuns": "Integer",
+ "totalTasks": "Integer",
+ "totalUsers": "Integer"
} ```
v1.0 Identitygovernance Task https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-task.md
Inherits from [entity](../resources/entity.md).
|taskDefinitionId|String|A unique template identifier for the task. For more information about the tasks that Lifecycle Workflows currently supports and their unique identifiers, see [supported tasks](../resources/identitygovernance-task.md#supported-tasks). Required.<br><br>Supports `$filter`(`eq`, `ne`).| ### Supported tasks
-<!-- Comment out CRR until we can resolve the links problem
-> [!INCLUDE [lifecycle-workflows-tasks-table](../includes/identitygovernance-lifecycleworkflows-tasks-table.md)]
v1.0 Identitygovernance Taskdefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-taskdefinition.md
Inherits from [entity](../resources/entity.md).
|Property|Type|Description| |:|:|:|
-|category|microsoft.graph.identityGovernance.lifecycleTaskCategory|The category of the HR function that the tasks created using this definition can be used with. The possible values are: `joiner`, `leaver`. This is a multi-valued enumeration whose allowed combinations are `joiner`, `joiner,leaver`, or `leaver`.<br><br>Supports `$filter`(`eq`, `ne`, `has`) and `$orderby`. |
+|category|microsoft.graph.identityGovernance.lifecycleTaskCategory|The category of the HR function that the tasks created using this definition can be used with. The possible values are: `joiner`, `leaver`, `unknownFutureValue`. This is a multi-valued enumeration whose allowed combinations are `joiner`, `joiner,leaver`, or `leaver`.<br><br>Supports `$filter`(`eq`, `ne`, `has`) and `$orderby`. |
+|ContinueOnError|Boolean|Defines if the workflow will continue if the task has an error.|
|description|String|The description of the taskDefinition.| |displayName|String|The display name of the taskDefinition.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.| |id|String|The unique identifier for the taskDefinition. Inherited from [entity](../resources/entity.md).|
v1.0 Identitygovernance Timebasedattributetrigger https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-timebasedattributetrigger.md
None.
The following is a JSON representation of the resource. <!-- { "blockType": "resource",
- "@odata.type": "microsoft.graph.identityGovernance.timeBasedAttributeTrigger"
+ "@odata.type": "microsoft.graph.identityGovernance.timeBasedAttributeTrigger",
+ "baseType": "microsoft.graph.identityGovernance.workflowExecutionTrigger"
} --> ``` json
v1.0 Identitygovernance Userprocessingresult https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-userprocessingresult.md
Inherits from [entity](../resources/entity.md).
|Method|Return type|Description| |:|:|:| |[List userProcessingResults](../api/identitygovernance-workflow-list-userprocessingresults.md)|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md) collection|Get a list of the [userProcessingResult](../resources/identitygovernance-userprocessingresult.md) objects and their properties.|
+|[Get userProcessingResult](../api/identitygovernance-userprocessingresult-get.md)|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md)|Get a user processing result.|
|[summary](../api/identitygovernance-userprocessingresult-summary.md)|[microsoft.graph.identityGovernance.userSummary](../resources/identitygovernance-usersummary.md)|Provides a summary of user processing results for a specified time period.|
-|[List taskProcessingResults](../api/identitygovernance-userprocessingresult-list-taskprocessingresults.md)|[microsoft.graph.identityGovernance.taskReport](../resources/identitygovernance-taskprocessingresult.md) collection|Get a list of the [taskProcessingResult](../resources/identitygovernance-taskprocessingresult.md) objects and their properties.|
+|[List taskProcessingResults for a userProcessingResult](../api/identitygovernance-userprocessingresult-list-taskprocessingresults.md)|[microsoft.graph.identityGovernance.taskReport](../resources/identitygovernance-taskprocessingresult.md) collection|Get a list of the [taskProcessingResult](../resources/identitygovernance-taskprocessingresult.md) objects and their properties.|
## Properties
Inherits from [entity](../resources/entity.md).
|:|:|:| |completedDateTime|DateTimeOffset|The date time that the workflow execution for a user completed. Value is null if the workflow hasn't completed.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |failedTasksCount|Int32|The number of tasks that failed in the workflow execution.|
-|id|String|Identifier used for individually addressing a specific user processing result. Inherited from [entity](../resources/entity.md).<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
-|processingStatus|String|The workflow execution status. The possible values are: `queued`, `inProgress`, `completed`, `completedWithErrors`, `canceled`, `failed`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
+|id|String|Identifier used for individually addressing a specific user processing result.Inherited from [entity](../resources/entity.md).<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
+|processingStatus|microsoft.graph.identityGovernance.lifecycleWorkflowProcessingStatus|The workflow execution status. The possible values are: `queued`, `inProgress`, `completed`, `completedWithErrors`, `canceled`, `failed`, `unknownFutureValue`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
|scheduledDateTime|DateTimeOffset|The date time that the workflow is scheduled to be executed for a user.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |startedDateTime|DateTimeOffset|The date time that the workflow execution started. Value is `null` if the workflow execution has not started.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.| |totalTasksCount|Int32|The total number of tasks that in the workflow execution.| |totalUnprocessedTasksCount|Int32|The total number of unprocessed tasks for the workflow.|
-|workflowExecutionType|String|Describes the execution type of the workflow. The possible values are: `scheduled`, `onDemand`, `unknownFutureValue`.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.|
+|workflowExecutionType|microsoft.graph.identityGovernance.workflowExecutionType|Describes the execution type of the workflow. The possible values are: `scheduled`, `onDemand`, `unknownFutureValue`.<br><br>Supports `$filter`(`lt`, `le`, `gt`, `ge`, `eq`, `ne`) and `$orderby`.|
|workflowVersion|Int32|The version of the workflow that was executed.| ## Relationships
v1.0 Identitygovernance Workflowbase https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-workflowbase.md
None.
|:|:|:| |createdBy|[user](../resources/user.md)|The user who created the workflow.| |lastModifiedBy|[user](../resources/user.md)|The user who last modified the workflow.|
-|runs|[microsoft.graph.identityGovernance.run](../resources/identitygovernance-run.md) collection|A history of every time a workflow ran.|
|tasks|[microsoft.graph.identityGovernance.task](../resources/identitygovernance-task.md) collection|The tasks in the workflow.|
-|userProcessingResults|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md) collection|The results of a user processed by the workflow.|
## JSON representation
v1.0 Identitygovernance Workflowtemplate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-workflowtemplate.md
Inherits from [entity](../resources/entity.md).
|description|String|The description of the `workflowTemplate`.| |displayName|String|The display name of the `workflowTemplate`.<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.| |executionConditions|[microsoft.graph.identityGovernance.workflowExecutionConditions](../resources/identitygovernance-workflowexecutionconditions.md)|Conditions describing when to execute the workflow and the criteria to identify in-scope subject set.|
-|id|String|The unique identifier for the `workflowTemplate`. Inherited from [entity](../resources/entity.md).<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
+|id|String|The unique identifier for the `workflowTemplate`.Inherited from [entity](../resources/entity.md).<br><br>Supports `$filter`(`eq`, `ne`) and `$orderby`.|
### Supported workflow templates
v1.0 Identitygovernance Workflowversion https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/identitygovernance-workflowversion.md
Inherits from [workflowBase](../resources/identitygovernance-workflowbase.md).
|:|:|:| |createdBy|[user](../resources/user.md)|The user who created the workflow. Inherited from [workflowBase](../resources/identitygovernance-workflowbase.md).<br><br>Supports `$filter`(`eq`, `ne`) and `$expand`.| |lastModifiedBy|[user](../resources/user.md)|The user who last modified the workflow.<br><br>Supports `$filter`(`eq`, `ne`) and `$expand`.|
-|runs|[microsoft.graph.identityGovernance.run](../resources/identitygovernance-run.md) collection|A history of every time a workflow ran. Inherited from [workflowBase](../resources/identitygovernance-workflowbase.md).|
|tasks|[microsoft.graph.identityGovernance.task](../resources/identitygovernance-task.md) collection|The tasks in the workflow. Inherited from [workflowBase](../resources/identitygovernance-workflowbase.md).|
-|userProcessingResults|[microsoft.graph.identityGovernance.userProcessingResult](../resources/identitygovernance-userprocessingresult.md) collection|The results of a user processed by the workflow. Inherited from [workflowBase](../resources/identitygovernance-workflowbase.md).|
## JSON representation
v1.0 Industrydata Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/industrydata-overview.md
The industry data API is defined in the OData subnamespace `microsoft.graph.indu
## Industry data API and education
-The industry data API powers the [Microsoft School Data Sync](https://sds.microsoft.com) (SDS) platform to help automate the process of importing data and synchronizing organizations, users and users associations, and groups <!-- with Azure Active Directory (Azure AD) and Office 365 --> from student information systems (SIS) and student management systems (SMS) into an organization's Azure Data Lake. After normalizing the data in Azure Data Lake, the API utilizes the data in multiple outbound flows, synchronizing data with [Insights for Education Leaders](https://support.microsoft.com/topic/leader-s-guide-to-education-insights-premium-8738d1b1-4e1c-49bd-9e8d-b5292474c347) and [Education Data Lake Export](/schooldatasync/enable-education-data-lake-export) for custom analytics scenarios.
+The industry data API powers the [Microsoft School Data Sync](https://sds.microsoft.com) (SDS) platform to help automate the process of importing data and synchronizing organizations, users and users associations, and groups <!-- with Azure Active Directory (Azure AD) and Office 365 --> from student information systems (SIS) and student management systems (SMS) into an organization's Azure Data Lake. After normalizing the data in Azure Data Lake <!-- the API utilizes the data in multiple outbound flows, --> SDS can synchronize the data with [Insights for Education Leaders](/schooldatasync/enable-sync-with-insights), for use with the Insights app in Teams for Education, and [Education Data Lake Export](/schooldatasync/enable-education-data-lake-export), for custom analytics scenarios.
![Illustration of the industry data ETL process](/graph/images/industrydata-overview.png)
You can integrate industry data APIs with third-party apps. For details about ho
| Use case | REST resource | See also | | :- | :- | :-- | | Create an activity to import a delimited data set | [inboundFileFlow](../resources/industrydata-inboundfileflow.md) | [inboundFileFlow methods](../resources/industrydata-inboundfileflow.md#methods) |
-| Create a connector to retrieve data from an Azure Data Lake | [azureDataLakeConnector](../resources/industrydata-azuredatalakeconnector.md) | [azureDataLakeConnector methods](../resources/industrydata-azuredatalakeconnector.md#methods) |
| Define a source of inbound data | [sourceSystemDefinition](../resources/industrydata-sourcesystemdefinition.md) | [sourceSystemDefinition methods](../resources/industrydata-sourcesystemdefinition.md#methods) |
+| Create a connector to post data to an Azure Data Lake (if CSV)| [azureDataLakeConnector](../resources/industrydata-azuredatalakeconnector.md) | [azureDataLakeConnector methods](../resources/industrydata-azuredatalakeconnector.md#methods) |
<!-- ## Concepts
v1.0 Logicapptriggerendpointconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/logicapptriggerendpointconfiguration.md
Title: "logicAppTriggerEndpointConfiguration resource type" description: "The configuration details for the logic app's endpoint that is associated with a custom access package workflow extension."-+ ms.localizationpriority: medium ms.prod: "governance" doc_type: resourcePageType
The configuration details for the logic app's endpoint that is associated with a
|logicAppWorkflowName|String|The name of the logic app.| |resourceGroupName|String|The Azure resource group name for the logic app.| |subscriptionId|String|Identifier of the Azure subscription for the logic app.|
+|url|String| The URL to the logic app endpoint that will be triggered. Only required for app-only token scenarios where app is creating a [customCalloutExtension](../resources/customcalloutextension.md) without a signed-in user.|
## JSON representation
The following is a JSON representation of the resource.
"@odata.type": "#microsoft.graph.logicAppTriggerEndpointConfiguration", "subscriptionId": "String", "resourceGroupName": "String",
- "logicAppWorkflowName": "String"
+ "logicAppWorkflowName": "String",
+ "url": "String"
} ```
v1.0 Microsoft Teams Team Usage Reports https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/microsoft-teams-team-usage-reports.md
Use the Microsoft Teams team activity reports to get insights into the usage of
| Function | CSV return type | JSON return type | Description | | : | | - | - | | [Get team detail](../api/reportroot-getteamsteamactivitydetail.md) | Stream | Stream | Get details about Teams activity by team. The numbers include activities for both licensed and non-licensed users. |
-| [Get team counts](../api/reportroot-getteamsteamactivitycounts.md) | Stream | Stream | Get the number of team activities across Microsoft Teams. The activity types are related to meetings and messages. |
+| [Get team activity counts](../api/reportroot-getteamsteamactivitycounts.md) | Stream | Stream | Get the number of team activities across Microsoft Teams. The activity types are related to meetings and messages. |
+| [Get team counts](../api/reportroot-getteamsteamcounts.md) | Stream | Stream | Get the number of teams by type across Microsoft Teams. |
| [Get distribution team counts](../api/reportroot-getteamsteamactivitydistributioncounts.md) | Stream | Stream | Get the number of team activities across Microsoft Teams over a selected period. |
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/microsoftauthenticatorauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a Microsoft Authenticator authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description| |:|:|:|
v1.0 Organization https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/organization.md
This resource lets you add your own data to custom properties using [extensions]
|[Get open extension](../api/opentypeextension-get.md) |[openTypeExtension](opentypeextension.md) collection| Get an open extension identified by the extension name.| |**Schema extensions**| | | |[Add schema extension values](../api/schemaextension-post-schemaextensions.md) | [schemaExtension](schemaextension.md) | Create a schema extension definition and then use it to add custom typed data to a resource.|
-|**Organization licenses**| | |
-|[activateService](../api/organization-activateservice.md) (deprecated) | None | Activate a service for an organization. |
|**Organizational branding**| | | |[Get organizationalBranding](../api/organizationalbranding-get.md) | [organizationalBranding](organizationalbranding.md) | Get the default organizational branding object. | |[Update organizationalBranding](../api/organizationalbranding-update.md) | [organizationalBranding](organizationalbranding.md) | Update the default organizational branding object. |
v1.0 Quota https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/quota.md
-description: The quota resource provides details about space constrains on a drive resource.
+description: The quota resource provides details about space constraints on a drive resource.
Last updated 09/10/2017 Title: Quota ms.localizationpriority: medium
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-The **quota** resource provides details about space constrains on a [drive](drive.md) resource.
+The **quota** resource provides details about space constraints on a [drive](drive.md) resource. In OneDrive Personal, the values reflect the total/used unified storage quota across multiple Microsoft services.
## JSON representation
v1.0 Report https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/report.md
The following table shows the availability for each API across all cloud deploym
| [Admin Report Settings](/graph/api/resources/adminreportsettings?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ£ö | | [Microsoft 365 activations](/graph/api/resources/office-365-activations-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ₧û | | [Microsoft 365 active users](/graph/api/resources/office-365-active-users-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ₧û | Γ£ö | Γ₧û | Γ₧û |
-| [Microsoft 365 Apps usage](/graph/api/resources/microsoft-365-apps-usage-report?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ₧û | Γ£ö | Γ₧û | Γ₧û |
+| [Microsoft 365 Apps usage](/graph/api/resources/microsoft-365-apps-usage-report?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ£ö | Γ₧û | Γ₧û |
| [Microsoft 365 browser usage](/graph/api/resources/microsoft-365-browser-usage-report?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ₧û | Γ₧û | Γ₧û | Γ₧û | | [Microsoft 365 groups activity](/graph/api/resources/office-365-groups-activity-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ₧û | Γ£ö | Γ₧û | Γ₧û | | [Microsoft Teams device usage](/graph/api/resources/microsoft-teams-device-usage-reports?view=graph-rest-beta&preserve-view=true) | Γ£ö | Γ£ö | Γ₧û | Γ₧û | Γ£ö |
v1.0 Security Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-api-overview.md
Alerts from the following security providers are available via this legacy **ale
| Security provider | <p align="center">GET alert</p>| <p align="center">PATCH alert</p>| <p align="center">Subscribe to alert</p>| |:|:|:--|:|
-|[Azure Active Directory Identity Protection](/azure/active-directory/identity-protection/playbook) **** | <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> |
+|[Azure Active Directory Identity Protection](/azure/active-directory/identity-protection/playbook) | <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> |
|[Azure Security Center](/azure/security-center/security-center-alerts-type)| <p align="center">&#x2713;</p> | <p align="center">&#x2713;</p> | <p align="center">&#x2713;</p> | |Microsoft 365 <ul><li> [Default](/office365/securitycompliance/alert-policies#default-alert-policies)</li> <li>[Cloud App Security](/office365/securitycompliance/anomaly-detection-policies-in-ocas)</li><li>Custom Alert</li></ul> | <p align="center">&#x2713;</p> | <p align="center"> [File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) </p> | <p align="center"> [File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) </p> | | [Microsoft Defender for Cloud Apps](/cloud-app-security/monitor-alerts) (formerly Microsoft Cloud App Security) | <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> |
Alerts from the following security providers are available via this legacy **ale
\*\*\* Microsoft Defender for Identity alerts are available via the Microsoft Defender for Cloud Apps integration. This means you will get Microsoft Defender for Identity alerts only if you have joined Unified SecOps and connected Microsoft Defender for Identity into Microsoft Defender for Cloud Apps. Learn more about [how to integrate Microsoft Defender for Identity and Microsoft Defender for Cloud Apps](/azure-advanced-threat-protection/atp-mcas-integration).
-\*\*\*\* Azure AD Identity Protection alerts only include user object IDs. The **userPrincipalName** (UPN) property is not included in GET request responses. This issue does not impact any of the other providers. For details and a workaround, see [Known issues](/graph/known-issues#upn-missing-in-identity-protection-security-alerts).
- ## Attack simulation and training [Attack simulation and training](/microsoft-365/security/office-365-security/attack-simulation-training) is part of [Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/defender-for-office-365?view=o365-worldwide&preserve-view=true). This service lets users in a tenant experience a realistic benign phishing attack and learn from it. Social engineering simulation and training experiences for end users help reduce the risk of users being breached via those attack techniques. The attack simulation and training API enables tenant administrators to view launched [simulation](simulation.md) exercises and trainings, and get [reports](report-m365defender-reports-overview.md) on derived insights into online behaviors of users in the phishing simulations.
v1.0 Security Ediscoveryexportfilemetadata https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-ediscoveryexportfilemetadata.md
+
+ Title: "ediscoveryExportFileMetadata resource type"
+description: "Represents the file metadata for an export in eDiscovery."
+
+ms.localizationpriority: medium
++
+# ediscoveryExportFileMetadata resource type
+
+Namespace: microsoft.graph.security
++
+Represents the file metadata for an export in eDiscovery.
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|downloadUrl| String |The URL to download the export. |
+|fileName | String | The name of the file. |
+|size| Int64 | The size of the file. |
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.security.ediscoveryExportFileMetadata",
+ "openType": false
+}
+-->
+
+``` json
+{
+ "@odata.type": "#microsoft.graph.security.ediscoveryExportFileMetadata",
+ "downloadUrl": "String",
+ "fileName": "String",
+ "size": "Int64"
+}
+```
v1.0 Security Ediscoveryexportoperation https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/security-ediscoveryexportoperation.md
Inherits from [caseOperation](../resources/security-caseoperation.md).
## Methods |Method|Return type|Description| |:|:|:|
-|[getDownloadUrl](../api/security-ediscoveryexportoperation-getdownloadurl.md)|String| Returns the URL for the export.|
+|[getDownloadUrl](../api/security-ediscoveryexportoperation-getdownloadurl.md) (deprecated) |String| Return the URL for the export. The **getDownloadUrl** function is deprecated and will stop returning data on April 30th, 2023. Please use the new **exportFileMetadata** property returned by the [Get caseOperation](../api/security-ediscoverycase-get.md) API instead.|
## Properties |Property|Type|Description| |:|:|:| |action|[microsoft.graph.security.caseAction](../resources/security-caseoperation.md#caseaction-values)| The type of action the operation represents. Possible values are: `addToReviewSet`,`applyTags`,`contentExport`,`convertToPdf`,`estimateStatistics`, `purgeData`|
-|azureBlobContainer|String| The name of the Azure storage location where the export will be stored. This only applies to exports stored in your own Azure storage location. |
-|azureBlobToken|String| The SAS token for the Azure storage location. This only applies to exports stored in your own Azure storage location. |
|completedDateTime|DateTimeOffset| The date and time the export was completed.| |createdBy|[identitySet](../resources/identityset.md)| The user who initiated the export operation.| |createdDateTime|DateTimeOffset| The date and time the export was created.| |description|String| The description provided for the export.|
-|exportOptions|microsoft.graph.security.exportOptions| The options provided for the export. For more details, see [reviewSet: export](../api/security-ediscoveryreviewset-export.md). Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo`, `tags`.|
+|exportFileMetaData | [microsoft.graph.security.ediscoveryExportFileMetadata](../resources/security-ediscoveryexportfilemetadata.md)| Contains the properties for an export file metadata, including **downloadUrl**, **fileName**, and **size**. If you export to an Azure storage location, this property returns empty. |
+|exportOptions|microsoft.graph.security.exportOptions| The options provided for the export. For more details, see [reviewSet: export](../api/security-ediscoveryreviewset-export.md). Possible values are: `originalFiles`, `text`, `pdfReplacement`, `fileInfo`, `tags`. The `fileInfo` member is deprecated and will stop returning data on April 30th, 2023. Going forward, the summary and load file are always included. |
|exportStructure|microsoft.graph.security.exportFileStructure|The options provided that specify the structure of the export. For more details, see [reviewSet: export](../api/security-ediscoveryreviewset-export.md). Possible values are: `none`, `directory`, `pst`.| |id|String| The ID for the operation. Read-only. | |outputName|String| The name provided for the export.| |percentProgress|Int32| The progress of the operation.| |resultInfo|[resultInfo](../resources/resultinfo.md)|Contains success and failure-specific result information. Inherited from [caseOperation](../resources/ediscovery-caseoperation.md).| |status|[microsoft.graph.security.caseOperationStatus](../resources/security-caseoperation.md#caseoperationstatus-values)| The status of the case operation. Possible values are: `notStarted`, `submissionFailed`, `running`, `succeeded`, `partiallySucceeded`, `failed`.|
+|azureBlobContainer (deprecated)|String| The name of the Azure storage location where the export is stored. This only applies to exports stored in your own Azure storage location. The **azureBlobContainer** property is deprecated and will stop returning data on April 30th, 2023. |
+|azureBlobToken (deprecated)|String| The SAS token for the Azure storage location. This only applies to exports stored in your own Azure storage location. The **azureBlobToken** property is deprecated and will stop returning data on April 30th, 2023. |
+|outputFolderId (deprecated) | String | The output folder ID. The **outputFolderId** property is deprecated and will stop returning data on April 30th, 2023.
### exportOptions values
Inherits from [caseOperation](../resources/security-caseoperation.md).
|originalFiles|Include original files in native format. For example: docx, xlsx, pptx, doc, xlst, pptm, etc.| |text|Include extracted text from the original files.| |pdfReplacement|Replace original file with PDF version when available.|
-|fileInfo|Include metadata of original files in a load file.|
|tags|Include tag information in fileInfo.|
+|fileInfo (deprecated) |Include metadata of original files in a load file. The `fileInfo` member is deprecated and will stop returning data on April 30th, 2023. Going forward, the summary and load file are always included. |
### exportFileStructure values
Inherits from [caseOperation](../resources/security-caseoperation.md).
|reviewSet|[microsoft.graph.security.ediscoveryReviewSet](../resources/security-ediscoveryreviewset.md)| Review set from where documents are exported.| |reviewSetQuery|[microsoft.graph.security.ediscoveryReviewSetQuery](../resources/security-ediscoveryreviewsetquery.md)|The review set query which is used to filter the documents for export.| + ## JSON representation The following is a JSON representation of the resource. <!-- {
The following is a JSON representation of the resource.
"openType": false } -->+ ``` json { "@odata.type": "#microsoft.graph.security.ediscoveryExportOperation",
- "id": "String (identifier)",
- "createdDateTime": "String (timestamp)",
- "completedDateTime": "String (timestamp)",
"action": "String",
+ "azureBlobContainer": "String",
+ "azureBlobToken": "String",
+ "completedDateTime": "String (timestamp)",
"createdBy": { "@odata.type": "microsoft.graph.identitySet" },
- "percentProgress": "Integer",
- "status": "String",
+ "createdDateTime": "String (timestamp)",
+ "description": "String",
+ "exportFileMetadata": {
+ "@odata.type": "microsoft.graph.security.ediscoveryExportFileMetadata"
+ },
+ "exportOptions": "String",
+ "exportStructure": "String",
+ "id": "String (identifier)",
+ "outputFolderId": "String",
+ "outputName": "String",
+ "percentProgress": "Int32",
"resultInfo": { "@odata.type": "microsoft.graph.resultInfo" },
- "outputName": "String",
- "description": "String",
- "outputFolderId": "String",
- "azureBlobContainer": "String",
- "azureBlobToken": "String",
- "exportOptions": "String",
- "exportStructure": "String"
+ "status": "String"
} ```-
v1.0 Service Communications Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/service-communications-api-overview.md
For more information on access tokens, app registration, and delegated and appli
Delegated permissions are needed to access the service communications API on behalf of a signed-in user. Customer-facing canvas applications, such as the [Microsoft 365 admin center](https://admin.microsoft.com/Adminportal/Home?source=applauncher#/homepage) (accessible only to admin roles), can call the service communications API to get the service health and service announcements data for the signed-in user's tenant, _on behalf of the signed-in user_. Users can find out whether their subscribed services are healthy or have issues. They can also learn about any current service issues affecting their tenants.
+#### Role-based access control for delegation access
+
+The service communications API applies role-based access control (RBAC) to identify whether the signed-in user who is on-behalf of has a required Azure Active Directory (Azure AD) role. The signed-in user who is on-behalf of must have at least one of the admin roles.
+
+For more information about the AZure AD administrator roles, see:
+* [About admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/about-admin-roles)
+* [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference)
+* [Roles in Microsoft 365, including Azure AD, service-specific and cross-service roles](/azure/active-directory/roles/concept-understand-roles#how-azure-ad-roles-are-different-from-other-microsoft-365-roles)
+ ### Access service communications API without user Application permissions are needed to access the service communications API without a signed-in user. Applications that run as backend services, such as monitoring or alert services, can call the service communications API with their own identity and not on behalf of a user. These backend services can build custom monitoring/alert pipelines and call the service communications API to get service health and service announcements data.
That service communications API is available in all Microsoft national cloud dep
|Microsoft Graph global service| https://graph.microsoft.com/beta/admin/serviceAnnouncement/| |Microsoft Graph for US Government L4 (GccHigh)|https://graph.microsoft.us/beta/admin/serviceAnnouncement/| |Microsoft Graph for US Government L5 (DoD)|https://dod-graph.microsoft.us/beta/admin/serviceAnnouncement/|
-|Microsoft Graph Germany|https://graph.microsoft.de/beta/admin/serviceAnnouncement/|
|Microsoft Graph China operated by 21Vianet|https://microsoftgraph.chinacloudapi.cn/beta/admin/serviceAnnouncement/| ## Service communications limits
v1.0 Servicestoragequotabreakdown https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/servicestoragequotabreakdown.md
+
+ Title: "serviceStorageQuotaBreakdown resource type"
+description: "Represents a proportion of the unified storage quota associated with a specific service."
+
+ms.localizationpriority: medium
++
+# serviceStorageQuotaBreakdown resource type
+
+Namespace: microsoft.graph
++
+Represents a proportion of the unified storage quota associated with a specific service.
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[List serviceStorageQuotaBreakdown](../api/unifiedstoragequota-list-services.md)| [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) collection|Get a list of services in the serviceStorageQuotaBreakdown.|
+|[Get serviceStorageQuotaBreakdown](../api/servicestoragequotabreakdown-get.md)|[serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md)|Read the properties and relationships of a [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) object.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|displayName|String|The service breakdown name displayed to users. Localized. Read-only.|
+|id|String|The service breakdown id. Read-only.|
+|manageWebUrl|String|A URL that can be used in a browser to manage the service breakdown. Read-only.|
+|used|Int64|The number of bytes this service breakdown is consuming. Read-only.|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.serviceStorageQuotaBreakdown",
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.serviceStorageQuotaBreakdown",
+ "id": "String (identifier)",
+ "displayName": "String",
+ "manageWebUrl": "String",
+ "used": "Integer"
+}
+```
+
v1.0 Signinactivity https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/signinactivity.md
Namespace: microsoft.graph
[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
-Provides the last interactive or non-interactive sign-in time for a specific [user](user.md). Since signInActivity describes a property of the user object, Azure AD stores signinactivity for your users for as long as the user objects exist.
+Provides the last interactive or non-interactive sign-in time for a specific [user](user.md). Since signInActivity describes a property of the user object, Azure AD stores signinactivity for your users for as long as the user object exists.
## Properties
The following is a JSON representation of the resource.
```json {
+ "@odata.type": "#microsoft.graph.signInActivity",
"lastSignInDateTime": "String (timestamp)", "lastSignInRequestId": "String", "lastNonInteractiveSignInDateTime": "String (timestamp)",
v1.0 Smsauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/smsauthenticationmethodconfiguration.md
Title: "smsAuthenticationMethodConfiguration resource type" description: "Represents a Text Message authentication methods policy."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: resourcePageType
Namespace: microsoft.graph
Represents a Text Message authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description| |:|:|:|
v1.0 Smsauthenticationmethodtarget https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/smsauthenticationmethodtarget.md
Title: "smsAuthenticationMethodTarget resource type" description: "A collection of groups enabled to use Text Message authentication methods policy."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: resourcePageType
v1.0 Softwareoathauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/softwareoathauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents the authentication policy for a third-party software OATH authentication method. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
## Methods |Method|Return type|Description|
v1.0 Subscription https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/subscription.md
For the possible resource path values for each supported resource, see [Use the
| **presence** | 60 minutes (1 hour) | | Print **printer** | 4230 minutes (under 3 days) | | Print **printTaskDefinition** | 4230 minutes (under 3 days) |
-| **todoTask** | 4230 minutes (under 3 days) |
+| **todoTask** | 4230 minutes (under 3 days)<br/><br/>**Note:** Webhooks for this resources are only available in the worldwide endpoint and no other national clouds. |
| **baseTask** (deprecated) | 4230 minutes (under 3 days) |
Here is a JSON representation of the resource.
"notificationContentType": "String", "notificationUrlAppId": "String" }
-```
+```
v1.0 Teamtemplate https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamtemplate.md
Namespace: microsoft.graph
Represents a logical container for all the definitions and versions of the same team template.
-> **Note**: This API is currently in private preview only. When it reaches public preview, we will publish a blog post announcement on the [Microsoft 365 Developer blog](https://devblogs.microsoft.com/microsoft365dev/).
## Methods
v1.0 Teamtemplatedefinition https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamtemplatedefinition.md
Generic representation of a team template definition for a team with a specific
Inherits from [entity](../resources/entity.md).
-> **Note**: This API is currently in private preview only. When it reaches public preview, we will publish a blog post announcement on the [Microsoft 365 Developer blog](https://devblogs.microsoft.com/microsoft365dev/).
- ## Methods |Method|Return type|Description|
v1.0 Teamworktag https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/teamworktag.md
When a tag is added, users can @mention it in a channel. Everyone who has been a
## Properties |Property|Type|Description| |:|:|:|
-|description|String|Tag description as it will appear to the user in Microsoft Teams.|
+|description|String|Tag description as it will appear to the user in Microsoft Teams. A **teamworkTag** can't have more than 200 **teamworkTagMembers**.|
|displayName|String|Tag name as it will appear to the user in Microsoft Teams.| |id|String|ID of the tag.| |memberCount|Int32|The number of users assigned to the tag.|
The following is a JSON representation of the resource.
``` ## See also-- [teamworkTagMember](../resources/teamworktagmember.md)
+- [teamworkTagMember](../resources/teamworktagmember.md)
v1.0 Temporaryaccesspassauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/temporaryaccesspassauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a Temporary Access Pass authentication methods policy that defines the configuration settings and users or groups who are enabled to use the [Temporary Access Pass authentication method](temporaryaccesspassauthenticationmethod.md).
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description| |:|:|:|
v1.0 Tokenlifetimepolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/tokenlifetimepolicy.md
Inherits from [stsPolicy](stsPolicy.md).
| Method | Return Type | Description | |:-|:|:|
+| [List tokenLifetimePolicies](../api/tokenlifetimepolicy-list.md) | [tokenLifetimePolicy](tokenlifetimepolicy.md) | Read properties and relationships of tokenLifetimePolicies objects. |
| [Create tokenLifetimePolicy](../api/tokenlifetimepolicy-post-tokenlifetimepolicies.md) | [tokenLifetimePolicy](tokenlifetimepolicy.md) | Create a tokenLifetimePolicy object. | | [Get tokenLifetimePolicy](../api/tokenlifetimepolicy-get.md) | [tokenLifetimePolicy](tokenlifetimepolicy.md) | Read properties and relationships of a tokenLifetimePolicy object. |
-| [List tokenLifetimePolicies](../api/tokenlifetimepolicy-list.md) | [tokenLifetimePolicy](tokenlifetimepolicy.md) | Read properties and relationships of tokenLifetimePolicies objects. |
| [Update tokenLifetimePolicy](../api/tokenlifetimepolicy-update.md) | None | Update a tokenLifetimePolicy object. | | [Delete tokenLifetimePolicy](../api/tokenlifetimepolicy-delete.md) | None | Delete a tokenLifetimePolicy object. | | [List appliesTo](../api/tokenlifetimepolicy-list-appliesto.md) | [directoryObject](directoryobject.md) collection | Get the list of directoryObjects that this policy has been applied to. |
Inherits from [stsPolicy](stsPolicy.md).
| Property | Type | Description | |:-|:|:| |id|String| Unique identifier for this policy. Read-only.|
-|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. See below for more details about the JSON schema for this property. Required.|
+|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. For more information about the JSON schema for this property, see [Properties of a token lifetime policy definition](#properties-of-a-token-lifetime-policy-definition). Required.|
|description|String| Description for this policy.| |displayName|String| Display name for this policy. Required.| |isOrganizationDefault|Boolean|If set to `true`, activates this policy. There can be many policies for the same policy type, but only one can be activated as the organization default. Optional, default value is `false`.| ### Properties of a token lifetime policy definition+ The properties below form the JSON object that represents a token lifetime policy. This JSON object must be **converted to a string with quotations escaped** to be inserted into the **definition** property. An example is shown below in JSON format: <!-- {
v1.0 Unifiedstoragequota https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/unifiedstoragequota.md
+
+ Title: "unifiedStorageQuota resource type"
+description: Provides an aggregate view of a user's quota information across multiple services.
+
+ms.localizationpriority: medium
++
+# unifiedStorageQuota resource type
+
+Namespace: microsoft.graph
++
+Provides an aggregate view of a user's quota information across multiple services.
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[Get unifiedStorageQuota](../api/unifiedstoragequota-get.md)|[unifiedStorageQuota](../resources/unifiedstoragequota.md)|Read the properties and relationships of a [unifiedStorageQuota](../resources/unifiedstoragequota.md) object.|
+|[List serviceStorageQuotaBreakdown](../api/unifiedstoragequota-list-services.md)| [serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) collection|Get the list of services in a **serviceStorageQuotaBreakdown**.|
+
+## Properties
+
+|Property|Type|Description|
+|:|:|:|
+|id|String|The user IF.|
+|manageWebUrl|String| A URL that can be used in a browser to manage the breakdown. Read-only. |
+|remaining|Int64| Total space remaining before reaching the quota limit in bytes. |
+|state|usqState| Indicates the state of the storage space. The possible values are: `normal`, `nearing`, `critical`, `full`, and `overLimit`.|
+|total|Int64| Total allowed storage space in bytes. |
+|used|Int64| Total space used in bytes. |
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|services|[serviceStorageQuotaBreakdown](../resources/servicestoragequotabreakdown.md) collection| The breakdown of services contributing to the user's quota usage. |
++
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.unifiedStorageQuota",
+ "baseType": "microsoft.graph.entity",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.unifiedStorageQuota",
+ "id": "String",
+ "manageWebUrl": "String",
+ "remaining": "Integer",
+ "state": "normal | nearing | critical | full | overLimit",
+ "total": "Integer",
+ "used": "Integer"
+}
+```
+
v1.0 User https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/user.md
This resource supports:
| [Get deleted user](../api/directory-deleteditems-get.md) | [directoryObject](directoryobject.md) collection | Retrieve a deleted user by ID. | | [Restore deleted user](../api/directory-deleteditems-delete.md) | [directoryObject](directoryobject.md) collection | Restore a user deleted in the tenant in the last 30 days. | | [Permanently delete user](../api/directory-deleteditems-restore.md) | [directoryObject](directoryobject.md) collection | Permanently delete a deleted user from the tenant. |
-| [activateServicePlan](../api/user-activateserviceplan.md) (deprecated) | None | Activate a service with a given `servicePlanId` and `skuId` for a given [user](user.md). |
| **Drive** ||| | [Get drive](../api/drive-get.md) | [drive](drive.md) | Retrieve the properties and relationships of a Drive resource. | | [List children](../api/driveitem-list-children.md) | [DriveItems](driveitem.md) | Return a collection of DriveItems in the children relationship of a DriveItem. |
This resource supports:
| showInAddressList | Boolean | **Do not use in Microsoft Graph. Manage this property through the Microsoft 365 admin center instead.** Represents whether the user should be included in the Outlook global address list. See [Known issue](/graph/known-issues#showinaddresslist-property-is-out-of-sync-with-microsoft-exchange).| | signInSessionsValidFromDateTime | DateTimeOffset | Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications will get an error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as Microsoft Graph). If this happens, the application will need to acquire a new refresh token by making a request to the authorize endpoint. Read-only. Use [revokeSignInSessions](../api/user-revokesigninsessions.md) to reset.| | skills | String collection | A list for the user to enumerate their skills. <br><br>Returned only on `$select`. |
-| signInActivity | [signInActivity](signinactivity.md) | Get the last signed-in date and request ID of the sign-in for a given user. Read-only.<br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but*, not with any other filterable properties. **Note:** Details for this property require an Azure AD Premium P1/P2 license and the **AuditLog.Read.All** permission.<br><br>**Note:** <br/><li>There's a [known issue](/graph/known-issues#license-check-errors-for-azure-ad-activity-reports) with retrieving this property.<li>This property is not returned for a user who has never signed in or last signed in before April 2020.|
+| signInActivity | [signInActivity](signinactivity.md) | Get the last signed-in date and request ID of the sign-in for a given user. Read-only.<br><br>Returned only on `$select`. Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but* not with any other filterable properties. <br><br>**Note:** <br/><li> Details for this property require an Azure AD Premium P1/P2 license and the **AuditLog.Read.All** permission.<li>There's a [known issue](/graph/known-issues#license-check-errors-for-azure-ad-activity-reports) with retrieving this property.<li>This property is not returned for a user who has never signed in or last signed in before April 2020.|
| state | String | The state or province in the user's address. Maximum length is 128 characters. <br><br>Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values). | | streetAddress | String | The street address of the user's place of business. Maximum length is 1024 characters. <br><br>Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values).| | surname | String | The user's surname (family name or last name). Maximum length is 64 characters. <br><br>Supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`, `in`, `startsWith`, and `eq` on `null` values). |
v1.0 Voiceauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/voiceauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a voice call authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method. - Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md). ## Methods
v1.0 X509certificateauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/beta/resources/x509certificateauthenticationmethodconfiguration.md
Inherits from [authenticationMethodConfiguration](../resources/authenticationmet
## Properties |Property|Type|Description| |:|:|:|
-|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|authenticationModeConfiguration|[x509CertificateAuthenticationModeConfiguration](../resources/x509certificateauthenticationmodeconfiguration.md)|Defines strong authentication configurations. This configuration includes the default authentication mode and the different rules for strong authentication bindings. |
+|certificateUserBindings|[x509CertificateUserBinding](../resources/x509certificateuserbinding.md) collection|Defines fields in the X.509 certificate that map to attributes of the Azure AD user object in order to bind the certificate to the user. The **priority** of the object determines the order in which the binding is carried out. The first binding that matches will be used and the rest ignored. |
|id|String|The identifier for the authentication method policy. The value is always `X509Certificate`. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|state|authenticationMethodState|The possible values are: `enabled`, `disabled`. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).|
-|certificateUserBindings|[x509CertificateUserBinding](../resources/x509certificateuserbinding.md) collection|Defines fields in the X.509 certificate that map to attributes of the Azure AD user object in order to bind the certificate to the user. The **priority** of the object determines the order in which the binding is carried out. The first binding that matches will be used and the rest ignored. |
-|authenticationModeConfiguration|[x509CertificateAuthenticationModeConfiguration](../resources/x509certificateauthenticationmodeconfiguration.md)|Defines strong authentication configurations. This configuration includes the default authentication mode and the different rules for strong authentication bindings. |
## Relationships
v1.0 Appmanagementpolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appManagementPolicy-delete.md
+
+ Title: "Delete appManagementPolicy"
+description: "Delete an application management policy."
+ms.localizationpriority: medium
+++
+# Delete appManagementPolicy
+
+Namespace: microsoft.graph
++
+Delete an [appManagementPolicy](../resources/appManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+DELETE /policies/appManagementPolicies/{id}
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
++
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_appManagementPolicy"
+}-->
+
+```http
+DELETE https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}
+```
++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": false
+} -->
+
+```http
+HTTP/1.1 204 No Content
+
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "delete appManagementPolicy",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appManagementPolicy-list-appliesTo.md
+
+ Title: "List appliesTo"
+description: "List application or service principal resources assigned to an application management policy."
+ms.localizationpriority: medium
+++
+# List appliesTo
+
+Namespace: microsoft.graph
+
+List application and service principal objects that are assigned an [appManagementPolicy](../resources/appManagementPolicy.md) policy object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
+| Delegated (work or school account) | Application.Read.All and Policy.Read.All, Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Application.Read.All and Policy.Read.All, Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /policies/appManagementPolicies/{id}/appliesTo
+```
+
+## Optional query parameters
+
+This method supports the `$select`, `$filter`, and `$top` OData query parameters to help customize the response. You can apply `$filter` on properties of [application](../resources/application.md) or [servicePrincipal](../resources/serviceprincipal.md) objects that support `$filter`. For example, the following query retrieves the **appId** and **displayName** of applications or service principals that are assigned the policy.
+
+``` http
+https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}/appliesTo?$select=appId,displayName
+```
+
+For general information, see [OData query parameters](/graph/query-parameters).
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [appManagementPolicy](../resources/appManagementPolicy.md) objects in the response body.
+
+## Examples
+
+### Example 1: Get applications and service principal objects applied to an app management policy
+
+#### Request
+
+The following is an example of the request.
+++
+<!-- {
+ "blockType": "request",
+ "name": "list_appManagementPolicyAppliesTo"
+}-->
+
+```http
+GET https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}/appliesTo
+```
++
+#### Response
+
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.appManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.application",
+ "id": "0d77e011-2fc6-438f-8b93-decb4f926929",
+ "appId": "8f527de6-05c9-4032-bca9-b2b56ab2358a",
+ "displayName": "TestApp1",
+ "createdDateTime": "2018-01-24T05:55:37Z"
+ }
+ ]
+}
+```
+
+### Example 2: Get specific properties of applications and service principal objects applied to an app management policy using $select query option
+
+#### Request
+
+The following is an example of the request using $select query option.
+
+<!-- {
+ "blockType": "request",
+ "name": "list_appManagementPolicyAppliesTo_select"
+}-->
+
+```http
+GET https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}/appliesTo?$select=id,appId,displayName,createdDateTime
+```
+
+#### Response
+
+The following is an example of the response that returns `id`, `appId`, `displayName` and `createdDateTime` of applications and service principals where the policy is applied.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.appManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects(id,appId,displayName,createdDateTime)",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.application",
+ "id": "0d77e011-2fc6-438f-8b93-decb4f926929",
+ "appId": "8f527de6-05c9-4032-bca9-b2b56ab2358a",
+ "displayName": "TestApp1",
+ "createdDateTime": "2018-01-24T05:55:37Z"
+ },
+ {
+ "@odata.type": "#microsoft.graph.servicePrincipal",
+ "id": "0e1fa067-dcc1-4d85-9b4c-e69145dd3efb",
+ "appId": "255912cb-e31d-4dee-bee4-3fa5d774d6b9",
+ "displayName": "TestApp2",
+ "createdDateTime": "2018-01-24T05:55:37Z"
+ }
+ ]
+}
+```
++
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "list resources for appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appManagementPolicy-update.md
+
+ Title: "Update appManagementPolicy"
+description: "Update an application management policy."
+ms.localizationpriority: medium
+++
+# Update appManagementPolicy
+
+Namespace: microsoft.graph
+
+Update an [appManagementPolicy](../resources/appManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+PATCH /policies/appManagementPolicies/{id}
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
++
+| Property | Type | Description |
+| :-- | :-- | : |
+| displayName | String | The display name of the policy. Inherited from [policyBase](../resources/policybase.md). |
+| description | String | The description of the policy. Inherited from [policyBase](../resources/policybase.md). |
+| isEnabled | Boolean | Denotes whether the policy is enabled. |
+| restrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. |
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+
+<!-- {
+ "blockType": "request",
+ "name": "update_appManagementPolicy"
+}-->
+
+```http
+PATCH https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}
+
+{
+ "isEnabled": false
+}
+
+```
+
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "update appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Application Delete Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-delete-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```http
-DELETE https://graph.microsoft.com/v1.0/applications/{id}/tokenLifetimePolicies/{id}/$ref
+DELETE https://graph.microsoft.com/v1.0/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4/$ref
``` # [C#](#tab/csharp)
v1.0 Application List Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-list-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/applications/acc848e9-e8ec-4feb-a521-8d58b5482e09/tokenLifetimePolicies
+GET https://graph.microsoft.com/v1.0/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies
``` # [C#](#tab/csharp)
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#Collection(microsoft.graph.tokenLifetimePolicy)",
+ "value": [
+ {
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"5:30:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
+ }
+ ]
} ```
v1.0 Application Post Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/application-post-tokenlifetimepolicies.md
The following is an example of the request.
}--> ```http
-POST https://graph.microsoft.com/v1.0/applications/{id}/tokenLifetimePolicies/$ref
+POST https://graph.microsoft.com/v1.0/applications/3ccc9971-9ae7-45d6-8de8-263fd25fe116/tokenLifetimePolicies/$ref
Content-Type: application/json {
- "@odata.id":"https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/cd3d9b57-0aee-4f25-8ee3-ac74ef5986a9"
+ "@odata.id":"https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4"
} ```
v1.0 Appmanagementpolicy Delete Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-delete-appliesto.md
+
+ Title: "Remove appliesTo"
+description: "Remove an appManagementPolicy from an application or service principal object."
+ms.localizationpriority: medium
+++
+# Remove appliesTo
+
+Namespace: microsoft.graph
+
+Remove an [appManagementPolicy](../resources/appManagementPolicy.md) policy object from an application or service principal object. When you remove the appManagementPolicy, the application or service principal adopts the tenant-wide [tenantAppManagementPolicy](../resources/tenantappmanagementpolicy.md) setting.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
+| Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+DELETE /applications/{id}/appManagementPolicies/$ref
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
+
+In the request body, provide a reference to a single policy object from the [appManagementPolicies](../resources/appmanagementpolicy.md) collection.
+
+## Response
+
+If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Example 1: Remove an appManagementPolicy from an application object
+
+#### Request
+
+The following is an example of the request to remove an appManagementPolicy from an application.
+
+<!-- {
+ "blockType": "request",
+ "name": "remove_appliesTo"
+}-->
+
+```http
+DELETE https://graph.microsoft.com/v1.0/applications/{id}/appManagementPolicies/$ref
+Content-type: application/json
+
+{
+ "@odata.id":"https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}"
+}
+```
+
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+### Example 2: Remove an appManagementPolicy from a service principal object
+
+#### Request
+
+The following is an example of the request to remove an appManagementPolicy from a service principal.
+
+<!-- {
+ "blockType": "request",
+ "name": "remove_appliesTo"
+}-->
+
+``` http
+DELETE https://graph.microsoft.com/v1.0/servicePrincipals/{id}/appManagementPolicies/$ref
+
+{
+ "@odata.id":"https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}"
+}
+```
++
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "list resources for appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-get.md
+
+ Title: "Get appManagementPolicy"
+description: "Get an application management policy."
+ms.localizationpriority: medium
+++
+# Get appManagementPolicy
+
+Namespace: microsoft.graph
+
+Read the properties of an [appManagementPolicy](../resources/appManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /policies/appManagementPolicies/{id}
+```
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a single [appManagementPolicy](../resources/appManagementPolicy.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request. From the response, the app management policy defines the following restrictions for application and service principal objects:
+
+- Blocks creating of new passwords after 2019-10-19 at 10:37 AM UTC time.
+- Limits password secrets for apps created after 2019-10-19 at 10:37 AM UTC time to less than 4 days, 12 hours, 30 minutes and 5 seconds.
+
+<!-- {
+ "blockType": "request",
+ "name": "get_appManagementPolicy"
+}-->
+
+```http
+GET https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}
+```
+
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.appManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/appManagementPolicies",
+ "value": [
+ {
+ "id": "db9d4b58-3488-4da4-9994-49773c454e33",
+ "displayName": "Custom app management policy",
+ "description": "Custom policy that enforces app management restrictions on specific applications and service principals.",
+ "isEnabled": false,
+ "restrictions": {
+ "passwordCredentials": [
+ {
+ "restrictionType": "passwordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "passwordLifetime",
+ "maxLifetime": "P4DT12H30M5S",
+ "restrictForAppsCreatedAfterDateTime": "2017-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2021-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyLifetime",
+ "maxLifetime": "P4D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ],
+ "keyCredentials": [
+ {
+ "restrictionType": "asymmetricKeyLifetime",
+ "maxLifetime": "P90D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ]
+ }
+ }
+ ]
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "get appManagementPolicy",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-list.md
+
+ Title: "List appManagementPolicies"
+description: "Get a list of application management policies."
+ms.localizationpriority: medium
+++
+# List appManagementPolicies
+
+Namespace: microsoft.graph
+
+Retrieve a list of [appManagementPolicy](../resources/appManagementPolicy.md) objects.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+
+## Optional query parameters
+
+This method supports the `$select`, `$filter`, and `$top` OData query parameters to help customize the response. For general information, see [OData query parameters](/graph/query-parameters).
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /policies/appManagementPolicies
+```
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [appManagementPolicy](../resources/appManagementPolicy.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+
+<!-- {
+ "blockType": "request",
+ "name": "list_appManagementPolicies"
+}-->
+
+```http
+GET https://graph.microsoft.com/v1.0/policies/appManagementPolicies
+```
+++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.appManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/appManagementPolicies",
+ "value": [
+ {
+ "id": "db9d4b58-3488-4da4-9994-49773c454e33",
+ "displayName": "Custom app management policy",
+ "description": "Custom policy that enforces app management restrictions on specific applications and service principals.",
+ "isEnabled": false,
+ "restrictions": {
+ "passwordCredentials": [
+ {
+ "restrictionType": "passwordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "passwordLifetime",
+ "maxLifetime": "P4DT12H30M5S",
+ "restrictForAppsCreatedAfterDateTime": "2017-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2021-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyLifetime",
+ "maxLifetime": "P4D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ],
+ "keyCredentials": [
+ {
+ "restrictionType": "asymmetricKeyLifetime",
+ "maxLifetime": "P90D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ]
+ }
+ }
+ ]
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "get appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy Post Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-post-appliesto.md
+
+ Title: "Assign appliesTo"
+description: "Assign an appManagementPolicy to an application or service principal object."
+ms.localizationpriority: medium
+++
+# Assign appliesTo
+
+Namespace: microsoft.graph
+
+Assign an [appManagementPolicy](../resources/appManagementPolicy.md) policy object to an application or service principal object. The application or service principal adopts this policy over the tenant-wide [tenantAppManagementPolicy](../resources/tenantappmanagementpolicy.md) setting. Only one policy object can be assigned to an application or service principal.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | :-- |
+| Delegated (work or school account) | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Application.Read.All and Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+POST /applications/{id}/appManagementPolicies/$ref
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+## Request body
+
+In the request body, provide a reference to a single policy object from the [appManagementPolicies](../resources/appmanagementpolicy.md) collection.
+
+## Response
+
+If successful, this method returns `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Example 1: Assign an appManagementPolicy to an application object
+
+#### Request
+
+The following is an example of the request to assign an appManagementPolicy to an application.
++
+<!-- {
+ "blockType": "request",
+ "name": "assign_appliesTo"
+}-->
+
+```http
+POST https://graph.microsoft.com/v1.0/applications/{id}/appManagementPolicies/$ref
+Content-type: application/json
+
+{
+ "@odata.id":"https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}"
+}
+```
+
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+### Example 2: Assign an appManagementPolicy to a service principal object
+
+#### Request
+
+The following is an example of the request to assign an appManagementPolicy to a service principal.
+
+<!-- {
+ "blockType": "request",
+ "name": "assign_appliesTo"
+}-->
+
+``` http
+POST https://graph.microsoft.com/v1.0/servicePrincipals/{id}/appManagementPolicies/$ref
+
+{
+ "@odata.id":"https://graph.microsoft.com/v1.0/policies/appManagementPolicies/{id}"
+}
+```
+
+#### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "list resources for appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Appmanagementpolicy Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/appmanagementpolicy-post.md
+
+ Title: "Create appManagementPolicy"
+description: "Create an application management policy."
+ms.localizationpriority: medium
+++
+# Create appManagementPolicy
+
+Namespace: microsoft.graph
+
+Create an [appManagementPolicy](../resources/appManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+POST /policies/appManagementPolicies
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
+
+## Request body
+
+In the request body, supply a JSON representation of the [appManagementPolicy](../resources/appmanagementpolicy.md) object.
+
+You can specify the following properties when creating an **appManagementPolicy**.
+
+| Property | Type | Description |
+| :-- | :- | : |
+| displayName | String | The display name of the policy. Required. |
+| description | String | The description of the policy. Required. |
+| isEnabled | Boolean | Denotes whether the policy is enabled. Optional. |
+| restrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. Optional. |
+
+## Response
+
+If successful, this method returns a `201 Created` response code with the new [appManagementPolicy ](../resources/appmanagementpolicy.md) object in the response payload.
+
+## Examples
+
+### Request
+
+The following is an example of the request. This request created an app management policy with the following settings:
+
+- Enables the policy.
+- Blocks creating of new passwords for applications and service principals created on or after 2019-10-19 at 10:37 AM UTC time.
+- Enforces lifetime on password secrets and key credentials for applications created on or after 2014-10-19 at 10:37 AM UTC time.
+- Limits password secrets for apps and service principals created after 2019-10-19 at 10:37 AM UTC time to less than 4 days, 12 hours, 30 minutes and 5 seconds.
+
+<!-- {
+ "blockType": "request",
+ "name": "create_appManagementPolicy"
+}-->
+
+```http
+POST https://graph.microsoft.com/v1.0/policies/appManagementPolicies
+
+{
+ "displayName": "Credential management policy",
+ "description": "Cred policy sample",
+ "isEnabled": true,
+ "restrictions": {
+ "passwordCredentials": [
+ {
+ "restrictionType": "passwordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "passwordLifetime",
+ "maxLifetime": "P4DT12H30M5S",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyLifetime",
+ "maxLifetime": "P4D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ],
+ "keyCredentials": [
+ {
+ "restrictionType": "asymmetricKeyLifetime",
+ "maxLifetime": "P90D",
+ "restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
+ }
+ ]
+ }
+}
+
+```
+++
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.appManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/appManagementPolicies/$entity",
+ "id": "a4ab1ed9-46bb-4bef-88d4-86fd6398dd5d",
+ "displayName": "credential management policy",
+ "description": "Lorem ipsum",
+ "isEnabled": true,
+ "restrictions": {
+ "passwordCredentials": [
+ {
+ "restrictionType": "passwordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
+ },
+ {
+ "restrictionType": "passwordLifetime",
+ "maxLifetime": "P4DT12H30M5S",
+ "restrictForAppsCreatedAfterDateTime": "2018-10-19T10:37:00Z"
+ }
+ ]
+ }
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "create appManagementPolicies",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Authenticationmethod Resetpassword https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationmethod-resetpassword.md
Content-type: application/json
} ```
+# [C#](#tab/csharp)
+ # [JavaScript](#tab/javascript) [!INCLUDE [sample-code](../includes/snippets/javascript/passwordauthenticationmethod-resetpassword-adminprovided-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
Content-type: application/json
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+ #### Response
The following is an example of the request.
POST https://graph.microsoft.com/v1.0/users/6ea91a8d-e32e-41a1-b7bd-d2d185eed0e0/authentication/methods/28c10230-6103-485e-b985-444c60001490/resetPassword ```
+# [C#](#tab/csharp)
+ # [JavaScript](#tab/javascript) [!INCLUDE [sample-code](../includes/snippets/javascript/passwordauthenticationmethod-resetpassword-systemgenerated-javascript-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
POST https://graph.microsoft.com/v1.0/users/6ea91a8d-e32e-41a1-b7bd-d2d185eed0e0
[!INCLUDE [sample-code](../includes/snippets/jav)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+ #### Response
v1.0 Authenticationmethodspolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationmethodspolicy-get.md
Title: "Get authenticationMethodsPolicy" description: "Read the properties and relationships of an authenticationMethodsPolicy object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
Content-Type: application/json
"targetType": "group", "id": "all_users", "isRegistrationRequired": false,
- "authenticationMode": "any"
+ "authenticationMode": "any",
+ "outlookMobileAllowedState": "default",
+ "displayAppInformationRequiredState": "default",
+ "numberMatchingRequiredState": "default"
+ }
+ ]
+ },
+ {
+ "@odata.type": "#microsoft.graph.smsAuthenticationMethodConfiguration",
+ "id": "Sms",
+ "state": "enabled",
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false,
+ "isUsableForSignIn": true
+ }
+ ]
+ },
+ {
+ "@odata.type": "#microsoft.graph.temporaryAccessPassAuthenticationMethodConfiguration",
+ "id": "TemporaryAccessPass",
+ "state": "disabled",
+ "defaultLifetimeInMinutes": 60,
+ "defaultLength": 8,
+ "minimumLifetimeInMinutes": 60,
+ "maximumLifetimeInMinutes": 480,
+ "isUsableOnce": false,
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false
} ] },
v1.0 Authenticationmethodspolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/authenticationmethodspolicy-update.md
Title: "Update authenticationMethodsPolicy" description: "Update the properties of an authenticationMethodsPolicy object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
PATCH /policies/authenticationMethodsPolicy
|Content-Type|application/json. Required.| ## Request body
-In the request body, supply a JSON representation of the [authenticationMethodConfigurations](../resources/authenticationmethodconfiguration.md) object to prompt users to set up targeted authentication methods.
+
+|Property|Type|Description|
+|:|:|:|
+|registrationEnforcement|[registrationEnforcement](../resources/registrationenforcement.md)|Enforce registration at sign-in time. This property can be used to prompt users to set up targeted authentication methods.|
## Response
-If successful, this method returns a `204 No Content` response code.
+If successful, this method returns a `200 OK` response code and an [authenticationMethodsPolicy](../resources/authenticationmethodspolicy.md) object in the response body.
## Examples
PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy
Content-Type: application/json {
- "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#authenticationMethodsPolicy",
- "registrationEnforcement": {
+ "registrationEnforcement": {
"authenticationMethodsRegistrationCampaign": { "snoozeDurationInDays": 1, "state": "enabled",
Content-Type: application/json
"targetedAuthenticationMethod": "microsoftAuthenticator" } ]
- }
- },
- "authenticationMethodConfigurations": [
- {
- "@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration",
- "id": "Fido2",
- "state": "disabled",
- "isSelfServiceRegistrationAllowed": false,
- "isAttestationEnforced": false,
- "keyRestrictions": {
- "isEnforced": false,
- "enforcementType": "block",
- "aaGuids": []
- }
- }
- ]
+ }
+ }
} ```
Content-Type: application/json
### Response <!-- { "blockType": "response",
- "truncated": true
+ "truncated": true,
+ "@odata.type": "microsoft.graph.authenticationMethodsPolicy"
} --> ``` http
-HTTP/1.1 204 No Content
+HTTP/1.1 200 OK
+Content-Type: application/json
+{
+ "@odata.context": "https://graph.microsoft.com/beta/$metadata#authenticationMethodsPolicy",
+ "id": "authenticationMethodsPolicy",
+ "displayName": "Authentication Methods Policy",
+ "description": "The tenant-wide policy that controls which authentication methods are allowed in the tenant, authentication method registration requirements, and self-service password reset settings",
+ "lastModifiedDateTime": "2021-05-25T01:08:08.6712279Z",
+ "policyVersion": "1.4",
+ "registrationEnforcement": {
+ "authenticationMethodsRegistrationCampaign": {
+ "snoozeDurationInDays": 1,
+ "state": "enabled",
+ "excludeTargets": [],
+ "includeTargets": [
+ {
+ "id": "3ee3a9de-0a86-4e12-a287-9769accf1ba2",
+ "targetType": "group",
+ "targetedAuthenticationMethod": "microsoftAuthenticator"
+ }
+ ]
+ }
+ }
+}
```
v1.0 Calendar List Events https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/calendar-list-events.md
Title: "List events"
-description: "Retrieve a list of events in a calendar. The list contains single instance meetings and series masters."
+description: "Retrieve a list of events in a calendar. The list contains single instance meetings and series masters."
ms.localizationpriority: high ms.prod: "outlook"
doc_type: apiPageType
Namespace: microsoft.graph
-Retrieve a list of events in a calendar. The calendar can be one for a [user](../resources/user.md), or the default calendar of a Microsoft 365 [group](../resources/group.md). The list of events contains single instance meetings and series masters.
+Retrieve a list of events in a calendar. The calendar can be one for a [user](../resources/user.md), or the default calendar of a Microsoft 365 [group](../resources/group.md). The list of events contains single instance meetings and series masters.
To get expanded event instances, you can [get the calendar view](calendar-list-calendarview.md), or [get the instances of an event](event-list-instances.md).
+> [!NOTE]
+> If your target mailbox calendar contains any private items, the caller must either:
+> * Be granted `FullAccess` mailbox permissions over the target mailbox (via the [Add-MailboxPermission](/powershell/module/exchange/add-mailboxpermission) cmdlet).
+> * Be granted the `Delegate` + `CanViewPrivateItems` flags (similar to the previous option, but through the [Add-MailboxFolderPermission](/powershell/module/exchange/add-mailboxfolderpermission) cmdlet). This option routes all meeting requests to the delegate mailbox. For a workaround, see [SharingPermissionFlags](/powershell/module/exchange/add-mailboxfolderpermission?view=exchange-ps#-sharingpermissionflags).
+>
+> Failure to meet these conditions will result in a `The specified object was not found in the store` response.
+ ## Permissions Depending on the type of calendar that the events are in and the permission type (delegated or application) requested, one of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
v1.0 Callrecords Callrecord Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/callrecords-callrecord-get.md
There are two ways to get the **id** of a **callRecord**:
* Subscribe to [change notifications](/graph/api/resources/webhooks?view=graph-rest-1.0&preserve-view=true) to the `/communications/callRecords` endpoint. * Use the **callChainId** property of a [call](../resources/call.md). The call record is available only after the associated call is completed.
+> [!WARNING]
+>
+> A call record is created after a call or meeting ends and will remain available for **30 days**. Requests for call records older than 30 days will receive a `404 Not Found` response.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and the requested [microsoft.graph.callRecords.callRecord](../resources/callrecords-callrecord.md) object in the response body.
+If successful, this method returns a `200 OK` response code and the requested [microsoft.graph.callRecords.callRecord](../resources/callrecords-callrecord.md) object in the response body. A request for a call record older than 30 days will receive a `404 Not Found` response.
## Examples
GET https://graph.microsoft.com/v1.0/communications/callRecords/{id}?$expand=ses
#### Response
-The following is an example of the response. If the sessions list is truncated, a `sessions@odata.nextLink` value will be provided to retrieve the next page of sessions.
+The following is an example of the response. If the sessions list is truncated, a `sessions@odata.nextLink` value will be provided to retrieve the next page of sessions. The default page size for sessions is 60 entries.
> **Note:** The response object shown here might be shortened for readability.
v1.0 Channel List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/channel-list.md
GET /teams/{team-id}/channels
This method supports the $filter and $select [OData query parameters](/graph/query-parameters) to help customize the response.
+### Use $select for better performance
+Populating the **email** property for a channel is an expensive operation that results in slow performance. Use `$select` to exclude the **email** property to improve performance.
+ ## Request headers | Header | Value |
v1.0 Deletedteam Getallmessages https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/deletedteam-getallmessages.md
If successful, this function returns a `200 OK` response code and a [chatMessage
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "deletedteamthis.getallmessages"
The following is an example of a request.
GET https://graph.microsoft.com/v1.0/teamwork/deletedTeams/fbe2bf47-16c8-47cf-b4a5-4b9b187c508b/channels/getAllMessages ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response
v1.0 Directory Deleteditems List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directory-deleteditems-list.md
The OData cast type is a required part of the URI and calling `GET /directory/de
## Optional query parameters
-This method supports the query parameters that are supported by the resource that is specified by the OData cast. That is, `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` query parameters. Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For example:
+This method supports the query parameters that are supported by the resource that is specified by the OData cast. That is, `$count`, `$expand`, `$filter`, `$orderBy`, `$search`, `$select`, and `$top` query parameters. This API returns 100 objects by default and supports returning up to 999 objects per page using `$top`.
+
+Some queries are supported only when you use the **ConsistencyLevel** header set to `eventual` and `$count`. For example:
```http GET https://graph.microsoft.com/beta/directory/deletedItems/microsoft.graph.group?&$count=true&$orderBy=deletedDateTime desc&$select=id,displayName,deletedDateTime
v1.0 Directoryobject Delta https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/directoryobject-delta.md
GET https://graph.microsoft.com/v1.0/directoryObjects/delta?filter=isof('microso
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization with `$filter=isof('{resource type}')`. Note the presence of the _members@delta_ property which includes the ids of member objects in the group.
GET https://graph.microsoft.com/v1.0/directoryObjects/delta?$filter=id eq '87d34
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization with `$filter=id eq '{id}'`.
Prefer: return=minimal
- #### Response The following is an example of the response when using `@odata.deltaLink` obtained from the query initialization. Note that the `microsoft.graph.user/surname` property is not included, which means it has not changed since the last delta query; `microsoft.graph.group/displayName` is included which means its value has changed.
v1.0 Driveitem Createlink https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/driveitem-createlink.md
The request should be a JSON object with the following properties.
| **expirationDateTime** | string | A String with format of yyyy-MM-ddTHH:mm:ssZ of DateTime indicates the expiration time of the permission. | | **retainInheritedPermissions** | Boolean | Optional. If `true` (default), any existing inherited permissions are retained on the shared item when sharing this item for the first time. If `false`, all existing permissions are removed when sharing for the first time. | | **scope** | string | Optional. The scope of link to create. Either `anonymous`, `organization`, or `users`. |
-| **retainInheritedPermissions** | Boolean | If `true`, any current inherited permissions are retained on the shared item when sharing this item for the first time. If `false`, all current permissions are removed when sharing for the first time. The default value is `true`. Optional. |
### Link types
v1.0 Externalconnectors Externalconnection Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/externalconnectors-externalconnection-get.md
GET https://graph.microsoft.com/v1.0/external/connections/contosohr
[!INCLUDE [sample-code](../includes/snippets/go/get-externalconnection-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/get-externalconnection-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Fido2authenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethodconfiguration-delete.md
Title: "Delete fido2AuthenticationMethodConfiguration" description: "Delete a fido2AuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: "apiPageType"
v1.0 Fido2authenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethodconfiguration-get.md
Title: "Get fido2AuthenticationMethodConfiguration" description: "Read the properties and relationships of a fido2AuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: "apiPageType"
Content-type: application/json
"id": "all_users", "isRegistrationRequired": false }
- ]
+ ],
+ "excludeTargets": []
} ```
v1.0 Fido2authenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/fido2authenticationmethodconfiguration-update.md
Title: "Update fido2AuthenticationMethodConfiguration" description: "Update the properties of a fido2AuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: "apiPageType"
v1.0 Group Post Groups https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/group-post-groups.md
The following table shows the properties that are required when you create the [
| :-- | : | :-- | | displayName | String | The name to display in the address book for the group. Maximum length: 256 characters. Required. | | mailEnabled | Boolean | Set to `true` for mail-enabled groups. Required. |
-| mailNickname | String | The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the [ASCII character set 0 - 127](/office/vba/language/reference/user-interface-help/character-set-0127) except the following: ` @ () \ [] " ; : . <> , SPACE`. Required. |
+| mailNickname | String | The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. This property can contain only characters in the [ASCII character set 0 - 127](/office/vba/language/reference/user-interface-help/character-set-0127) except the following: ` @ () \ [] " ; : <> , SPACE`. Required. |
| securityEnabled | Boolean | Set to `true` for security-enabled groups, including Microsoft 365 groups. Required. **Note:** Groups created using the Microsoft Azure portal always have **securityEnabled** initially set to `true`. | > [!IMPORTANT]
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethodconfiguration-delete.md
Title: "Delete microsoftAuthenticatorAuthenticationMethodConfiguration" description: "Deletes a microsoftAuthenticatorAuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethodconfiguration-get.md
Title: "Get microsoftAuthenticatorAuthenticationMethodConfiguration" description: "Read the properties and relationships of a microsoftAuthenticatorAuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
Content-Type: application/json
"authenticationMode": "any" } ],
+ "excludeTargets": [],
"featureSettings": { "displayAppContextRequiredState" : { "state": "enabled",
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/microsoftauthenticatorauthenticationmethodconfiguration-update.md
Title: "Update microsoftAuthenticatorAuthenticationMethodConfiguration" description: "Update the properties of a microsoftAuthenticatorAuthenticationMethodConfiguration object."-+ ms.localizationpriority: medium ms.prod: "identity-and-sign-in" doc_type: apiPageType
Content-Type: application/json
### Response
-**Note:** The response object shown here might be shortened for readability.
+The following is an example of the response.
<!-- { "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration"
+ "truncated": true
} --> ``` http
-HTTP/1.1 200 OK
-Content-Type: application/json
-
-{
- "@odata.type": "#microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration",
- "id": "129ae788-e788-129a-88e7-9a1288e79a12",
- "state": "String"
-}
+HTTP/1.1 204 No Content
```
v1.0 Organizationalbranding Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbranding-get.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Organization.Read.All |
v1.0 Organizationalbranding List Localizations https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbranding-list-localizations.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Not supported. |
v1.0 Organizationalbrandinglocalization Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/organizationalbrandinglocalization-get.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | |:|:--|
-| Delegated (work or school account) | User.Read, Organization.Read.All, User.ReadBasic.All, User.Read.All |
+| Delegated (work or school account) | User.Read, Organization.Read.All, User.Read.All |
| Delegated (personal Microsoft account) | Not supported. | | Application | Organization.Read.All |
v1.0 Plannerbucket Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/plannerbucket-get.md
Title: "Get plannerBucket"
-description: "Retrieve the properties and relationships of **plannerBucket** object."
+description: "Retrieve the properties and relationships of a plannerBucket object."
ms.localizationpriority: medium ms.prod: "planner"
doc_type: apiPageType
Namespace: microsoft.graph
-Retrieve the properties and relationships of **plannerBucket** object.
+Retrieve the properties and relationships of a [plannerBucket](../resources/plannerbucket.md) object.
+ ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
Do not supply a request body for this method.
## Response
-If successful, this method returns a `200 OK` response code and [plannerBucket](../resources/plannerbucket.md) object in the response body.
+If successful, this method returns a `200 OK` response code and a [plannerBucket](../resources/plannerbucket.md) object in the response body.
This method can return any of the [HTTP status codes](/graph/errors). The most common errors that apps should handle for this method are the 403 and 404 responses. For more information about these errors, see [Common Planner error conditions](../resources/planner-overview.md#common-planner-error-conditions). ## Example
-##### Request
-Here is an example of the request.
+### Request
+The following is an example of the request.
# [HTTP](#tab/http) <!-- { "blockType": "request",
- "name": "get_plannerbucket"
+ "name": "get_plannerbucket",
+ "sampleKeys": ["hsOf2dhOJkqyYYZEtdzDe2QAIUCR"]
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/planner/buckets/{bucket-id}
+GET https://graph.microsoft.com/v1.0/planner/buckets/hsOf2dhOJkqyYYZEtdzDe2QAIUCR
``` # [C#](#tab/csharp)
GET https://graph.microsoft.com/v1.0/planner/buckets/{bucket-id}
-##### Response
-Here is an example of the response. Note: The response object shown here might be shortened for readability.
+### Response
+The following is an example of the response.
+>**Note:** The response object shown here might be shortened for readability.
<!-- { "blockType": "response", "truncated": true,
Content-type: application/json
"suppressions": [ ] }-->-
v1.0 Profilephoto Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/profilephoto-update.md
One of the following permissions is required to call this API. To learn more, in
|:--|:| |Delegated (work or school account) | Group.ReadWrite.All | |Delegated (personal Microsoft account) | Not supported. |
-|Application | Group.ReadWrite.All |
+|Application | Not supported. |
### To update the profile photo of a team
v1.0 Smsauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/smsauthenticationmethodconfiguration-delete.md
+
+ Title: "Delete smsAuthenticationMethodConfiguration"
+description: "Delete a smsAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Delete smsAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Remove changes made to the [text message authentication method policy](../resources/smsauthenticationmethodconfiguration.md) by reverting the policy to its default configuration.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
+
+For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
+
+* Authentication Policy Administrator
+* Global Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_smsauthenticationmethodconfiguration"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Smsauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/smsauthenticationmethodconfiguration-get.md
+
+ Title: "Get smsAuthenticationMethodConfiguration"
+description: "Read the properties and relationships of a smsAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Get smsAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Read the properties and relationships of a [smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md) object, which represents the Text Message authentication method policy for the Azure AD tenant.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
+
+For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
+
+* Global Reader
+* Authentication Policy Administrator
+* Global Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_smsauthenticationmethodconfiguration"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
+++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.smsAuthenticationMethodConfiguration"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.smsAuthenticationMethodConfiguration",
+ "id": "Sms",
+ "state": "enabled",
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false,
+ "isUsableForSignIn": true
+ }
+ ],
+ "excludeTargets": []
+ }
+}
+```
+
v1.0 Smsauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/smsauthenticationmethodconfiguration-update.md
+
+ Title: "Update smsAuthenticationMethodConfiguration"
+description: "Update the properties of a smsAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Update smsAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Update the properties of a [smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md) object, which represents the text message authentication method policy for the Azure AD tenant.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
+
+For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
+
+* Authentication Policy Administrator
+* Global Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|state|authenticationMethodState|Possible values are: `enabled`, `disabled`.|
+
+>**Note:** The `@odata.type` property with a value of `#microsoft.graph.smsAuthenticationMethodConfiguration` must be included in the body.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_smsauthenticationmethodconfiguration"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/sms
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.smsAuthenticationMethodConfiguration",
+ "id": "Sms",
+ "state": "enabled"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Softwareoathauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/softwareoathauthenticationmethodconfiguration-delete.md
+
+ Title: "Delete softwareOathAuthenticationMethodConfiguration"
+description: "Delete a softwareOathAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Delete softwareOathAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Revert the [third-party software Oath authentication method policy](../resources/softwareoathauthenticationmethodconfiguration.md) to its default configuration.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
+
+For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
+
+* Authentication Policy Administrator
+* Global Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_softwareoathauthenticationmethodconfiguration"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Softwareoathauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/softwareoathauthenticationmethodconfiguration-get.md
+
+ Title: "Get softwareOathAuthenticationMethodConfiguration"
+description: "Read the properties and relationships of a softwareOathAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Get softwareOathAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Read the properties and relationships of a [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object, which represents the third-party software OATH authentication method policy for the Azure AD tenant.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
+
+For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
+
+* Global Reader
+* Authentication Policy Administrator
+* Global Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_softwareoathauthenticationmethodconfiguration"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.softwareOathAuthenticationMethodConfiguration"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.softwareOathAuthenticationMethodConfiguration",
+ "id": "SoftwareOath",
+ "state": "enabled",
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false
+ }
+ ],
+ "excludeTargets": []
+ }
+}
+```
+
v1.0 Softwareoathauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/softwareoathauthenticationmethodconfiguration-update.md
+
+ Title: "Update softwareOathAuthenticationMethodConfiguration"
+description: "Update the properties of a softwareOathAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Update softwareOathAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Update the properties of a [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object, which represents the third-party software OATH authentication method policy for the Azure AD tenant.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
+
+For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
+
+* Authentication Policy Administrator
+* Global Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+In the request body, supply a JSON representation of the [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object with the values of fields that should be updated. Existing properties that are not included in the request body will maintain their previous values or be recalculated based on changes to other property values. For best performance, don't include existing values that haven't changed.
+
+For the list of properties, see [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md).
+
+>**Note:** The `@odata.type` property with a value of `#microsoft.graph.softwareOathAuthenticationMethodConfiguration` must be included in the body.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_softwareoathauthenticationmethodconfiguration"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.softwareOathAuthenticationMethodConfiguration",
+ "state": "disabled"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Team Post https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/team-post.md
Content-Type: application/json
[!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Java](#tab/java) [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)] # [Go](#tab/go)
v1.0 Teamwork List Deletedteams https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/teamwork-list-deletedteams.md
If successful, this method returns a `200 OK` response code and a collection of
### Request The following is an example of a request.
+# [HTTP](#tab/http)
<!-- { "blockType": "request", "name": "list_deletedteam"
The following is an example of a request.
GET https://graph.microsoft.com/v1.0/teamwork/deletedTeams ```
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PHP](#tab/php)
+++ ### Response The following is an example of the response
Content-Type: application/json
} ] }
-```
+```
v1.0 Teamworktag Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/teamworktag-delete.md
DELETE https://graph.microsoft.com/v1.0/teams/53c53217-fe77-4383-bc5a-ed4937a1ae
[!INCLUDE [sample-code](../includes/snippets/go/delete-teamworktag-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/delete-teamworktag-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Temporaryaccesspassauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/temporaryaccesspassauthenticationmethodconfiguration-get.md
Content-Type: application/json
"id": "all_users", "isRegistrationRequired": false }
- ]
+ ],
+ "excludeTargets": []
} ```
v1.0 Tenantappmanagementpolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tenantappmanagementpolicy-get.md
+
+ Title: "Get tenantAppManagementPolicy"
+description: "Read the default tenant policy that applies to applications and service principals objects."
+ms.localizationpriority: medium
+++
+# Get tenantAppManagementPolicy
+
+Namespace: microsoft.graph
+
+Read the properties of a [tenantAppManagementPolicy](../resources/tenantAppManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+GET /policies/defaultAppManagementPolicy
+```
+
+## Request headers
+
+| Name | Description |
+| : | : |
+| Authorization | Bearer {token}. Required. |
+
+## Request body
+
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and the requested [defaultAppManagementPolicy](../resources/tenantAppManagementPolicy.md) object in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+++
+<!-- {
+ "blockType": "request",
+ "name": "get_tenantAppManagementPolicy"
+}-->
+
+```msgraph-interactive
+GET https://graph.microsoft.com/v1.0/policies/defaultAppManagementPolicy
+```
+
+### Response
+
+The following is an example of the response that shows the default tenant app management policy.
+
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.tenantAppManagementPolicy"
+} -->
+
+```http
+HTTP/1.1 200 OK
+Content-type: application/json
+
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/defaultAppManagementPolicy/$entity",
+ "@odata.id": "https://graph.microsoft.com/v2/927c6607-8060-4f4a-a5f8-34964ac78d70/defaultAppManagementPolicy/00000000-0000-0000-0000-000000000000",
+ "id": "00000000-0000-0000-0000-000000000000",
+ "displayName": "Default app management tenant policy",
+ "description": "Default tenant policy that enforces app management restrictions on applications and service principals. To apply policy to targeted resources, create a new policy under appManagementPolicies collection.",
+ "isEnabled": false,
+ "applicationRestrictions": {
+ "passwordCredentials": [],
+ "keyCredentials":[]
+ },
+ "servicePrincipalRestrictions": {
+ "passwordCredentials": [],
+ "keyCredentials":[]
+ }
+}
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Get tenantAppManagementPolicy",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Tenantappmanagementpolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tenantappmanagementpolicy-update.md
+
+ Title: "Update tenantAppManagementPolicy"
+description: "Update the default tenant policy that applies to applications and service principals objects."
+ms.localizationpriority: medium
+++
+# Update tenantAppManagementPolicy
+
+Namespace: microsoft.graph
+
+Update the properties of a [tenantAppManagementPolicy](../resources/tenantAppManagementPolicy.md) object.
+
+## Permissions
+
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+| Permission type | Permissions (from least to most privileged) |
+| :- | : |
+| Delegated (work or school account) | Policy.ReadWrite.ApplicationConfiguration |
+| Delegated (personal Microsoft account) | Not supported. |
+| Application | Policy.ReadWrite.ApplicationConfiguration |
+
+## HTTP request
+
+<!-- { "blockType": "ignored" } -->
+
+```http
+PATCH /policies/defaultAppManagementPolicy
+```
+
+## Request headers
+
+| Name | Description |
+| : | :-- |
+| Authorization | Bearer {token}. Required. |
+| Content-Type | application/json. Required. |
+
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
+
+## Request body
+
+In the request body, supply the values for relevant fields from the [tenantAppManagementPolicy](../resources/tenantAppManagementPolicy.md) that should be updated. Existing properties that are not included in the request body will maintain their previous values. For best performance, do not include unchanged values in the request payload.
+
+| Property | Type | Description |
+| : | :-- | :-- |
+| displayName | String | The display name of the default policy. Inherited from [policyBase](../resources/policybase.md). |
+| description | String | The description of the default policy. Inherited from [policyBase](../resources/policybase.md). |
+| isEnabled | Boolean | Denotes if the policy is enabled. Default value is false. |
+| applicationRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all application objects in the tenant. |
+| servicePrincipalRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all service principal objects in the tenant. |
+
+> [!IMPORTANT]
+> Service principals with a createdDateTime `null` are treated as having being created on 01/01/2019.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+
+The following is an example of the request.
+
+<!-- {
+ "blockType": "request",
+ "name": "update_tenantAppManagementPolicy"
+}-->
+
+```msgraph-interactive
+PATCH https://graph.microsoft.com/v1.0/policies/defaultAppManagementPolicy
+Content-Type: application/json
+
+{
+ "isEnabled": true,
+ "applicationRestrictions": {
+ "passwordCredentials": [
+ {
+ "restrictionType": "passwordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2021-01-01T10:37:00Z"
+ },
+ {
+ "restrictionType": "passwordLifetime",
+ "maxLifetime": "P4DT12H30M5S",
+ "restrictForAppsCreatedAfterDateTime": "2017-01-01T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2021-01-01T10:37:00Z"
+ },
+ {
+ "restrictionType": "customPasswordAddition",
+ "maxLifetime": null,
+ "restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
+ },
+ {
+ "restrictionType": "symmetricKeyLifetime",
+ "maxLifetime": "P40D",
+ "restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
+ }
+ ],
+ "keyCredentials":[
+ {
+ "restrictionType": "asymmetricKeyLifetime",
+ "maxLifetime": "P30D",
+ "restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
+ },
+ ]
+ }
+}
+```
+
+### Response
+
+The following is an example of the response.
+
+<!-- {
+ "blockType": "response",
+ "truncated": false
+} -->
+
+```http
+HTTP/1.1 204 No Content
+```
+
+<!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
+2019-02-04 14:57:30 UTC -->
+<!-- {
+ "type": "#page.annotation",
+ "description": "Update tenantAppManagementPolicy",
+ "keywords": "",
+ "section": "documentation",
+ "tocPath": ""
+}-->
v1.0 Tokenissuancepolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenissuancepolicy-delete.md
DELETE https://graph.microsoft.com/v1.0/policies/tokenIssuancePolicies/{id}
[!INCLUDE [sample-code](../includes/snippets/go/delete-tokenissuancepolicy-go-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
-# [PowerShell](#tab/powershell)
- # [PHP](#tab/php) [!INCLUDE [sample-code](../includes/snippets/php/delete-tokenissuancepolicy-php-snippets.md)] [!INCLUDE [sdk-documentation](../includes/snippets/snippets-sdk-documentation-link.md)]
v1.0 Tokenlifetimepolicy Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-delete.md
The following is an example of the request.
}--> ```http
-DELETE https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/{id}
+DELETE https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
``` # [C#](#tab/csharp)
v1.0 Tokenlifetimepolicy Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-get.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/{id}
+GET https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
``` # [C#](#tab/csharp)
HTTP/1.1 200 OK
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/tokenLifetimePolicies/$entity",
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
v1.0 Tokenlifetimepolicy List Appliesto https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-list-appliesto.md
The following is an example of the request.
}--> ```msgraph-interactive
-GET https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/{id}/appliesTo
+GET https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4/appliesTo
``` # [JavaScript](#tab/javascript)
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "id": "id-value",
- "deletedDateTime": "datetime-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects",
+ "value": [
+ {
+ "@odata.type": "#microsoft.graph.application",
+ "id": "3ccc9971-9ae7-45d6-8de8-263fd25fe116",
+ "appId": "6e4a2285-a438-4bcc-9d76-6c45fb91d4b0",
+ "applicationTemplateId": "8adf8e6e-67b2-4cf2-a259-e3dc5476c621",
+ "displayName": "Contoso IWA App",
+ "publisherDomain": "Contoso.com",
+ "signInAudience": "AzureADMyOrg"
+ }
+ ]
} ```
v1.0 Tokenlifetimepolicy List https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-list.md
HTTP/1.1 200 OK
Content-type: application/json {
- "value": [
- {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
- }
- ]
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/tokenLifetimePolicies",
+ "value": [
+ {
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
+ }
+ ]
} ```
v1.0 Tokenlifetimepolicy Post Tokenlifetimepolicies https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-post-tokenlifetimepolicies.md
If successful, this method returns a `201 Created` response code and a new [toke
### Request
-The following is an example of the request.
+The following is an example of a request that creates a token lifetime policy that sets the access and ID token lifetime to eight hours.
# [HTTP](#tab/http)
POST https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
HTTP/1.1 201 Created
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/tokenLifetimePolicies/$entity",
+ "id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
+ "deletedDateTime": null,
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
v1.0 Tokenlifetimepolicy Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/tokenlifetimepolicy-update.md
In the request body, supply the values for relevant fields that should be update
| Property | Type | Description | |:-|:|:|
-|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. Required.|
+|definition|String collection| A string collection containing a JSON string that defines the rules and settings for this policy. For more information about the JSON schema for this property, see [Properties of a token lifetime policy definition](../resources/tokenlifetimepolicy.md#properties-of-a-token-lifetime-policy-definition). Required.|
|description|String| Description for this policy.| |displayName|String| Display name for this policy. Required.| |isOrganizationDefault|Boolean|If set to true, activates this policy. There can be many policies for the same policy type, but only one can be activated as the organization default. Optional, default value is false.|
The following is an example of the request.
}--> ```http
-PATCH https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/{id}
+PATCH https://graph.microsoft.com/v1.0/policies/tokenLifetimePolicies/4d2f137b-e8a9-46da-a5c3-cc85b2b840a4
Content-type: application/json {
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true
+ "definition": [
+ "{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"5:30:00\"}}"
+ ],
+ "displayName": "Contoso token lifetime policy",
+ "isOrganizationDefault": true
} ```
Content-type: application/json
The following is an example of the response.
-> **Note:** The response object shown here might be shortened for readability.
- <!-- {
- "blockType": "response",
- "truncated": true,
- "@odata.type": "microsoft.graph.tokenLifetimePolicy"
+ "blockType": "response"
} -->- ```http HTTP/1.1 204 No Content
-Content-type: application/json
-
-{
- "definition": [
- "definition-value"
- ],
- "displayName": "displayName-value",
- "isOrganizationDefault": true,
- "id": "id-value"
-}
``` <!-- uuid: 16cd6b66-4b1a-43a1-adaf-3a886856ed98
v1.0 User List Transitivememberof https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-list-transitivememberof.md
One of the following permissions is required to call this API. To learn more, in
| Permission type | Permissions (from least to most privileged) | | :- | : |
-| Delegated (work or school account) | User.Read, GroupMember.Read.All, Directory.Read.All, Directory.ReadWrite.All |
+| Delegated (work or school account) | User.Read, User.Read.All, GroupMember.Read.All, Group.Read.All, Directory.Read.All, Directory.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. |
-| Application | Directory.Read.All, Directory.ReadWrite.All |
+| Application | User.Read.All, GroupMember.Read.All, Group.Read.All, Directory.Read.All, Directory.ReadWrite.All |
++
+> [!IMPORTANT]
+> To add members to a role-assignable group, the calling user must also be assigned the _RoleManagement.ReadWrite.Directory_ permission.
[!INCLUDE [limited-info](../../includes/limited-info.md)]
One of the following permissions is required to call this API. To learn more, in
<!-- { "blockType": "ignored" } --> ```http
+GET /me/transitiveMemberOf
GET /users/{id | userPrincipalName}/transitiveMemberOf ```
v1.0 User Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/user-update.md
In the request body, supply the values for relevant fields that should be update
|employeeLeaveDateTime|DateTimeOffset|The date and time when the user left or will leave the organization. The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is `2014-01-01T00:00:00Z`.<br><br> For delegated scenarios, the calling user must have the Global Administrator role and the calling app assigned the _User.Read.All_ and _User-LifeCycleInfo.ReadWrite.All_ delegated permissions. | |interests|String collection|A list for the user to describe their interests.| |jobTitle|String|The userΓÇÖs job title.|
-|mail|String|The SMTP address for the user, for example, `jeff@contoso.onmicrosoft.com`. Changes to this property will also update the user's **proxyAddresses** collection to include the value as a SMTP address. For Azure AD B2C accounts, this property can be updated up to only ten times with unique SMTP addresses. |
+|mail|String|The SMTP address for the user, for example, `jeff@contoso.onmicrosoft.com`. Changes to this property will also update the user's **proxyAddresses** collection to include the value as a SMTP address. For Azure AD B2C accounts, this property can be updated up to only ten times with unique SMTP addresses. Cannot be updated to `null`. |
|mailNickname|String|The mail alias for the user. This property must be specified when a user is created.| |mobilePhone|String|The primary cellular telephone number for the user.| |mySite|String|The URL for the user's personal site.|
v1.0 Userscopeteamsappinstallation Get Chat https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/userscopeteamsappinstallation-get-chat.md
The following is an example of a request that lists one-on-one chats between the
"sampleKeys": ["f32b83bb-4fc8-4db7-b7f5-76cdbbb8aa1c", "ZjMyYjgzYmItNGZjOC00ZGI3LWI3ZjUtNzZjZGJiYjhhYTFjIyMyMmY3M2JiZS1mNjdhLTRkZWEtYmQ1NC01NGNhYzcxOGNiMmI="] }--> ```msgraph-interactive
-GET https://graph.microsoft.com/beta/users/f32b83bb-4fc8-4db7-b7f5-76cdbbb8aa1c/teamwork/installedApps/ZjMyYjgzYmItNGZjOC00ZGI3LWI3ZjUtNzZjZGJiYjhhYTFjIyMyMmY3M2JiZS1mNjdhLTRkZWEtYmQ1NC01NGNhYzcxOGNiMmI=/chat
+GET https://graph.microsoft.com/v1.0/users/f32b83bb-4fc8-4db7-b7f5-76cdbbb8aa1c/teamwork/installedApps/ZjMyYjgzYmItNGZjOC00ZGI3LWI3ZjUtNzZjZGJiYjhhYTFjIyMyMmY3M2JiZS1mNjdhLTRkZWEtYmQ1NC01NGNhYzcxOGNiMmI=/chat
``` # [C#](#tab/csharp)
v1.0 Voiceauthenticationmethodconfiguration Delete https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/voiceauthenticationmethodconfiguration-delete.md
+
+ Title: "Delete voiceAuthenticationMethodConfiguration"
+description: "Delete a voiceAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Delete voiceAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Revert the [voice call authentication method policy](../resources/voiceauthenticationmethodconfiguration.md) to its default configuration.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
+
+For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
+
+* Authentication Policy Administrator
+* Global Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+DELETE /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "delete_voiceauthenticationmethodconfiguration"
+}
+-->
+``` http
+DELETE https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 Voiceauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/voiceauthenticationmethodconfiguration-get.md
+
+ Title: "Get voiceAuthenticationMethodConfiguration"
+description: "Read the properties and relationships of a voiceAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Get voiceAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Read the properties and relationships of a [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.Read.All, Policy.ReadWrite.AuthenticationMethod|
+
+For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
+
+* Global Reader
+* Authentication Policy Administrator
+* Global Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+GET /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+
+## Request body
+Do not supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "get_voiceauthenticationmethodconfiguration"
+}
+-->
+``` http
+GET https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Java](#tab/java)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+ "blockType": "response",
+ "truncated": true,
+ "@odata.type": "microsoft.graph.voiceAuthenticationMethodConfiguration"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+ "value": {
+ "@odata.type": "#microsoft.graph.voiceAuthenticationMethodConfiguration",
+ "id": "Voice",
+ "state": "enabled",
+ "includeTargets": [
+ {
+ "targetType": "group",
+ "id": "all_users",
+ "isRegistrationRequired": false
+ }
+ ],
+ "excludeTargets": [],
+ "isOfficePhoneAllowed": "true"
+ }
+}
+```
+
v1.0 Voiceauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/voiceauthenticationmethodconfiguration-update.md
+
+ Title: "Update voiceAuthenticationMethodConfiguration"
+description: "Update the properties of a voiceAuthenticationMethodConfiguration object."
+
+ms.localizationpriority: medium
++
+# Update voiceAuthenticationMethodConfiguration
+Namespace: microsoft.graph
+
+Update the properties of a [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object, which represents the voice call authentication method policy for the Azure AD tenant.
+
+## Permissions
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Permissions](/graph/permissions-reference).
+
+|Permission type|Permissions (from least to most privileged)|
+|:|:|
+|Delegated (work or school account)|Policy.ReadWrite.AuthenticationMethod|
+|Delegated (personal Microsoft account)|Not supported.|
+|Application|Policy.ReadWrite.AuthenticationMethod|
+
+For delegated scenarios, the administrator needs one of the following [Azure AD roles](/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles):
+
+* Authentication Policy Administrator
+* Global Administrator
+
+## HTTP request
+
+<!-- {
+ "blockType": "ignored"
+}
+-->
+``` http
+PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+```
+
+## Request headers
+|Name|Description|
+|:|:|
+|Authorization|Bearer {token}. Required.|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|isOfficePhoneAllowed|Boolean|`true` if users can register office phones, otherwise, `false`.|
+|state|authenticationMethodState|Possible values are: `enabled`, `disabled`.|
+
+>**Note:** The `@odata.type` property with a value of `#microsoft.graph.voiceAuthenticationMethodConfiguration` must be included in the body.
+
+## Response
+
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
+
+## Examples
+
+### Request
+The following is an example of a request.
+# [HTTP](#tab/http)
+<!-- {
+ "blockType": "request",
+ "name": "update_voiceauthenticationmethodconfiguration"
+}
+-->
+``` http
+PATCH https://graph.microsoft.com/v1.0/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/voice
+Content-Type: application/json
+
+{
+ "@odata.type": "#microsoft.graph.voiceAuthenticationMethodConfiguration",
+ "isOfficePhoneAllowed": "false"
+}
+```
+
+# [C#](#tab/csharp)
+
+# [JavaScript](#tab/javascript)
+
+# [Go](#tab/go)
+
+# [PowerShell](#tab/powershell)
+
+# [PHP](#tab/php)
++++
+### Response
+The following is an example of the response.
+<!-- {
+ "blockType": "response",
+ "truncated": true
+}
+-->
+``` http
+HTTP/1.1 204 No Content
+```
+
v1.0 X509certificateauthenticationmethodconfiguration Get https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/x509certificateauthenticationmethodconfiguration-get.md
Content-Type: application/json
"id": "all_users", "isRegistrationRequired": false }
- ]
+ ],
+ "excludeTargets": []
} ```
v1.0 X509certificateauthenticationmethodconfiguration Update https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/api/x509certificateauthenticationmethodconfiguration-update.md
PATCH /policies/authenticationMethodsPolicy/authenticationMethodConfigurations/x
|Content-Type|application/json. Required.| ## Request body The following properties can be updated. |Property|Type|Description|
The following properties can be updated.
## Response
-If successful, this method returns a `204 No Content` response code and an updated [x509CertificateAuthenticationMethodConfiguration](../resources/x509certificateauthenticationmethodconfiguration.md) object in the response body.
+If successful, this method returns a `204 No Content` response code. It does not return anything in the response body.
## Examples
v1.0 Appmanagementpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/appManagementPolicy.md
+
+ Title: "appManagementPolicy resource type"
+description: "An application auth method policy for enforcing app management restrictions on specific applications or service principals."
+
+ms.localizationpriority: medium
++
+# appManagementPolicy resource type
+
+Namespace: microsoft.graph
+
+Restrictions on app management operations for specific applications and service principals. If this resource is not configured for an application or service principal, the restrictions default to the settings in the [tenantAppManagementPolicy](tenantappmanagementpolicy.md) object.
+
+## Methods
+
+| Method | Return type | Description |
+| :- | :- | : |
+| [List](../api/appManagementPolicy-list.md) | [appManagementPolicy](../resources/appManagementPolicy.md) | Return a list of app management policies created for applications and service principals along with their properties. |
+| [Create](../api/appManagementPolicy-post.md) | [appManagementPolicy](../resources/appManagementPolicy.md) | Create an app management policy that can be assigned to an application or service principal object. |
+| [Get](../api/appManagementPolicy-get.md) | [appManagementPolicy](../resources/appManagementPolicy.md) | Get a single app management policy object. |
+| [Update](../api/appManagementPolicy-update.md) | None | Update an app management policy. |
+| [Delete](../api/appManagementPolicy-delete.md) | None | Delete an app management policy from the collection of policies in appManagementPolicies. |
+| [List appliesTo](../api/appManagementPolicy-list-appliesTo.md)| [appManagementPolicy](../resources/appManagementPolicy.md)|Return a list of applications and service principals to which the policy is applied. |
+| [Assign appliesTo](../api/appManagementPolicy-post-appliesTo.md)| None |Return a list of applications and service principals to which the policy is applied. |
+
+## Properties
+
+| Property | Type | Description |
+| :-- | :- | : |
+| id | String | Identifier for the policy. |
+| displayName | String | The display name of the policy. Inherited from [policyBase](policybase.md). |
+| description | String | The description of the policy. Inherited from [policyBase](policybase.md). |
+| isEnabled | Boolean | Denotes whether the policy is enabled. |
+| restrictions | [appManagementConfiguration](appManagementConfiguration.md) | Restrictions that apply to an application or service principal object. |
+
+## Relationships
+
+| Relationship | Type | Description |
+| :-- | : | :- |
+| appliesTo | [directoryObject](directoryobject.md) | Collection of applications and service principals to which the policy is applied. |
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.appManagementPolicy",
+ "baseType": "microsoft.graph.policyBase",
+ "openType": false
+}
+-->
+
+```json
+[
+ {
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/appManagementPolicies",
+ "id": "string (identifier)",
+ "description": "string",
+ "displayName": "string",
+ "isEnabled": true,
+ "restrictions": {
+ "@odata.type": "microsoft.graph.appManagementConfiguration"
+ }
+ }
+]
+```
v1.0 Application https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/application.md
This resource supports:
| Relationship | Type | Description | |:|:--|:-|
+|appManagementPolicies|[appManagementPolicy](../resources/appManagementPolicy.md) collection| The appManagementPolicy applied to this application.|
|createdOnBehalfOf|[directoryObject](directoryobject.md)| Supports `$filter` (`/$count eq 0`, `/$count ne 0`). Read-only.| |extensionProperties|[extensionProperty](extensionproperty.md) collection| Read-only. Nullable. Supports `$expand` and `$filter` (`/$count eq 0`, `/$count ne 0`).| |federatedIdentityCredentials|[federatedIdentityCredential](federatedidentitycredential.md) collection |Federated identities for applications. Supports `$expand` and `$filter` (`startsWith`, `/$count eq 0`, `/$count ne 0`).|
v1.0 Applicationauthenticationmethodpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/applicationauthenticationmethodpolicy.md
+
+ Title: "Azure AD application authentication methods API overview"
+description: "Application authentication methods allow apps to acquire tokens to access data in Azure AD."
+ms.localizationpriority: medium
+++
+# Azure AD application authentication methods API overview
+
+Namespace: microsoft.graph
+
+Application authentication methods such as certificates and password secrets allow apps to acquire tokens to access data in Azure Active Directory (Azure AD). The policies allow IT admins to enforce best practices for how apps in their organizations use these application authentication methods. For example, an admin might configure a policy to block the use or limit the lifetime of password secrets, and use the creation date of the object to enforce the policy.
+
+These policies allow organizations to take advantage of the new app security hardening features. By enforcing restrictions that are based on the application or service principal created date, an organization can review their current app security posture, inventory apps, and enforce controls per their resourcing schedules and needs. This approach using the created date allows the organization to enforce the policy for new applications and also apply it to existing applications.
+
+There are two types of policy controls:
+
+- Tenant default policy that applies to all applications or service principals.
+- App (application or service principal) management policies that allow inclusion or exclusion of individual applications from the tenant default policy.
+
+## Tenant default app management policy
+
+A tenant default policy is a single object that always exists and is disabled by default. It's defined by the [tenantAppManagementPolicy](tenantappmanagementpolicy.md) resource and enforces restrictions on application vs service principal objects. It contains the following two properties:
+
+- **applicationRestrictions** allows targeting applications owned by the tenant (application objects).
+- **servicePrincipalRestrictions** allows targeting provisioned from another tenant (service principal objects.
+
+These properties allow the organization to either lock down apps that originate within a tenant or raise the quality bar for apps that are provisioned from outside the tenant boundary.
+
+## App management policy for applications and service principals
+
+App management policies are defined in the [appManagementPolicy](appmanagementpolicy.md) resource, which contains a collection of policies with varying restrictions or different enforcement dates from what's defined in tenant default policy. One of these policies can be assigned to an application or service principal, excluding them from the tenant default policy.
+
+When both the tenant default policy and an app management policy exist, the app management policy takes precedence and the assigned application or service principal doesn't inherit from the tenant default policy. Only one policy can be assigned to an application or service principal.
+
+> [!Note]
+> Neither the tenant default policies nor the app management policies block token issuance for existing applications. An application that does not meet the policy requirements will continue to work until it tries to update the resource to add a new secret.
+
+## What restrictions can be managed in Microsoft Graph?
+
+The application authentication methods policy API offers the following restrictions:
+
+| Restriction name | Description | Examples |
+| : | : | : |
+| passwordAddition | Restrict password secrets on applications altogether. | Block new passwords on applications created on or after '01/01/2019'. |
+| passwordLifetime | Enforce a max lifetime range for a password secret. | Restrict all new password secrets to a maximum of 30 days for applications created after 01/01/2015. |
+| customPasswordAddition | Restrict a custom password secret on application or service principal. | Restrict all new custom password secrets on applications created after 01/01/2015. |
+| symmetricKeyAddition | Restrict symmetric keys on applications. | Block new symmetric keys on applications created on or after 01/01/2019. |
+| symmetricKeyLifetime | Enforce a max lifetime range for a symmetric key. | Restrict all new symmetric keys to a maximum of 30 days for applications created after 01/01/2019. |
+| asymmetricKeyLifetime | Enforce a max lifetime range for an asymmetric key (certificate). | Restrict all new asymmetric key secrets to a maximum of 30 days for applications created after 01/01/2019. |
+
+> [!Note]
+> All lifetime restrictions are expressed in ISO-8601 duration format (For example: P4DT12H30M5S).
+> Restricting customPasswordAddition restriction will block any legacy PowerShell modules that provide a client generated password secret for applications. This restriction still allows the application developer to request Azure AD generated application password secrets.
+
+### Single vs multi-tenant apps
+
+Depending on whether your app is a single tenant or multitenant app, you apply the policy on either an application or the service principal object as follows:
+
+- For single tenant apps, apply the policy to the application object.
+- To restrict multi-tenant apps homed in a customer tenant, apply the policy to the application object.
+- To restrict multi-tenant apps provisioned from another tenant, apply the policy to the service principal object.
+
+### Summary of key differences between the tenant default policy and app management policies
+
+| Tenant default policy | App management policy |
+| - | |
+| Policy always exists. | Policy objects can be created or updated to override default policy. |
+| Restrictions are disabled by default for app/SP. | Allows customization for single tenant or multi tenant(backing app in home tenant or provisioned apps). |
+| Allows only single restriction object definition for all resources. | Allows multiple policy objects to be defined, but only one can be applied to a resource. |
+| Allows distinction of restrictions for application objects vs. service principals. | Policy can be applied to either an application or service principal object. |
+| Applies all restrictions configured to all apps or service principals. | Applies only the restrictions configured in the resource policy to the specified app or service principal, and doesn't inherit from default policy. |
+
+## Next steps
+
+- [tenantAppManagementPolicy](tenantappmanagementpolicy.md) resource type.
+- [appManagementPolicy](appmanagementpolicy.md) resource type.
v1.0 Appmanagementconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/appmanagementconfiguration.md
+
+ Title: "appManagementConfiguration resource type"
+description: "App management configuration object that contains properties which can be configured to enable various restrictions for applications and service principals."
+
+ms.localizationpriority: medium
++
+# appManagementConfiguration resource type
+
+Namespace: microsoft.graph
+
+App management configuration object that contains properties which can be configured to enable various restrictions for applications and service principals.
+
+## Properties
+
+| Property | Type | Description |
+| : | :-- | : |
+| passwordCredentials | [passwordCredentialConfiguration](passwordCredentialConfiguration.md) collection | Collection of password restrictions settings to be applied to an application or service principal. |
+| keyCredentials | [keyCredentialConfiguration](keyCredentialConfiguration.md) collection | Collection of keyCredential restrictions settings to be applied to an application or service principal. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.appManagementConfiguration"
+}
+-->
+
+```json
+{
+ "@odata.type": "#microsoft.graph.appManagementConfiguration",
+ "passwordCredentials": [
+ {
+ "@odata.type": "microsoft.graph.passwordCredentialConfiguration"
+ }
+ ],
+ "keyCredentials": [
+ {
+ "@odata.type": "microsoft.graph.keyCredentialConfiguration"
+ }
+ ]
+}
+```
v1.0 Authenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/authenticationmethodconfiguration.md
The following authentication methods are derived from the **authenticationMethod
+ [emailAuthenticationMethodConfiguration](emailauthenticationmethodconfiguration.md) + [fido2AuthenticationMethodConfiguration](fido2authenticationmethodconfiguration.md) + [microsoftAuthenticatorAuthenticationMethodConfiguration](microsoftauthenticatorauthenticationmethodconfiguration.md)++ [voiceAuthenticationMethodConfiguration](voiceauthenticationmethodconfiguration.md)++ [smsAuthenticationMethodConfiguration](smsauthenticationmethodconfiguration.md)++ [softwareOathAuthenticationMethodConfiguration](softwareoathauthenticationmethodconfiguration.md)++ [temporaryAccessPassAuthenticationMethodConfiguration](smsauthenticationmethodconfiguration.md)++ [x509CertificateAuthenticationMethodConfiguration](x509certificateauthenticationmethodconfiguration.md) ## Properties |Property|Type|Description| |:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from a policy.|
|id|String|The policy name.| |state|authenticationMethodState|The state of the policy. Possible values are: `enabled`, `disabled`.|
The following is a JSON representation of the resource.
{ "@odata.type": "#microsoft.graph.authenticationMethodConfiguration", "id": "String (identifier)",
- "state": "String"
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ]
} ```
v1.0 Authenticationmethodspolicies Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/authenticationmethodspolicies-overview.md
The authentication method policies APIs are used to manage policy settings. For
## What authentication methods policies can be managed in Microsoft Graph? |Authentication method policy | Description |
-|:|:|:|
+|:|:|
|[emailauthenticationmethodconfiguration](emailauthenticationmethodconfiguration.md)|Define users who can use email OTP on the Azure AD tenant.| |[fido2authenticationmethodconfiguration](fido2authenticationmethodconfiguration.md)| Define FIDO2 security key restrictions and users who can use them to sign in to Azure AD.| |[microsoftauthenticatorauthenticationmethodconfiguration](microsoftauthenticatorauthenticationmethodconfiguration.md)|Define users who can use Microsoft Authenticator on the Azure AD tenant.|
-|[temporaryAccessPassAuthenticationMethod](temporaryaccesspassauthenticationmethodconfiguration.md)|Define the configuration settings and users or groups who are enabled to use the Temporary Access Pass authentication method.|
+|[smsAuthenticationMethodConfiguration](smsAuthenticationMethodConfiguration.md)| Define users who can use Text Message on the Azure AD tenant.|
+|[softwareOathAuthenticationMethodConfiguration](softwareOathAuthenticationMethodConfiguration.md)|Define users who can use a third-party software OATH authentication method.|
+|[temporaryaccesspassauthenticationmethodconfiguration](temporaryaccesspassauthenticationmethodconfiguration.md)|Define users who can use Temporary Access Pass to sign in to Azure AD.|
+|[voiceAuthenticationMethodConfiguration](voiceAuthenticationMethodConfiguration.md)|Define users or groups that are enabled to use the voice call authentication method.|
|[x509CertificateAuthenticationMethodConfiguration](x509CertificateAuthenticationMethodConfiguration.md)|Define users who can use X.509 certificate to sign in to Azure AD.|
-## Policies available for authentication methods registration campaign:
+## Policies available for authentication methods registration campaign
+ |Policy | Description | |:|:| |[authenticationMethodsRegistrationCampaign](authenticationmethodsregistrationcampaign.md)| Define users who should be reminded to set up an authentication method (currently only supported for the Microsoft Authenticator).|
v1.0 Authenticationmethodspolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/authenticationmethodspolicy.md
Defines authentication methods and the users that are allowed to use them to sig
|lastModifiedDateTime|DateTimeOffset|The date and time of the last update to the policy. Read-only.| |policyVersion|String|The version of the policy in use. Read-only.| |registrationEnforcement|[registrationEnforcement](../resources/registrationenforcement.md)|Enforce registration at sign-in time. This property can be used to remind users to set up targeted authentication methods.|
+|policyMigrationState|authenticationMethodsPolicyMigrationState|The state of migration of the authentication methods policy from the legacy multifactor authentication and self-service password reset (SSPR) policies. The possible values are: <br/><li>`premigration` - means the authentication methods policy is used for authentication only, legacy policies are respected. <li>`migrationInProgress` - means the authentication methods policy is used for both authentication and SSPR, legacy policies are respected. <li>`migrationComplete` - means the authentication methods policy is used for authentication and SSPR, legacy policies are ignored. <li>`unknownFutureValue` - Evolvable enumeration sentinel value. Do not use. |
## Relationships |Relationship|Type|Description|
The following is a JSON representation of the resource.
"id": "String (identifier)", "lastModifiedDateTime": "String (timestamp)", "policyVersion": "String",
+ "policyMigrationState": "String",
"registrationEnforcement": { "@odata.type": "microsoft.graph.registrationEnforcement" }
v1.0 Callrecords Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/callrecords-api-overview.md
Title: "Working with the call records API in Microsoft Graph" description: "The Microsoft Graph call records API allows you to retrieve usage and diagnostics data for calls and online meetings within your organization."-+ doc_type: conceptualPageType ms.prod: cloud-communications ms.localizationpriority: high
ms.localizationpriority: high
# Working with the call records API in Microsoft Graph
-Call records provide usage and diagnostic information about the calls and online meetings that occur within your organization when using Microsoft Teams or Skype for Business. You can use the call records APIs to subscribe to call records and look up call records by IDs.
+Call records provide usage and diagnostic information about the calls and online meetings that occur within your organization when using Microsoft Teams or Skype for Business. You can use the call records APIs to subscribe to call records and look up call records by IDs. A call record is created after a call or meeting ends and the record is retained for 30 days.
The call records API is defined in the OData sub-namespace, `microsoft.graph.callRecords`.
v1.0 Callrecords Callrecord https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/callrecords-callrecord.md
Title: "callRecord resource type" description: "The callRecord type" ms.localizationpriority: medium-+ ms.prod: "cloud-communications" doc_type: "resourcePageType"
doc_type: "resourcePageType"
Namespace: microsoft.graph.callRecords
-Represents a single peer-to-peer call or a group call between multiple participants, sometimes referred to as an online meeting.
+Represents a single peer-to-peer call or a group call between multiple participants, sometimes referred to as an online meeting. A call record is created after a call or meeting ends.
## Methods
v1.0 Emailauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/emailauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents this tenant's email OTP authentication methods policy. Authentication methods policies define configuration settings and users or groups who are enabled to use the authentication method. Email OTP may be used by the tenant's cloud-native users for self-service password reset, or by external users for authentication during invitation redemption and self-service sign-up for specific apps in user flows.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description|
Represents this tenant's email OTP authentication methods policy. Authentication
|Property|Type|Description| |:|:|:| |allowExternalIdToUseEmailOtp|externalEmailOtpState|Determines whether email OTP is usable by external users for authentication. Possible values are: `default`, `enabled`, `disabled`, `unknownFutureValue`. Tenants in the `default` state who did not use public preview will automatically have email OTP enabled beginning in October 2021.|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|id|String|The authentication method policy identifier. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).| |state|authenticationMethodState|Indicates whether this authentication method is enabled or not. Possible values are: `enabled`, `disabled`.|
The following is a JSON representation of the resource.
{ "@odata.type": "#microsoft.graph.emailAuthenticationMethodConfiguration", "allowExternalIdToUseEmailOtp": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ],
"id": "String (identifier)", "includeTargets": [ { "@odata.type": "microsoft.graph.authenticationMethodTarget" } ], "state": "String"
v1.0 Enums https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/enums.md
doc_type: enumPageType
Namespace: microsoft.graph
+### appCredentialRestrictionType values
+
+| Member |
+| :- |
+| passwordAddition |
+| passwordLifetime |
+| symmetricKeyAddition |
+| symmetricKeyLifetime |
+| unknownFutureValue |
+
+### appKeyCredentialRestrictionType values
+
+| Member |
+| :-- |
+| asymmetricKeyLifetime |
+| unknownFutureValue |
+ ### userPurpose values
-| Member |
-|:-|
+| Member |
+| :-- |
| user | | linked | | shared |
Namespace: microsoft.graph
| unknownFutureValue | ### bookingsAvailabilityStatus values
-|Member|
-|:|
-|available|
-|busy|
-|slotsAvailable|
-|outOfOffice|
-|unknownFutureValue|
+| Member |
+| :-- |
+| available |
+| busy |
+| slotsAvailable |
+| outOfOffice |
+| unknownFutureValue |
### signInFrequencyAuthenticationType values
-|Member|
-|:|
-|primaryAndSecondaryAuthentication|
-|secondaryAuthentication|
-|unknownFutureValue|
+| Member |
+| :-- |
+| primaryAndSecondaryAuthentication |
+| secondaryAuthentication |
+| unknownFutureValue |
### signInFrequencyInterval values
-|Member|
-|:|
-|timeBased|
-|everyTime|
+| Member |
+| :-- |
+| timeBased |
+| everyTime |
### crossTenantAccessPolicyTargetConfigurationAccessType values
-|Member|
-|:|
-|allowed|
-|blocked|
-|unknownFutureValue|
+| Member |
+| :-- |
+| allowed |
+| blocked |
+| unknownFutureValue |
### crossTenantAccessPolicyTargetType values
-|Member|
-|:|
-|user|
-|group|
+| Member |
+| :-- |
+| user |
+| group |
### federatedIdpMfaBehavior values
-|Member|
-|:|
-|acceptIfMfaDoneByFederatedIdp|
-|enforceMfaByFederatedIdp|
-|rejectMfaByFederatedIdp|
-|unknownFutureValue|
+| Member |
+| :- |
+| acceptIfMfaDoneByFederatedIdp |
+| enforceMfaByFederatedIdp |
+| rejectMfaByFederatedIdp |
+| unknownFutureValue |
#### promptLoginBehavior values
-|Member|
-|:|
-|translateToFreshPasswordAuthentication|
-|nativeSupport|
-|disabled|
-|unknownFutureValue|
+| Member |
+| :- |
+| translateToFreshPasswordAuthentication |
+| nativeSupport |
+| disabled |
+| unknownFutureValue |
### expirationPatternType values
-|Member|
-|:|
-|notSpecified|
-|noExpiration|
-|afterDateTime|
-|afterDuration|
+| Member |
+| : |
+| notSpecified |
+| noExpiration |
+| afterDateTime |
+| afterDuration |
### recurrencePatternType values
-|Member|
-|:|
-|daily|
-|weekly|
-|absoluteMonthly|
-|relativeMonthly|
-|absoluteYearly|
-|relativeYearly|
+| Member |
+| :-- |
+| daily |
+| weekly |
+| absoluteMonthly |
+| relativeMonthly |
+| absoluteYearly |
+| relativeYearly |
### roleAssignmentScheduleFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| unknownFutureValue |
### roleAssignmentScheduleInstanceFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| unknownFutureValue |
### roleAssignmentScheduleRequestFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|createdBy|
-|approver|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| createdBy |
+| approver |
+| unknownFutureValue |
### roleEligibilityScheduleFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| unknownFutureValue |
### roleEligibilityScheduleInstanceFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| unknownFutureValue |
### roleEligibilityScheduleRequestFilterByCurrentUserOptions values
-|Member|
-|:|
-|principal|
-|createdBy|
-|approver|
-|unknownFutureValue|
+| Member |
+| :-- |
+| principal |
+| createdBy |
+| approver |
+| unknownFutureValue |
### unifiedRoleManagementPolicyRuleTargetOperations values
-|Member|
-|:|
-|all|
-|activate|
-|deactivate|
-|assign|
-|update|
-|remove|
-|extend|
-|renew|
-|unknownFutureValue|
+| Member |
+| :-- |
+| all |
+| activate |
+| deactivate |
+| assign |
+| update |
+| remove |
+| extend |
+| renew |
+| unknownFutureValue |
### unifiedRoleScheduleRequestActions values
-|Member|
-|:|
-|adminAssign|
-|adminUpdate|
-|adminRemove|
-|selfActivate|
-|selfDeactivate|
-|adminExtend|
-|adminRenew|
-|selfExtend|
-|selfRenew|
-|unknownFutureValue|
+| Member |
+| :-- |
+| adminAssign |
+| adminUpdate |
+| adminRemove |
+| selfActivate |
+| selfDeactivate |
+| adminExtend |
+| adminRenew |
+| selfExtend |
+| selfRenew |
+| unknownFutureValue |
### approvalFilterByCurrentUserOptions values
-|Member|
-|:|
-|target|
-|createdBy|
-|approver|
-|unknownFutureValue|
+| Member |
+| :-- |
+| target |
+| createdBy |
+| approver |
+| unknownFutureValue |
### accessReviewExpirationBehavior values
-|Member|
-|:|
-|keepAccess|
-|removeAccess|
-|acceptAccessRecommendation|
-|unknownFutureValue|
+| Member |
+| :- |
+| keepAccess |
+| removeAccess |
+| acceptAccessRecommendation |
+| unknownFutureValue |
### allowedTargetScope values
-|Member|
-|:|
-|notSpecified|
-|specificDirectoryUsers|
-|specificConnectedOrganizationUsers|
-|specificDirectoryServicePrincipals|
-|allMemberUsers|
-|allDirectoryUsers|
-|allDirectoryServicePrincipals|
-|allConfiguredConnectedOrganizationUsers|
-|allExternalUsers|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notSpecified |
+| specificDirectoryUsers |
+| specificConnectedOrganizationUsers |
+| specificDirectoryServicePrincipals |
+| allMemberUsers |
+| allDirectoryUsers |
+| allDirectoryServicePrincipals |
+| allConfiguredConnectedOrganizationUsers |
+| allExternalUsers |
+| unknownFutureValue |
### approvalFilterByCurrentUserOptions values
-|Member|
-|:|
-|target|
-|createdBy|
-|approver|
-|unknownFutureValue|
+| Member |
+| :-- |
+| target |
+| createdBy |
+| approver |
+| unknownFutureValue |
### accessPackageAssignmentFilterByCurrentUserOptions values
-|Member|
-|:|
-|target|
-|createdBy|
-|unknownFutureValue|
+| Member |
+| :-- |
+| target |
+| createdBy |
+| unknownFutureValue |
### accessPackageAssignmentRequestFilterByCurrentUserOptions values
-|Member|
-|:|
-|target|
-|createdBy|
-|approver|
-|unknownFutureValue|
+| Member |
+| :-- |
+| target |
+| createdBy |
+| approver |
+| unknownFutureValue |
### accessPackageAssignmentState values
-|Member|
-|:|
-|delivering|
-|partiallyDelivered|
-|delivered|
-|expired|
-|deliveryFailed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| delivering |
+| partiallyDelivered |
+| delivered |
+| expired |
+| deliveryFailed |
+| unknownFutureValue |
### accessPackageCatalogState values
-|Member|
-|:|
-|unpublished|
-|published|
-|unknownFutureValue|
+| Member |
+| :-- |
+| unpublished |
+| published |
+| unknownFutureValue |
### accessPackageCatalogType values
-|Member|
-|:|
-|userManaged|
-|serviceDefault|
-|serviceManaged|
-|unknownFutureValue|
+| Member |
+| :-- |
+| userManaged |
+| serviceDefault |
+| serviceManaged |
+| unknownFutureValue |
### accessPackageExternalUserLifecycleAction values
-|Member|
-|:|
-|none|
-|blockSignIn|
-|blockSignInAndDelete|
-|unknownFutureValue|
+| Member |
+| :- |
+| none |
+| blockSignIn |
+| blockSignInAndDelete |
+| unknownFutureValue |
### accessPackageFilterByCurrentUserOptions values
-|Member|
-|:|
-|allowedRequestor|
-|unknownFutureValue|
+| Member |
+| :-- |
+| allowedRequestor |
+| unknownFutureValue |
### accessPackageRequestState values
-|Member|
-|:|
-|submitted|
-|pendingApproval|
-|delivering|
-|delivered|
-|deliveryFailed|
-|denied|
-|scheduled|
-|canceled|
-|partiallyDelivered|
-|unknownFutureValue|
+| Member |
+| :-- |
+| submitted |
+| pendingApproval |
+| delivering |
+| delivered |
+| deliveryFailed |
+| denied |
+| scheduled |
+| canceled |
+| partiallyDelivered |
+| unknownFutureValue |
### accessPackageRequestType values
-|Member|
-|:|
-|notSpecified|
-|userAdd|
-|userUpdate|
-|userRemove|
-|adminAdd|
-|adminUpdate|
-|adminRemove|
-|systemAdd|
-|systemUpdate|
-|systemRemove|
-|onBehalfAdd|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notSpecified |
+| userAdd |
+| userUpdate |
+| userRemove |
+| adminAdd |
+| adminUpdate |
+| adminRemove |
+| systemAdd |
+| systemUpdate |
+| systemRemove |
+| onBehalfAdd |
+| unknownFutureValue |
### accessPackageSubjectType values
-|Member|
-|:|
-|notSpecified|
-|user|
-|servicePrincipal|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notSpecified |
+| user |
+| servicePrincipal |
+| unknownFutureValue |
### connectedOrganizationState values
-|Member|
-|:|
-|configured|
-|proposed|
+| Member |
+| : |
+| configured |
+| proposed |
### accessReviewInstanceDecisionItemFilterByCurrentUserOptions values
-|Member|
-|:|
-|reviewer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| reviewer |
+| unknownFutureValue |
### accessReviewStageFilterByCurrentUserOptions values
-|Member|
-|:|
-|reviewer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| reviewer |
+| unknownFutureValue |
### volumeType values
-|Member|
-|:|
-|operatingSystemVolume|
-|fixedDataVolume|
-|removableDataVolume|
-|unknownFutureValue|
+| Member |
+| :-- |
+| operatingSystemVolume |
+| fixedDataVolume |
+| removableDataVolume |
+| unknownFutureValue |
### filterMode values
-|Member|
-|:|
-|include|
-|exclude|
+| Member |
+| : |
+| include |
+| exclude |
### lifecycleEventType values
-|Member|
-|:|
-|missed|
-|subscriptionRemoved|
-|reauthorizationRequired|
+| Member |
+| :- |
+| missed |
+| subscriptionRemoved |
+| reauthorizationRequired |
### changeType values
-|Member|
-|:|
-|clientIpAddress|
-|authenticatorAppGps|
+| Member |
+| : |
+| clientIpAddress |
+| authenticatorAppGps |
### countryLookupMethodType values
-|Member|
-|:|
-|clientIpAddress|
-|authenticatorAppGps|
+| Member |
+| : |
+| clientIpAddress |
+| authenticatorAppGps |
### consentRequestFilterByCurrentUserOptions values
-|Member|
-|:|
-|reviewer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| reviewer |
+| unknownFutureValue |
### educationFeedbackResourceOutcomeStatus values
-|Member|
-|:|
-|notPublished|
-|pendingPublish|
-|published|
-|failedPublish|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notPublished |
+| pendingPublish |
+| published |
+| failedPublish |
+| unknownFutureValue |
### externalEmailOtpState values
-|Member|
-|:|
-|default|
-|enabled|
-|disabled|
-|unknownFutureValue|
+| Member |
+| :-- |
+| default |
+| enabled |
+| disabled |
+| unknownFutureValue |
### educationAddedStudentAction values
-|Member|
-|:|
-|none|
-|assignIfOpen|
-|unknownFutureValue|
+| Member |
+| :-- |
+| none |
+| assignIfOpen |
+| unknownFutureValue |
### fido2RestrictionEnforcementType values
-|Member|
-|:|
-|allow|
-|block|
+| Member |
+| :-- |
+| allow |
+| block |
### x509CertificateAuthenticationMode values
-|Member|
-|:|
-|x509CertificateSingleFactor|
-|x509CertificateMultiFactor|
-|unknownFutureValue|
+| Member |
+| :-- |
+| x509CertificateSingleFactor |
+| x509CertificateMultiFactor |
+| unknownFutureValue |
### x509CertificateRuleType values
-|Member|
-|:|
-|issuerSubject|
-|policyOID|
-|unknownFutureValue|
+| Member |
+| :-- |
+| issuerSubject |
+| policyOID |
+| unknownFutureValue |
### attestationLevel values
-|Member|
-|:|
-|attested|
-|notAttested|
+| Member |
+| :- |
+| attested |
+| notAttested |
### authenticationMethodTargetType values
-|Member|
-|:|
-|user|
-|group|
+| Member |
+| :-- |
+| user |
+| group |
### authenticationMethodState values
-|Member|
-|:|
-|enabled|
-|disabled|
+| Member |
+| :- |
+| enabled |
+| disabled |
### microsoftAuthenticatorAuthenticationMode values
-|Member|
-|:|
-|any|
-|push|
-|deviceBasedPush|
+| Member |
+| :-- |
+| any |
+| push |
+| deviceBasedPush |
### keyStrength values
-|Member|
-|:|
-|normal|
-|weak|
-|unknown|
+| Member |
+| : |
+| normal |
+| weak |
+| unknown |
### authenticationMethodKeyStrength values
-|Member|
-|:|
-|normal|
-|weak|
-|unknown|
+| Member |
+| : |
+| normal |
+| weak |
+| unknown |
### allowInvitesFrom values
-|Member|
-|:|
-|none|
-|adminsAndGuestInviters|
-|adminsGuestInvitersAndAllMembers|
-|everyone|
-|unknownFutureValue|
+| Member |
+| :- |
+| none |
+| adminsAndGuestInviters |
+| adminsGuestInvitersAndAllMembers |
+| everyone |
+| unknownFutureValue |
### dataPolicyOperationStatus values
-|Member|
-|:|
-|notStarted|
-|running|
-|complete|
-|failed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notStarted |
+| running |
+| complete |
+| failed |
+| unknownFutureValue |
### conditionalAccessDevicePlatform values
-| Member |
-|:--|
-|android|
-|iOS|
-|windows|
-|windowsPhone|
-|macOS|
-|all|
-|unknownFutureValue|
+| Member |
+| :-- |
+| android |
+| iOS |
+| windows |
+| windowsPhone |
+| macOS |
+| all |
+| unknownFutureValue |
### signinFrequencyType values
-| Member |
-|:--|
-|days|
-|hours|
+| Member |
+| :-- |
+| days |
+| hours |
### persistentBrowserSessionMode values
-| Member |
-|:--|
-|always|
-|never|
+| Member |
+| :-- |
+| always |
+| never |
### cloudAppSecuritySessionControlType values
-| Member |
-|:--|
-|mcasConfigured|
-|monitorOnly|
-|blockDownloads|
-|unknownFutureValue|
+| Member |
+| :-- |
+| mcasConfigured |
+| monitorOnly |
+| blockDownloads |
+| unknownFutureValue |
### conditionalAccessGrantControl values
-| Member |
-|:--|
-|block|
-|mfa|
-|compliantDevice|
-|domainJoinedDevice|
-|approvedApplication|
-|compliantApplication|
-|passwordChange|
-|unknownFutureValue|
+| Member |
+| :- |
+| block |
+| mfa |
+| compliantDevice |
+| domainJoinedDevice |
+| approvedApplication |
+| compliantApplication |
+| passwordChange |
+| unknownFutureValue |
### conditionalAccessClientApp values
-|Member|
-|:|
-|all|
-|browser|
-|mobileAppsAndDesktopClients|
-|exchangeActiveSync|
-|easSupported|
-|other|
-|unknownFutureValue|
+| Member |
+| :-- |
+| all |
+| browser |
+| mobileAppsAndDesktopClients |
+| exchangeActiveSync |
+| easSupported |
+| other |
+| unknownFutureValue |
### conditionalAccessPolicyState values
-|Member|
-|:|
-|enabled|
-|disabled|
-|enabledForReportingButNotEnforced|
+| Member |
+| :-- |
+| enabled |
+| disabled |
+| enabledForReportingButNotEnforced |
#### deviceProfileType values
-|Member|
-|:|
-|RegisteredDevice|
-|SecureVM|
-|Printer|
-|Shared|
-|IoT|
+| Member |
+| : |
+| RegisteredDevice |
+| SecureVM |
+| Printer |
+| Shared |
+| IoT |
### appliedConditionalAccessPolicyResult values
-|Member|
-|:|
-|success|
-|failure|
-|notApplied|
-|notEnabled|
-|unknown|
-|unknownFutureValue|
+| Member |
+| :-- |
+| success |
+| failure |
+| notApplied |
+| notEnabled |
+| unknown |
+| unknownFutureValue |
### groupType values
-|Member|
-|:|
-|unifiedGroups|
-|azureAD|
-|unknownFutureValue|
+| Member |
+| :-- |
+| unifiedGroups |
+| azureAD |
+| unknownFutureValue |
### conditionalAccessStatus values
-|Member|
-|:|
-|success|
-|failure|
-|notApplied|
-|unknownFutureValue|
+| Member |
+| :-- |
+| success |
+| failure |
+| notApplied |
+| unknownFutureValue |
### templateScenarios values
-|Member |
-|:|
-|new |
-|secureFoundation |
-|zeroTrust |
-|remoteWork |
-|protectAdmins |
-|emergingThreats |
-|unknownFutureValue |
+| Member |
+| :-- |
+| new |
+| secureFoundation |
+| zeroTrust |
+| remoteWork |
+| protectAdmins |
+| emergingThreats |
+| unknownFutureValue |
### operationResult values
-|Member|
-|:|
-|success|
-|failure|
-|timeout|
-|unknownFutureValue|
+| Member |
+| :-- |
+| success |
+| failure |
+| timeout |
+| unknownFutureValue |
### tone values
-|Member|
-|:|
-|tone0|
-|tone1|
-|tone2|
-|tone3|
-|tone4|
-|tone5|
-|tone6|
-|tone7|
-|tone8|
-|tone9|
-|star|
-|pound|
-|a|
-|b|
-|c|
-|d|
-|flash|
+| Member |
+| :-- |
+| tone0 |
+| tone1 |
+| tone2 |
+| tone3 |
+| tone4 |
+| tone5 |
+| tone6 |
+| tone7 |
+| tone8 |
+| tone9 |
+| star |
+| pound |
+| a |
+| b |
+| c |
+| d |
+| flash |
### mediaState values
-|Member|
-|:|
-|active|
-|inactive|
-|unknownFutureValue|
+| Member |
+| :-- |
+| active |
+| inactive |
+| unknownFutureValue |
### basicStatus values
-|Member|
-|:|
-|active|
-|inactive|
+| Member |
+| :- |
+| active |
+| inactive |
### callState values
-|Member|
-|:|
-|incoming|
-|establishing|
-|ringing|
-|established|
-|hold|
-|transferring|
-|transferAccepted|
-|redirecting|
-|terminating|
-|terminated|
+| Member |
+| : |
+| incoming |
+| establishing |
+| ringing |
+| established |
+| hold |
+| transferring |
+| transferAccepted |
+| redirecting |
+| terminating |
+| terminated |
### callType values
-|Member|
-|:|
-|unknown|
-|groupCall|
-|peerToPeer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| unknown |
+| groupCall |
+| peerToPeer |
+| unknownFutureValue |
### educationAddToCalendarOptions values
-|Member|
-|:|
-|none|
-|studentsAndPublisher|
-|studentsAndTeamOwners|
-|unknownFutureValue|
-|studentsOnly|
+| Member |
+| :-- |
+| none |
+| studentsAndPublisher |
+| studentsAndTeamOwners |
+| unknownFutureValue |
+| studentsOnly |
### educationSubmissionStatus values
-|Member|
-|:|
-|working|
-|submitted|
-|released|
-|returned|
-|unknownFutureValue|
-|reassigned|
+| Member |
+| :-- |
+| working |
+| submitted |
+| released |
+| returned |
+| unknownFutureValue |
+| reassigned |
### onlineMeetingRole values
-|Member|
-|:|
-|attendee|
-|presenter|
-|unknownFutureValue|
+| Member |
+| :-- |
+| attendee |
+| presenter |
+| unknownFutureValue |
### modality values
-|Member|
-|:|
-|audio|
-|video|
-|videoBasedScreenSharing|
-|data|
-|screenSharing|
-|unknownFutureValue|
+| Member |
+| :- |
+| audio |
+| video |
+| videoBasedScreenSharing |
+| data |
+| screenSharing |
+| unknownFutureValue |
### callDirection values
-|Member|
-|:|
-|incoming|
-|outgoing|
+| Member |
+| :- |
+| incoming |
+| outgoing |
### signInAudience values
-|Member|
-|:|
-|AzureADMyOrg|
-|AzureADMultipleOrgs|
-|AzureADandPersonalMicrosoftAccount|
-|PersonalMicrosoftAccount|
+| Member |
+| : |
+| AzureADMyOrg |
+| AzureADMultipleOrgs |
+| AzureADandPersonalMicrosoftAccount |
+| PersonalMicrosoftAccount |
### groupMembershipClaims values
-|Member|
-|:|
-|None|
-|SecurityGroup|
-|All|
+| Member |
+| : |
+| None |
+| SecurityGroup |
+| All |
### recipientScopeType values
-|Member|
-|:|
-|none|
-|internal|
-|external|
-|externalPartner|
-|externalNonPartner|
+| Member |
+| :-- |
+| none |
+| internal |
+| external |
+| externalPartner |
+| externalNonPartner |
### activityType values
-|Member|
-|:|
-|signin|
-|user|
-|unknownFutureValue|
-|servicePrincipal|
+| Member |
+| :-- |
+| signin |
+| user |
+| unknownFutureValue |
+| servicePrincipal |
### riskDetectionTimingType values
-|Member|
-|:|
-|notDefined|
-|realtime|
-|nearRealtime|
-|offline|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notDefined |
+| realtime |
+| nearRealtime |
+| offline |
+| unknownFutureValue |
### tokenIssuerType values
-|Member|
-|:|
-|AzureAD|
-|ADFederationServices|
-|UnknownFutureValue|
+| Member |
+| :- |
+| AzureAD |
+| ADFederationServices |
+| UnknownFutureValue |
### attachmentType values
Namespace: microsoft.graph
### contactRelationship values
-|Member|Value|Description|
-|:|:|:|
-|parent|0|The user's parent.|
-|relative|1| The user's relative.|
-|aide|2| The user's aide.|
-|doctor|3| The user's doctor.|
-|guardian|4| The user's guardian.|
-|child|5| The user's child.|
-|other|6| An unspecified relationship to the user.|
-|unknownFutureValue|7| Marker value for future compatibility.|
+| Member | Value | Description |
+| :-- | :- | : |
+| parent | 0 | The user's parent. |
+| relative | 1 | The user's relative. |
+| aide | 2 | The user's aide. |
+| doctor | 3 | The user's doctor. |
+| guardian | 4 | The user's guardian. |
+| child | 5 | The user's child. |
+| other | 6 | An unspecified relationship to the user. |
+| unknownFutureValue | 7 | Marker value for future compatibility. |
### scheduleEntityTheme values
Namespace: microsoft.graph
### timeOffReasonIconType values
-|Member|
-|:|
-|none|
-|car|
-|calendar|
-|running|
-|plane|
-|firstAid|
-|doctor|
-|notWorking|
-|clock|
-|juryDuty|
-|globe|
-|cup|
-|phone|
-|weather|
-|umbrella|
-|piggyBank|
-|dog|
-|cake|
-|trafficCone|
-|pin|
-|sunny|
-|unknownFutureValue|
+| Member |
+| :-- |
+| none |
+| car |
+| calendar |
+| running |
+| plane |
+| firstAid |
+| doctor |
+| notWorking |
+| clock |
+| juryDuty |
+| globe |
+| cup |
+| phone |
+| weather |
+| umbrella |
+| piggyBank |
+| dog |
+| cake |
+| trafficCone |
+| pin |
+| sunny |
+| unknownFutureValue |
### workforceIntegrationEncryptionProtocol values
Namespace: microsoft.graph
### workforceIntegrationSupportedEntities values
-|Member|
-|:|
-|none|
-|shift|
-|swapRequest|
-|userShiftPreferences|
-|openShift|
-|openShiftRequest|
-|offerShiftRequest|
-|unknownFutureValue|
+| Member |
+| :- |
+| none |
+| shift |
+| swapRequest |
+| userShiftPreferences |
+| openShift |
+| openShiftRequest |
+| offerShiftRequest |
+| unknownFutureValue |
### timeZoneStandard values
Namespace: microsoft.graph
### freeBusyStatus values
-| Member |Value
-|:|:-
-| free | 0
-| tentative | 1
-| busy | 2
-| oof | 3
-| workingElsewhere | 4
-| unknown | -1
+| Member | Value |
+| : | :- |
+| free | 0 |
+| tentative | 1 |
+| busy | 2 |
+| oof | 3 |
+| workingElsewhere | 4 |
+| unknown | -1 |
### attendeeType values
Namespace: microsoft.graph
### calendarColor values
-| Member | Value
-|:--|:-
-| auto | -1
-| lightBlue | 0
-| lightGreen | 1
-| lightOrange| 2
-| lightGray | 3
-| lightYellow| 4
-| lightTeal | 5
-| lightPink | 6
-| lightBrown | 7
-| lightRed | 8
-| maxColor | 9
+| Member | Value |
+| :- | :- |
+| auto | -1 |
+| lightBlue | 0 |
+| lightGreen | 1 |
+| lightOrange | 2 |
+| lightGray | 3 |
+| lightYellow | 4 |
+| lightTeal | 5 |
+| lightPink | 6 |
+| lightBrown | 7 |
+| lightRed | 8 |
+| maxColor | 9 |
### educationExternalSource values
Namespace: microsoft.graph
### onenoteUserRole values
-| Member | Value
-|:|:
-| Owner | 0
-| Contributor | 1
-| Reader | 2
-| None | -1
+| Member | Value |
+| :- | :- |
+| Owner | 0 |
+| Contributor | 1 |
+| Reader | 2 |
+| None | -1 |
### operationStatus values
Namespace: microsoft.graph
### plannerContainerType values
-|Member|
-|:|
-|group|
-|unknownFutureValue|
-|roster|
+| Member |
+| :-- |
+| group |
+| unknownFutureValue |
+| roster |
### plannerPreviewType values
Namespace: microsoft.graph
### categoryColor values
-| Member |Value
-|:|:--
-| none | -1
-| preset0 | 0
-| preset1 | 1
-| preset2 | 2
-| preset3 | 3
-| preset4 | 4
-| preset5 | 5
-| preset6 | 6
-| preset7 | 7
-| preset8 | 8
-| preset9 | 9
-| preset10 | 10
-| preset11 | 11
-| preset12 | 12
-| preset13 | 13
-| preset14 | 14
-| preset15 | 15
-| preset16 | 16
-| preset17 | 17
-| preset18 | 18
-| preset19 | 19
-| preset20 | 20
-| preset21 | 21
-| preset22 | 22
-| preset23 | 23
-| preset24 | 24
+| Member | Value |
+| :- | :- |
+| none | -1 |
+| preset0 | 0 |
+| preset1 | 1 |
+| preset2 | 2 |
+| preset3 | 3 |
+| preset4 | 4 |
+| preset5 | 5 |
+| preset6 | 6 |
+| preset7 | 7 |
+| preset8 | 8 |
+| preset9 | 9 |
+| preset10 | 10 |
+| preset11 | 11 |
+| preset12 | 12 |
+| preset13 | 13 |
+| preset14 | 14 |
+| preset15 | 15 |
+| preset16 | 16 |
+| preset17 | 17 |
+| preset18 | 18 |
+| preset19 | 19 |
+| preset20 | 20 |
+| preset21 | 21 |
+| preset22 | 22 |
+| preset23 | 23 |
+| preset24 | 24 |
### alertFeedback values Possible feedback values on the alert provided by an analyst.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown.|
-|truePositive|1|Alert is true-positive.|
-|falsePositive|2| Alert is false-positive.|
-|benignPositive|3| Alert is benign-positive.|
+| Member | Value | Description |
+| :- | :- | : |
+| unknown | 0 | Unknown. |
+| truePositive | 1 | Alert is true-positive. |
+| falsePositive | 2 | Alert is false-positive. |
+| benignPositive | 3 | Alert is benign-positive. |
### fileHashType values Enum for file hash types.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown type.|
-|sha1|1|SHA1 hash type.|
-|sha256|2| SHA256 hash type.|
-|md5|3| MD5 hash type.|
-|authenticodeHash256|4| AuthenticodeHash256 hash type.|
-|lsHash|5| LsHash hash type.|
-|ctph|6| CTPH hash type.|
-|peSha1|7| PESHA1 hash type.|
-|peSha256|8| PESHA256 hash type.|
+| Member | Value | Description |
+| : | :- | :-- |
+| unknown | 0 | Unknown type. |
+| sha1 | 1 | SHA1 hash type. |
+| sha256 | 2 | SHA256 hash type. |
+| md5 | 3 | MD5 hash type. |
+| authenticodeHash256 | 4 | AuthenticodeHash256 hash type. |
+| lsHash | 5 | LsHash hash type. |
+| ctph | 6 | CTPH hash type. |
+| peSha1 | 7 | PESHA1 hash type. |
+| peSha256 | 8 | PESHA256 hash type. |
### connectionDirection values Enum for the direction of the network connection (inbound/outbound).
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown connection.|
-|inbound|1|Inbound connection.|
-|outbound|2| Outbound connection.|
+| Member | Value | Description |
+| :- | :- | :- |
+| unknown | 0 | Unknown connection. |
+| inbound | 1 | Inbound connection. |
+| outbound | 2 | Outbound connection. |
### connectionStatus values Enum for the status of connections.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown connection status.|
-|attempted|1|Connection attempted.|
-|succeeded|2| Connection succeeded.|
-|blocked|3| Connection blocked.|
-|failed|4| Connection failed.|
+| Member | Value | Description |
+| :-- | :- | :- |
+| unknown | 0 | Unknown connection status. |
+| attempted | 1 | Connection attempted. |
+| succeeded | 2 | Connection succeeded. |
+| blocked | 3 | Connection blocked. |
+| failed | 4 | Connection failed. |
### processIntegrityLevel values Possible integrity level values of the process.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown.|
-|untrusted|10|Integrity level is Untrusted.|
-|low|20| Integrity level is Low.|
-|medium|30| Integrity level is Medium.|
-|high|40| Integrity level is High.|
-|system|50| Integrity level is System.|
+| Member | Value | Description |
+| :-- | :- | :- |
+| unknown | 0 | Unknown. |
+| untrusted | 10 | Integrity level is Untrusted. |
+| low | 20 | Integrity level is Low. |
+| medium | 30 | Integrity level is Medium. |
+| high | 40 | Integrity level is High. |
+| system | 50 | Integrity level is System. |
### registryHive values Enum for registry hives as defined by [/windows/desktop/sysinfo/registry-hives](/windows/desktop/sysinfo/registry-hives).
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown hive.|
-|currentConfig|1|HKEY_CURRENT_CONFIG hive.|
-|currentUser|2| HKEY_CURRENT_USER hive.|
-|localMachineSam|3| HKEY_LOCAL_MACHINE\SAM hive.|
-|localMachineSamSoftware|4| HKEY_LOCAL_MACHINE\Software hive.|
-|localMachineSystem|5| HKEY_LOCAL_MACHINE\System hive.|
-|usersDefault|6| HKEY_USERS\\.DEFAULT hive.|
+| Member | Value | Description |
+| :- | :- | :-- |
+| unknown | 0 | Unknown hive. |
+| currentConfig | 1 | HKEY_CURRENT_CONFIG hive. |
+| currentUser | 2 | HKEY_CURRENT_USER hive. |
+| localMachineSam | 3 | HKEY_LOCAL_MACHINE\SAM hive. |
+| localMachineSamSoftware | 4 | HKEY_LOCAL_MACHINE\Software hive. |
+| localMachineSystem | 5 | HKEY_LOCAL_MACHINE\System hive. |
+| usersDefault | 6 | HKEY_USERS\\.DEFAULT hive. |
### registryOperation values Operation that changed the registry key name and/or value.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown registry value type.|
-|create|1|Create registry.|
-|modify|2|Modify registry.|
-|delete|3|Delete registry.|
+| Member | Value | Description |
+| : | :- | : |
+| unknown | 0 | Unknown registry value type. |
+| create | 1 | Create registry. |
+| modify | 2 | Modify registry. |
+| delete | 3 | Delete registry. |
### registryValueType values Enum for registry value types as defined by [/windows/desktop/sysinfo/registry-value-types](/windows/desktop/sysinfo/registry-value-types).
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown registry value type.|
-|binary|1|REG_BINARY registry value type.|
-|dword|2| REG_DWORD registry value type.|
-|dwordLittleEndian|3| REG_DWORD_LITTLE_ENDIAN registry value type.|
-|dwordBigEndian|4| REG_DWORD_BIG_ENDIAN registry value type.|
-|expandSz|5| REG_EXPAND_SZ registry value type.|
-|link|6| REG_LINK registry value type.|
-|multiSz|7| REG_MULTI_SZ registry value type.|
-|none|8| REG_NONE registry value type.|
-|qword|9| REG_QWORD registry value type.|
-|qwordlittleEndian|10| REG_QWORD_LITTLE_ENDIAN registry value type.|
-|sz|11| REG_SZ registry value type.|
+| Member | Value | Description |
+| :- | :- | :- |
+| unknown | 0 | Unknown registry value type. |
+| binary | 1 | REG_BINARY registry value type. |
+| dword | 2 | REG_DWORD registry value type. |
+| dwordLittleEndian | 3 | REG_DWORD_LITTLE_ENDIAN registry value type. |
+| dwordBigEndian | 4 | REG_DWORD_BIG_ENDIAN registry value type. |
+| expandSz | 5 | REG_EXPAND_SZ registry value type. |
+| link | 6 | REG_LINK registry value type. |
+| multiSz | 7 | REG_MULTI_SZ registry value type. |
+| none | 8 | REG_NONE registry value type. |
+| qword | 9 | REG_QWORD registry value type. |
+| qwordlittleEndian | 10 | REG_QWORD_LITTLE_ENDIAN registry value type. |
+| sz | 11 | REG_SZ registry value type. |
### alertSeverity values Enum for severity of alerts.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Severity is unknown.|
-|informational|1|Severity is only for information.|
-|low|2| Severity is low.|
-|medium|3| Severity is medium.|
-|high|4| Severity is high.|
+| Member | Value | Description |
+| : | :- | :-- |
+| unknown | 0 | Severity is unknown. |
+| informational | 1 | Severity is only for information. |
+| low | 2 | Severity is low. |
+| medium | 3 | Severity is medium. |
+| high | 4 | Severity is high. |
### alertStatus values Possible values of an Alert lifecycle status (stage).
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown status.|
-|newAlert|10| Alert is new.|
-|inProgress|20|Alert is in progress.|
-|resolved|30|Alert is resolved.|
+| Member | Value | Description |
+| : | :- | :-- |
+| unknown | 0 | Unknown status. |
+| newAlert | 10 | Alert is new. |
+| inProgress | 20 | Alert is in progress. |
+| resolved | 30 | Alert is resolved. |
### emailRole values Possible values for email roles.
-|Member|Value|Description|
-|:|:|:|
-|unknown|0|Unknown Role.|
-|sender|1|Sender of the email.|
-|recipient|2|Recipient of the email.|
+| Member | Value | Description |
+| :-- | :- | :- |
+| unknown | 0 | Unknown Role. |
+| sender | 1 | Sender of the email. |
+| recipient | 2 | Recipient of the email. |
### logonType values Possible values for the method of user signin.
-|Member|Value|Description|
-|:|:|:|
-|unknown|-1|Unknown.|
-|interactive|0|Logon is interactive.|
-|remoteInteractive|1| Logon is remote interactive.|
-|network|2| Logon is network.|
-|batch|3| Logon is batch.|
-|service|4| Logon is service.|
+| Member | Value | Description |
+| :- | :- | : |
+| unknown | -1 | Unknown. |
+| interactive | 0 | Logon is interactive. |
+| remoteInteractive | 1 | Logon is remote interactive. |
+| network | 2 | Logon is network. |
+| batch | 3 | Logon is batch. |
+| service | 4 | Logon is service. |
### userAccountSecurityType values Possible values for user account types (group membership), per Windows definition.
-|Member|Member|Description|
-|:|:|:|
-|unknown|-1|Unknown.|
-|standard|0|Member of Standard Users group.|
-|power|1| Member of Power Users group.|
-|administrator|2| Member of Administrators group.|
+| Member | Member | Description |
+| : | :-- | : |
+| unknown | -1 | Unknown. |
+| standard | 0 | Member of Standard Users group. |
+| power | 1 | Member of Power Users group. |
+| administrator | 2 | Member of Administrators group. |
### riskDetail values
-|Member|
-|:|
-|none|
-|adminGeneratedTemporaryPassword|
-|userPerformedSecuredPasswordChange|
-|userPerformedSecuredPasswordReset|
-|adminConfirmedSigninSafe|
-|aiConfirmedSigninSafe|
-|userPassedMFADrivenByRiskBasedPolicy|
-|adminDismissedAllRiskForUser|
-|adminConfirmedSigninCompromised|
-|hidden|
-|adminConfirmedUserCompromised|
-|unknownFutureValue|
-|adminConfirmedServicePrincipalCompromised|
-|adminDismissedAllRiskForServicePrincipal|
-|m365DAdminDismissedDetection|
+| Member |
+| :- |
+| none |
+| adminGeneratedTemporaryPassword |
+| userPerformedSecuredPasswordChange |
+| userPerformedSecuredPasswordReset |
+| adminConfirmedSigninSafe |
+| aiConfirmedSigninSafe |
+| userPassedMFADrivenByRiskBasedPolicy |
+| adminDismissedAllRiskForUser |
+| adminConfirmedSigninCompromised |
+| hidden |
+| adminConfirmedUserCompromised |
+| unknownFutureValue |
+| adminConfirmedServicePrincipalCompromised |
+| adminDismissedAllRiskForServicePrincipal |
+| m365DAdminDismissedDetection |
### riskEventTypes values
Possible values for user account types (group membership), per Windows definitio
### riskEventType values
-|Member|
-|:|
-|unlikelyTravel|
-|anonymizedIPAddress|
-|maliciousIPAddress|
-|unfamiliarFeatures|
-|malwareInfectedIPAddress|
-|suspiciousIPAddress|
-|leakedCredentials|
-|investigationsThreatIntelligence|
-|generic|
-|adminConfirmedUserCompromised|
-|mcasImpossibleTravel|
-|mcasSuspiciousInboxManipulationRules|
-|investigationsThreatIntelligenceSigninLinked|
-|maliciousIPAddressValidCredentialsBlockedIP|
-|unknownFutureValue|
+| Member |
+| :- |
+| unlikelyTravel |
+| anonymizedIPAddress |
+| maliciousIPAddress |
+| unfamiliarFeatures |
+| malwareInfectedIPAddress |
+| suspiciousIPAddress |
+| leakedCredentials |
+| investigationsThreatIntelligence |
+| generic |
+| adminConfirmedUserCompromised |
+| mcasImpossibleTravel |
+| mcasSuspiciousInboxManipulationRules |
+| investigationsThreatIntelligenceSigninLinked |
+| maliciousIPAddressValidCredentialsBlockedIP |
+| unknownFutureValue |
### riskLevel values
Possible values for user account types (group membership), per Windows definitio
### exchangeIdFormat values
-|Member|
-|:|
-|entryId|
-|ewsId|
-|immutableEntryId|
-|restId|
-|restImmutableEntryId|
+| Member |
+| :- |
+| entryId |
+| ewsId |
+| immutableEntryId |
+| restId |
+| restImmutableEntryId |
### onlineMeetingProviderType values
-|Member|
-|:|
-|unknown|
-|skypeForBusiness|
-|skypeForConsumer|
-|teamsForBusiness|
+| Member |
+| : |
+| unknown |
+| skypeForBusiness |
+| skypeForConsumer |
+| teamsForBusiness |
### delegateMeetingMessageDeliveryOptions values
-|Member|
-|:|
-|sendToDelegateAndInformationToPrincipal|
-|sendToDelegateAndPrincipal|
-|sendToDelegateOnly|
+| Member |
+| :-- |
+| sendToDelegateAndInformationToPrincipal |
+| sendToDelegateAndPrincipal |
+| sendToDelegateOnly |
### calendarRoleType values
-|Member|
-|:|
-|none|
-|freeBusyRead|
-|limitedRead|
-|read|
-|write|
-|delegateWithoutPrivateEventAccess|
-|delegateWithPrivateEventAccess|
-|custom|
+| Member |
+| :-- |
+| none |
+| freeBusyRead |
+| limitedRead |
+| read |
+| write |
+| delegateWithoutPrivateEventAccess |
+| delegateWithPrivateEventAccess |
+| custom |
### threatAssessmentContentType values | Member | Value | Description |
-|:-|:|:|
+| :-- | :- | :- |
| mail | 1 | Mail threat. | | url | 2 | URL threat. | | file | 3 | Attachment file threat. |
Possible values for user account types (group membership), per Windows definitio
### threatExpectedAssessment values | Member | Value | Description |
-|:--|:|:-|
+| : | :- | :-- |
| block | 1 | The threat should be blocked. | | unblock | 2 | The threat should not be blocked. | ### threatCategory values | Member | Value | Description |
-|:-|:|:-|
+| :-- | :- | :-- |
| spam | 1 | Spam threat. | | phishing | 2 | Phishing threat. | | malware | 3 | Malware threat. |
Possible values for user account types (group membership), per Windows definitio
### threatAssessmentStatus values | Member | Value | Description |
-|:-|:|:--|
+| :-- | :- | : |
| pending | 1 | The threat assessment still in progress. | | completed | 2 | The threat assessment completed. | ### threatAssessmentRequestSource values | Member | Value | Description |
-|:--|:|:-|
+| : | :- | :-- |
| undefined | 0 | Not yet know. | | user | 1 | User submission. | | administrator | 2 | Tenant admin submission. |
Possible values for user account types (group membership), per Windows definitio
### threatAssessmentResultType values | Member | Value | Description |
-|:-|:|:--|
+| :-- | :- | : |
| checkPolicy | 1 | The policy check result, only for `mail` assessment. | | rescan | 2 | The rescan result. | | unknownFutureValue | 3 | A sentinel member. |
Possible values for user account types (group membership), per Windows definitio
### mailDestinationRoutingReason values | Member | Value | Description |
-|:-|:|:|
+| :-- | :- | :- |
| none | 0 | Not yet know. | | mailFlowRule | 1 | Exchange transport rule. | | safeSender | 2 | Safe sender list. |
Possible values for user account types (group membership), per Windows definitio
### chatMessageType values
-| Value |
-|:--|
-| message |
-| chatEvent |
-| typing |
+| Value |
+| :-- |
+| message |
+| chatEvent |
+| typing |
| unknownFutureValue | | systemEventMessage | ### chatMessagePolicyViolationDlpActionType values
-| Value |
-|:--|
-| none |
-| NotifySender |
-| BlockAccess |
+| Value |
+| : |
+| none |
+| NotifySender |
+| BlockAccess |
| BlockAccessExternal | ### chatMessagePolicyViolationUserActionType values
-| Member | Int value | Description |
-|:|:--|:-|
-| None | 0 | Default value. This is the value on a message when the user has not taken an action on the message blocked by DLP. |
-| Override | 1 | Sender has overridden the message verdict and sent the message anyway.|
-| ReportFalsePositive | 2 | Sender has reported the message verdict to the admins as a false positive.|
+| Member | Int value | Description |
+| : | :-- | :-- |
+| None | 0 | Default value. This is the value on a message when the user has not taken an action on the message blocked by DLP. |
+| Override | 1 | Sender has overridden the message verdict and sent the message anyway. |
+| ReportFalsePositive | 2 | Sender has reported the message verdict to the admins as a false positive. |
### chatMessagePolicyViolationVerdictDetailsType values
-| Member | Int value | Description |
-|:|:--|:-|
-| None | 0 | User is not allowed to override the message. User is not allowed to report a message as false positive if policyTip is not provided. In all other scenarios, user can report a message as false positive.|
-| AllowFalsePositiveOverride | 1 | User is not allowed to explicitly override the block unless this is combined with `AllowOverrideWithoutJustification` or `AllowOverrideWithJustification` flags. Reporting a false positive on the violation automatically overrides the block and sends the message. |
-| AllowOverrideWithoutJustification | 2 | User is allowed to override the block and send the message. Justification text is not required. Exclusive to `AllowOverrideWithJustification`. |
-| AllowOverrideWithJustification | 4 | User is allowed to override the block and send the message. Justification text is required. Exclusive to `AllowOverrideWithoutJustification`.|
+| Member | Int value | Description |
+| :-- | :-- | :-- |
+| None | 0 | User is not allowed to override the message. User is not allowed to report a message as false positive if policyTip is not provided. In all other scenarios, user can report a message as false positive. |
+| AllowFalsePositiveOverride | 1 | User is not allowed to explicitly override the block unless this is combined with `AllowOverrideWithoutJustification` or `AllowOverrideWithJustification` flags. Reporting a false positive on the violation automatically overrides the block and sends the message. |
+| AllowOverrideWithoutJustification | 2 | User is allowed to override the block and send the message. Justification text is not required. Exclusive to `AllowOverrideWithJustification`. |
+| AllowOverrideWithJustification | 4 | User is allowed to override the block and send the message. Justification text is required. Exclusive to `AllowOverrideWithoutJustification`. |
### wellknownListName values | Member
Possible values for user account types (group membership), per Windows definitio
### columnTypes values
-|Member|Description|
-|:-|:
-|note| Multiline text. |
-|text | Single line text. |
-|choice | Choice column |
-|multichoice | Multichoice column. |
-|number | Number column. |
-|currency | Currency column. |
-|dateTime | DateTime column. |
-|lookup | Lookup column. |
-|boolean | Yes/No column. |
-|user | Person or group column. |
-|url | Hyperlink or picture column. |
-|calculated | Calculated column. |
-|location | Location column. |
-|geolocation | Geolocation column. |
-|term | Managed metadata column. |
-|multiterm | Managed metadata column accepting multiple values. |
-|thumbnail | Image column. |
-|approvalStatus | Content approval status column. |
-|unknownFutureValue | UnknownFuturevalue |
+| Member | Description |
+| :-- | :- |
+| note | Multiline text. |
+| text | Single line text. |
+| choice | Choice column |
+| multichoice | Multichoice column. |
+| number | Number column. |
+| currency | Currency column. |
+| dateTime | DateTime column. |
+| lookup | Lookup column. |
+| boolean | Yes/No column. |
+| user | Person or group column. |
+| url | Hyperlink or picture column. |
+| calculated | Calculated column. |
+| location | Location column. |
+| geolocation | Geolocation column. |
+| term | Managed metadata column. |
+| multiterm | Managed metadata column accepting multiple values. |
+| thumbnail | Image column. |
+| approvalStatus | Content approval status column. |
+| unknownFutureValue | UnknownFuturevalue |
### permissionClassificationType values
Possible values for user account types (group membership), per Windows definitio
### printColorMode values
-|Member|
-|:|
-|blackAndWhite|
-|grayscale|
-|color|
-|auto|
-|unknownFutureValue|
+| Member |
+| :-- |
+| blackAndWhite |
+| grayscale |
+| color |
+| auto |
+| unknownFutureValue |
### printDuplexMode values
-|Member|
-|:|
-|flipOnLongEdge|
-|flipOnShortEdge|
-|oneSided|
-|unknownFutureValue|
+| Member |
+| :-- |
+| flipOnLongEdge |
+| flipOnShortEdge |
+| oneSided |
+| unknownFutureValue |
### printerFeedOrientation values
-|Member|
-|:|
-|longEdgeFirst|
-|shortEdgeFirst|
-|unknownFutureValue|
+| Member |
+| :-- |
+| longEdgeFirst |
+| shortEdgeFirst |
+| unknownFutureValue |
### printFinishing values
-|Member|
-|:|
-|none|
-|staple|
-|punch|
-|cover|
-|bind|
-|saddleStitch|
-|stitchEdge|
-|stapleTopLeft|
-|stapleBottomLeft|
-|stapleTopRight|
-|stapleBottomRight|
-|stitchLeftEdge|
-|stitchTopEdge|
-|stitchRightEdge|
-|stitchBottomEdge|
-|stapleDualLeft|
-|stapleDualTop|
-|stapleDualRight|
-|stapleDualBottom|
-|unknownFutureValue|
+| Member |
+| :-- |
+| none |
+| staple |
+| punch |
+| cover |
+| bind |
+| saddleStitch |
+| stitchEdge |
+| stapleTopLeft |
+| stapleBottomLeft |
+| stapleTopRight |
+| stapleBottomRight |
+| stitchLeftEdge |
+| stitchTopEdge |
+| stitchRightEdge |
+| stitchBottomEdge |
+| stapleDualLeft |
+| stapleDualTop |
+| stapleDualRight |
+| stapleDualBottom |
+| unknownFutureValue |
### printMultipageLayout values
-|Member|
-|:|
-|clockwiseFromTopLeft|
-|counterclockwiseFromTopLeft|
-|counterclockwiseFromTopRight|
-|clockwiseFromTopRight|
-|counterclockwiseFromBottomLeft|
-|clockwiseFromBottomLeft|
-|counterclockwiseFromBottomRight|
-|clockwiseFromBottomRight|
-|unknownFutureValue|
+| Member |
+| : |
+| clockwiseFromTopLeft |
+| counterclockwiseFromTopLeft |
+| counterclockwiseFromTopRight |
+| clockwiseFromTopRight |
+| counterclockwiseFromBottomLeft |
+| clockwiseFromBottomLeft |
+| counterclockwiseFromBottomRight |
+| clockwiseFromBottomRight |
+| unknownFutureValue |
### printOrientation values
-|Member|
-|:|
-|portrait|
-|landscape|
-|reverseLandscape|
-|reversePortrait|
-|unknownFutureValue|
+| Member |
+| :-- |
+| portrait |
+| landscape |
+| reverseLandscape |
+| reversePortrait |
+| unknownFutureValue |
### printQuality values
-|Member|
-|:|
-|low|
-|medium|
-|high|
-|unknownFutureValue|
+| Member |
+| :-- |
+| low |
+| medium |
+| high |
+| unknownFutureValue |
### printScaling values
-|Member|
-|:|
-|auto|
-|shrinkToFit|
-|fill|
-|fit|
-|none|
-|unknownFutureValue|
+| Member |
+| :-- |
+| auto |
+| shrinkToFit |
+| fill |
+| fit |
+| none |
+| unknownFutureValue |
### userFlowType values
Possible values for user account types (group membership), per Windows definitio
### identityUserFlowAttributeDataType values
-| Member |
-|:-|
-| string |
-| boolean |
-| int64 |
-| stringCollection |
-| dateTime |
-| unknownFutureValue |
+| Member |
+| :-- |
+| string |
+| boolean |
+| int64 |
+| stringCollection |
+| dateTime |
+| unknownFutureValue |
### identityUserFlowAttributeType values
-| Member |
-|:-|
-| builtIn |
-| custom |
-| required |
-| unknownFutureValue |
+| Member |
+| :-- |
+| builtIn |
+| custom |
+| required |
+| unknownFutureValue |
### identityUserFlowAttributeInputType values
-| Member |
-|:-|
-| textBox |
-| dateTimeDropDown |
-| radioSingleSelect |
-| dropdownSingleSelect |
-| emailBox |
-| checkboxMultiSelect |
+| Member |
+| :- |
+| textBox |
+| dateTimeDropDown |
+| radioSingleSelect |
+| dropdownSingleSelect |
+| emailBox |
+| checkboxMultiSelect |
### teamworkActivityTopicSource values
Possible values for user account types (group membership), per Windows definitio
### provisioningResult values
-|Member|
-|:|
-|success|
-|failure|
-|skipped|
-|warning|
-|unknownFutureValue|
+| Member |
+| :-- |
+| success |
+| failure |
+| skipped |
+| warning |
+| unknownFutureValue |
### provisioningStepType values
-|Member|
-|:|
-|import|
-|scoping|
-|matching|
-|processing|
-|referenceResolution|
-|export|
-|unknownFutureValue|
+| Member |
+| : |
+| import |
+| scoping |
+| matching |
+| processing |
+| referenceResolution |
+| export |
+| unknownFutureValue |
### provisioningStatusErrorCategory values
-|Member|
-|:|
-|failure|
-|nonServiceFailure|
-|success|
-|unknownFutureValue|
+| Member |
+| :-- |
+| failure |
+| nonServiceFailure |
+| success |
+| unknownFutureValue |
### provisioningAction values
-|Member|
-|:|
-|other|
-|create|
-|delete|
-|disable|
-|update|
-|stagedDelete|
-|unknownFutureValue|
+| Member |
+| :-- |
+| other |
+| create |
+| delete |
+| disable |
+| update |
+| stagedDelete |
+| unknownFutureValue |
### initiatorType values
-|Member|
-|:|
-|user|
-|application|
-|system|
-|unknownFutureValue|
+| Member |
+| :-- |
+| user |
+| application |
+| system |
+| unknownFutureValue |
### teamworkApplicationIdentityType values
-|Member|
-|:|
-|aadApplication|
-|bot|
-|tenantBot|
-|office365Connector|
-|outgoingWebhook|
-|unknownFutureValue|
+| Member |
+| :-- |
+| aadApplication |
+| bot |
+| tenantBot |
+| office365Connector |
+| outgoingWebhook |
+| unknownFutureValue |
### teamworkConversationIdentityType values
-|Member|
-|:|
-|team|
-|channel|
-|chat|
-|unknownFutureValue|
+| Member |
+| :-- |
+| team |
+| channel |
+| chat |
+| unknownFutureValue |
### teamworkUserIdentityType values
-|Member|
-|:|
-|aadUser|
-|onPremiseAadUser|
-|anonymousGuest|
-|federatedUser|
-|personalMicrosoftAccountUser|
-|skypeUser|
-|phoneUser|
-|unknownFutureValue|
-|emailUser|
+| Member |
+| : |
+| aadUser |
+| onPremiseAadUser |
+| anonymousGuest |
+| federatedUser |
+| personalMicrosoftAccountUser |
+| skypeUser |
+| phoneUser |
+| unknownFutureValue |
+| emailUser |
### postType values
-|Member|
-|:|
-|regular|
-|quick|
-|strategic|
-|unknownFutureValue|
+| Member |
+| :-- |
+| regular |
+| quick |
+| strategic |
+| unknownFutureValue |
### searchAlterationType values
-| Member |
-|:|
-|modification|
-|suggestion|
+| Member |
+| :-- |
+| modification |
+| suggestion |
### serviceHealthClassificationType values
-|Member|
-|:|
-|advisory|
-|incident|
-|unknownFutureValue|
+| Member |
+| :-- |
+| advisory |
+| incident |
+| unknownFutureValue |
### serviceHealthOrigin values
-|Member|
-|:|
-|microsoft|
-|thirdParty|
-|customer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| microsoft |
+| thirdParty |
+| customer |
+| unknownFutureValue |
### featureTargetType values
-|Member|
-|:|
-|group|
-|administrativeUnit|
-|role|
-|unknownFutureValue|
+| Member |
+| :-- |
+| group |
+| administrativeUnit |
+| role |
+| unknownFutureValue |
### serviceHealthStatus values
-|Member|
-|:|
-|serviceOperational|
-|investigating|
-|restoringService|
-|verifyingService|
-|serviceRestored|
-|postIncidentReviewPublished|
-|serviceDegradation|
-|serviceInterruption|
-|extendedRecovery|
-|falsePositive|
-|investigationSuspended|
-|resolved|
-|mitigatedExternal|
-|mitigated|
-|resolvedExternal|
-|confirmed|
-|reported|
-|unknownFutureValue|
+| Member |
+| :-- |
+| serviceOperational |
+| investigating |
+| restoringService |
+| verifyingService |
+| serviceRestored |
+| postIncidentReviewPublished |
+| serviceDegradation |
+| serviceInterruption |
+| extendedRecovery |
+| falsePositive |
+| investigationSuspended |
+| resolved |
+| mitigatedExternal |
+| mitigated |
+| resolvedExternal |
+| confirmed |
+| reported |
+| unknownFutureValue |
### serviceUpdateCategory values
-|Member|
-|:|
-|preventOrFixIssue|
-|planForChange|
-|stayInformed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| preventOrFixIssue |
+| planForChange |
+| stayInformed |
+| unknownFutureValue |
### serviceUpdateSeverity values
-|Member|
-|:|
-|normal|
-|high|
-|critical|
-|unknownFutureValue|
+| Member |
+| :-- |
+| normal |
+| high |
+| critical |
+| unknownFutureValue |
### subjectRightsRequestStage values
-|Member|
-|:|
-|contentRetrieval|
-|contentReview|
-|generateReport|
-|contentDeletion|
-|caseResolved|
-|unknownFutureValue|
+| Member |
+| :-- |
+| contentRetrieval |
+| contentReview |
+| generateReport |
+| contentDeletion |
+| caseResolved |
+| unknownFutureValue |
### subjectRightsRequestStageStatus values
-|Member|
-|:|
-|notStarted|
-|current|
-|completed|
-|failed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notStarted |
+| current |
+| completed |
+| failed |
+| unknownFutureValue |
### subjectRightsRequestStatus values
-|Member|
-|:|
-|active|
-|closed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| active |
+| closed |
+| unknownFutureValue |
### subjectRightsRequestType values
-|Member|
-|:|
-|export|
-|delete|
-|access|
-|tagForAction|
-|unknownFutureValue|
+| Member |
+| :-- |
+| export |
+| delete |
+| access |
+| tagForAction |
+| unknownFutureValue |
### dataSubjectType values
-|Member|
-|:|
-|customer|
-|currentEmployee|
-|formerEmployee|
-|prospectiveEmployee|
-|student|
-|teacher|
-|faculty|
-|other|
-|unknownFutureValue|
+| Member |
+| : |
+| customer |
+| currentEmployee |
+| formerEmployee |
+| prospectiveEmployee |
+| student |
+| teacher |
+| faculty |
+| other |
+| unknownFutureValue |
### advancedConfigState values
-|Member|
-|:|
-|default|
-|enabled|
-|disabled|
-|unknownFutureValue|
+| Member |
+| :-- |
+| default |
+| enabled |
+| disabled |
+| unknownFutureValue |
### callRecordingStatus values
-|Member|
-|:|
-|success|
-|failure|
-|initial|
-|chunkFinished|
-|unknownFutureValue|
+| Member |
+| :-- |
+| success |
+| failure |
+| initial |
+| chunkFinished |
+| unknownFutureValue |
### payloadDeliveryPlatform values
-|Member|
-|:|
-|unknown|
-|sms|
-|email|
-|teams|
-|unknownFutureValue|
+| Member |
+| :-- |
+| unknown |
+| sms |
+| email |
+| teams |
+| unknownFutureValue |
### trainingStatus values
-|Member|
-|:|
-|unknown|
-|assigned|
-|inProgress|
-|completed|
-|overdue|
-|unknownFutureValue|
+| Member |
+| :-- |
+| unknown |
+| assigned |
+| inProgress |
+| completed |
+| overdue |
+| unknownFutureValue |
### teamworkCallEventType values
-|Member|
-|:|
-|call|
-|meeting|
-|screenShare|
-|unknownFutureValue|
+| Member |
+| :-- |
+| call |
+| meeting |
+| screenShare |
+| unknownFutureValue |
### bookingReminderRecipients values
-|Member|
-|:|
-|allAttendees|
-|staff|
-|customer|
-|unknownFutureValue|
+| Member |
+| :-- |
+| allAttendees |
+| staff |
+| customer |
+| unknownFutureValue |
### bookingStaffRole values
-|Member|
-|:|
-|guest|
-|administrator|
-|viewer|
-|externalGuest|
-|unknownFutureValue|
-|scheduler|
-|teamMember|
+| Member |
+| :-- |
+| guest |
+| administrator |
+| viewer |
+| externalGuest |
+| unknownFutureValue |
+| scheduler |
+| teamMember |
### answerInputType values
-|Member|
-|:|
-|text|
-|radioButton|
-|unknownFutureValue|
+| Member |
+| :-- |
+| text |
+| radioButton |
+| unknownFutureValue |
### bookingPriceType values
-|Member|
-|:|
-|undefined|
-|fixedPrice|
-|startingAt|
-|hourly|
-|free|
-|priceVaries|
-|callUs|
-|notSet|
-|unknownFutureValue|
+| Member |
+| :-- |
+| undefined |
+| fixedPrice |
+| startingAt |
+| hourly |
+| free |
+| priceVaries |
+| callUs |
+| notSet |
+| unknownFutureValue |
### accessReviewHistoryStatus values
-| Member|
-|:--|
-|done|
-|inprogress|
-|error|
-|requested|
-|unknownFutureValue|
+| Member |
+| :-- |
+| done |
+| inprogress |
+| error |
+| requested |
+| unknownFutureValue |
### accessReviewHistoryDecisionFilter values
-| Member|
-|:--|
-|approve|
-|deny|
-|notReviewed|
-|dontKnow|
-|notNotified|
-|unknownFutureValue|
+| Member |
+| :-- |
+| approve |
+| deny |
+| notReviewed |
+| dontKnow |
+| notNotified |
+| unknownFutureValue |
### authenticationProtocol values
-|Member|
-|:|
-|wsFed|
-|saml|
+| Member |
+| :-- |
+| wsFed |
+| saml |
### longRunningOperationStatus values
-| Member|
-|:--|
-|notStarted|
-|running|
-|succeeded|
-|failed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| notStarted |
+| running |
+| succeeded |
+| failed |
+| unknownFutureValue |
### delegatedAdminAccessAssignmentStatus values
-|Member|
-|:|
-|pending|
-|active|
-|deleting|
-|deleted|
-|error|
-|unknownFutureValue|
+| Member |
+| :-- |
+| pending |
+| active |
+| deleting |
+| deleted |
+| error |
+| unknownFutureValue |
### delegatedAdminAccessContainerType values
-|Member|
-|:|
-|securityGroup|
-|unknownFutureValue|
+| Member |
+| :-- |
+| securityGroup |
+| unknownFutureValue |
### delegatedAdminRelationshipOperationType values
-|Member|
-|:|
-|delegatedAdminAccessAssignmentUpdate|
-|unknownFutureValue|
+| Member |
+| :-- |
+| delegatedAdminAccessAssignmentUpdate |
+| unknownFutureValue |
### delegatedAdminRelationshipRequestAction values
-|Member|
-|:|
-|lockForApproval|
-|terminate|
-|unknownFutureValue|
+| Member |
+| :-- |
+| lockForApproval |
+| terminate |
+| unknownFutureValue |
### delegatedAdminRelationshipRequestStatus values
-|Member|
-|:|
-|created|
-|pending|
-|succeeded|
-|failed|
-|unknownFutureValue|
+| Member |
+| :-- |
+| created |
+| pending |
+| succeeded |
+| failed |
+| unknownFutureValue |
### delegatedAdminRelationshipStatus values
-|Member|
-|:|
-|activating|
-|active|
-|approvalPending|
-|approved|
-|created|
-|expired|
-|expiring|
-|terminated|
-|terminating|
-|terminationRequested|
-|unknownFutureValue|
+| Member |
+| :- |
+| activating |
+| active |
+| approvalPending |
+| approved |
+| created |
+| expired |
+| expiring |
+| terminated |
+| terminating |
+| terminationRequested |
+| unknownFutureValue |
### onPremisesDirectorySynchronizationDeletionPreventionType values
-|Member|
-|:--|
-|disabled|
-|enabledForCount|
-|enabledForPercentage|
+| Member |
+| :- |
+| disabled |
+| enabledForCount |
+| enabledForPercentage |
### searchContent values
+| Member |
+| :-- |
+| sharedContent |
+| privateContent |
+| unknownFutureValue |
+
+### authenticationMethodsPolicyMigrationState values
+ |Member|
-|:|
-|sharedContent|
-|privateContent|
+|:--|
+|premigration|
+|migrationInProgress|
+|migrationComplete|
|unknownFutureValue|+
v1.0 Excel https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/excel.md
Title: "Working with Excel in Microsoft Graph" description: "You can use Microsoft Graph to allow web and mobile applications to read and modify Excel workbooks stored in OneDrive for Business, SharePoint site or Group drive." ms.localizationpriority: high-+ ms.prod: "excel" doc_type: conceptualPageType
v1.0 Fido2authenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/fido2authenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a FIDO2 authentication methods policy. Authentication methods policies define configuration settings and users or groups who are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description|
Represents a FIDO2 authentication methods policy. Authentication methods policie
## Properties |Property|Type|Description| |:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|id|String|The authentication method policy identifier.| |isAttestationEnforced|Boolean|Determines whether attestation must be enforced for FIDO2 security key registration.| |isSelfServiceRegistrationAllowed|Boolean|Determines if users can register new FIDO2 security keys.|
The following is a JSON representation of the resource.
"keyRestrictions": { "@odata.type": "microsoft.graph.fido2KeyRestrictions" },
- "state": "String"
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ]
} ```
v1.0 Keycredentialconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/keycredentialconfiguration.md
+
+ Title: "keyCredentialConfiguration resource type"
+description: "Key credential configuration complex type to configure key credential restriction, maxLifetime, and enforcement date"
+ms.localizationpriority: medium
+++
+# keyCredentialConfiguration resource type
+
+Namespace: microsoft.graph
+
+Key credential configuration object that contains properties to configure restrictions such as restricting the lifetime of key secrets.
+
+## Properties
+
+| Property | Type | Description |
+| :- | : | :-- |
+| restrictionType | appKeyCredentialRestrictionType | The type of restriction being applied. Possible values are `asymmetricKeyLifetime`, `unknownFutureValue`. Each value of restrictionType can be used only once per policy. |
+| maxLifeTime | Duration |Value that can be used as the maximum duration in days, hours, minutes, or seconds from the date of key creation, for which the key is valid. Defined in ISO 8601 format for Durations. For example, `P4DT12H30M5S` represents a duration of four days, twelve hours, thirty minutes, and five seconds. This property is required when **restrictionType** is set to `keyLifetime`. |
+| restrictForAppsCreatedAfterDateTime | DateTimeOffset | Timestamp when the policy is enforced for all apps created on or after the specified date. For existing applications, the enforcement date would be back dated. To apply to all applications regardless of their creation date, this property would be `null`. Nullable. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.keyCredentialConfiguration"
+}
+-->
+
+```json
+{
+ "@odata.type": "#microsoft.graph.keyCredentialConfiguration",
+ "restrictionType": {
+ "@odata.type": "microsoft.graph.appKeyCredentialRestrictionType"
+ },
+ "maxLifetime": "String (duration)",
+ "restrictForAppsCreatedAfterDateTime": "DateTimeOffset"
+}
+```
v1.0 Microsoftauthenticatorauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/microsoftauthenticatorauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a Microsoft Authenticator authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description| |:|:|:|
Represents a Microsoft Authenticator authentication methods policy. Authenticati
## Properties |Property|Type|Description| |:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|id|String|The authentication method policy identifier.| |featureSettings|[microsoftAuthenticatorFeatureSettings](../resources/microsoftauthenticatorfeaturesettings.md)|A collection of Microsoft Authenticator settings such as application context and location context, and whether they are enabled for all users or specific users only.| |state|authenticationMethodState|Possible values are: `enabled`, `disabled`.|
The following is a JSON representation of the resource.
{ "@odata.type": "#microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration", "id": "String (identifier)",
- "state": "String"
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ],
+ "featureSettings": {
+ "@odata.type": "microsoft.graph.microsoftAuthenticatorFeatureSettings"
+ }
} ```
v1.0 Passwordcredentialconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/passwordcredentialconfiguration.md
+
+ Title: "passwordCredentialConfiguration resource type"
+description: "Password credential configuration complex type to configure password credential restriction, maxLifetime, and enforcement date"
+
+ms.localizationpriority: medium
++
+# passwordCredentialConfiguration resource type
+
+Namespace: microsoft.graph
+
+Password credential configuration object that contains properties to configure restrictions such as blocking or restricting lifetimes of password secrets.
+
+## Properties
+
+| Property | Type | Description |
+| :- | : | : |
+| restrictionType | appCredentialRestrictionType | The type of restriction being applied. The possible values are: `passwordAddition`, `passwordLifetime`, `symmetricKeyAddition`, `symmetricKeyLifetime`,`customPasswordAddition`, `unknownFutureValue`. Each value of restrictionType can be used only once per policy. |
+| maxLifeTime | Duration | Value that can be used as the maximum number for setting password expiration time in days, hours, minutes or seconds. Defined in ISO 8601 format for Durations. For example, "P4DT12H30M5S" represents a duration of four days, twelve hours, thirty minutes, and five seconds. This property is required when restriction type is set to `passwordLifetime`. |
+| restrictForAppsCreatedAfterDateTime | DateTimeOffset | Enforces the policy for an app created on or after the enforcement date. For existing applications, the enforcement date would be back dated. To apply to all applications, enforcement datetime would be `null`. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "@odata.type": "microsoft.graph.passwordCredentialConfiguration"
+}
+-->
+
+```json
+{
+ "@odata.type": "#microsoft.graph.passwordCredentialConfiguration",
+ "restrictionType": {
+ "@odata.type": "microsoft.graph.appCredentialRestrictionType"
+ },
+ "maxLifetime": "String (duration)",
+ "restrictForAppsCreatedAfterDateTime": "DateTimeOffset"
+}
+```
v1.0 Policyroot https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/policyroot.md
None
|:|:-|:| | activityBasedTimeoutPolicies | [activityBasedTimeoutPolicy](activitybasedtimeoutpolicy.md) collection | The policy that controls the idle time out for web sessions for applications. | | adminConsentRequestPolicy | [adminConsentRequestPolicy](adminconsentrequestpolicy.md) | The policy by which consent requests are created and managed for the entire tenant. |
+| appManagementPolicies | [appManagementPolicy](appmanagementpolicy.md) collection | The policies that enforce app management restrictions for specific applications and service principals, overriding the defaultAppManagementPolicy. |
| authenticationFlowsPolicy | [authenticationFlowsPolicy](authenticationflowspolicy.md) | The policy configuration of the self-service sign-up experience of external users. | | authenticationMethodsPolicy | [authenticationMethodsPolicy](authenticationmethodspolicy.md) | The authentication methods and the users that are allowed to use them to sign in and perform multi-factor authentication (MFA) in Azure Active Directory (Azure AD). | | authorizationPolicy | [authorizationPolicy](authorizationpolicy.md) collection | The policy that controls Azure AD authorization settings. | | claimsMappingPolicies | [claimsMappingPolicy](claimsmappingpolicy.md) collection | The claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Connect protocols, for tokens issued to a specific application. | | conditionalAccessPolicies | [conditionalAccessPolicy](conditionalaccesspolicy.md) | The custom rules that define an access scenario. | | crossTenantAccessPolicy | [crossTenantAccessPolicy](crosstenantaccesspolicy.md) | The custom rules that define an access scenario when interacting with external Azure AD tenants. |
+| defaultAppManagementPolicy | [tenantAppManagementPolicy](tenantappmanagementpolicy.md) | The tenant-wide policy that enforces app management restrictions for all applications and service principals. |
| featureRolloutPolicies | [featureRolloutPolicy](featurerolloutpolicy.md) collection | The feature rollout policy associated with a directory object. | | homeRealmDiscoveryPolicies | [homeRealmDiscoveryPolicy](homerealmdiscoverypolicy.md) collection | The policy to control Azure AD authentication behavior for federated users. | | identitySecurityDefaultsEnforcementPolicy | [identitySecurityDefaultsEnforcementPolicy](identitysecuritydefaultsenforcementpolicy.md) | The policy that represents the security defaults that protect against common attacks. |
v1.0 Quota https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/quota.md
Title: quota ms.localizationpriority: medium
-description: "The quota resource provides details about space constrains on a drive resource."
+description: "The quota resource provides details about space constraints on a drive resource."
ms.prod: files doc_type: resourcePageType
doc_type: resourcePageType
Namespace: microsoft.graph
-The **quota** resource provides details about space constrains on a [drive](drive.md) resource.
+The **quota** resource provides details about space constraints on a [drive](drive.md) resource. In OneDrive Personal, the values reflect the total/used unified storage quota across multiple Microsoft services.
## JSON representation
v1.0 Security Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/security-api-overview.md
Alerts from the following providers are available via this **alert** resource. S
| Security provider | <p align="center">GET alert</p>| <p align="center">PATCH alert</p>| <p align="center">Subscribe to alert</p>| |:|:|:--|:|
-|[Azure Active Directory Identity Protection](/azure/active-directory/identity-protection/playbook) ****| <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> |
+|[Azure Active Directory Identity Protection](/azure/active-directory/identity-protection/playbook) | <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> |
|Microsoft 365 <ul><li> [Default](/office365/securitycompliance/alert-policies#default-alert-policies)</li> <li>[Cloud App Security](/office365/securitycompliance/anomaly-detection-policies-in-ocas)</li><li>Custom Alert</li></ul> | <p align="center">&#x2713;</p> | <p align="center"> [File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) </p> | <p align="center"> [File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) </p> | | [Microsoft Defender for Cloud Apps](/cloud-app-security/monitor-alerts) | <p align="center">&#x2713;</p> | <p align="center">[File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) *</p> | <p align="center">&#x2713;</p> | |[Microsoft Defender for Endpoint](/windows/security/threat-protection/microsoft-defender-atp/attack-simulations) **| <p align="center">&#x2713;</p> | <p align="center">&#x2713;</p> | <p align="center"> [File issue](https://github.com/microsoftgraph/security-api-solutions/issues/new) </p> |
Alerts from the following providers are available via this **alert** resource. S
\*\*\* Microsoft Defender for Identity alerts are available via the Microsoft Defender for Cloud Apps integration. This means you will get Microsoft Defender for Identity alerts only if you have joined Unified SecOps and connected Microsoft Defender for Identity into Microsoft Defender for Cloud Apps. Learn more about [how to integrate Microsoft Defender for Identity and Microsoft Defender for Cloud Apps](/defender-for-identity/mcas-integration).
-\*\*\*\* Azure AD Identity Protection alerts only include user object IDs. The **userPrincipalName** (UPN) property is not included in GET request responses. This issue does not impact any of the other providers. For details and a workaround, see [Known issues](/graph/known-issues#upn-missing-in-identity-protection-security-alerts).
- ## Attack simulation and training [Attack simulation and training](/microsoft-365/security/office-365-security/attack-simulation-training) is part of [Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/defender-for-office-365?view=o365-worldwide&preserve-view=true). This service lets users in a tenant experience a realistic benign phishing attack and learn from it. Social engineering simulation and training experiences for end users help reduce the risk of users being breached via those attack techniques. The attack simulation and training API enables tenant administrators to view launched [simulation](simulation.md) exercises and trainings, and get [reports](report-m365defender-reports-overview.md) on derived insights into online behaviors of users in the phishing simulations.
v1.0 Service Communications Api Overview https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/service-communications-api-overview.md
For more information about access tokens, app registration, and delegated and ap
Delegated permissions are needed to access the service communications API on behalf of a signed-in user. Customer-facing canvas applications, such as the [Microsoft 365 admin center](https://admin.microsoft.com/Adminportal/Home?source=applauncher#/homepage) (accessible only to admin roles), can call the service communications API to get the service health and service announcements data for the signed-in user's tenant, _on behalf of the signed-in user_. Users can find out whether their subscribed servies are healthy or have issues. They can also learn about any current service issues affecting their tenants.
+#### Role-based access control for delegation access
+
+Service communications API also apply the role-based access control (RBAC) to identify whether the signed-in user who is on-behalf has required Azure Active Directory (AAD) role. The signed-in user who is on-behalf of must have at least one of the admin roles.
+
+For more information about the AAD administrator roles, see:
+* [About admin roles in the Microsoft 365 admin center](/microsoft-365/admin/add-users/about-admin-roles)
+* [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference)
+* [Roles in Microsoft 365, including Azure AD, service-specific and cross-service roles](/azure/active-directory/roles/concept-understand-roles#how-azure-ad-roles-are-different-from-other-microsoft-365-roles)
++ ### Access service communications API without user Application permissions are needed to access the service communications API without a signed-in user. Applications that run as backend services, such as monitoring or alert services, can call the service communications API with their own identity and not on behalf of a user. These backend services can build custom monitoring/alert pipelines and call the service communications API to get service health and service announcements data.
The service communications API is available on Microsoft Graph national clouds.
|Microsoft Graph global service| https://graph.microsoft.com/v1.0/admin/serviceAnnouncement/| |Microsoft Graph for US Government L4 (GccHigh)|https://graph.microsoft.us/v1.0/admin/serviceAnnouncement/| |Microsoft Graph for US Government L5 (DoD)|https://dod-graph.microsoft.us/v1.0/admin/serviceAnnouncement/|
-|Microsoft Graph Germany|https://graph.microsoft.de/v1.0/admin/serviceAnnouncement/|
|Microsoft Graph China operated by 21Vianet|https://microsoftgraph.chinacloudapi.cn/v1.0/admin/serviceAnnouncement/| For details about national cloud availability, see [Microsoft Graph national clouds](/graph/deployments).
v1.0 Serviceprincipal https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/serviceprincipal.md
This resource supports using [delta query](/graph/delta-query-overview) to track
| Relationship | Type |Description| |:|:--|:-|
+|appManagementPolicies|[appManagementPolicy](../resources/appManagementPolicy.md) collection| The appManagementPolicy applied to this application.|
|appRoleAssignedTo|[appRoleAssignment](approleassignment.md)|App role assignments for this app or service, granted to users, groups, and other service principals. Supports `$expand`.| |appRoleAssignments|[appRoleAssignment](approleassignment.md) collection|App role assignment for another app or service, granted to this service principal. Supports `$expand`.| |claimsMappingPolicies|[claimsMappingPolicy](claimsmappingpolicy.md) collection|The claimsMappingPolicies assigned to this service principal. Supports `$expand`.|
v1.0 Smsauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/smsauthenticationmethodconfiguration.md
+
+ Title: "smsAuthenticationMethodConfiguration resource type"
+description: "Represents a text message authentication methods policy."
+
+ms.localizationpriority: medium
++
+# smsAuthenticationMethodConfiguration resource type
+
+Namespace: microsoft.graph
+
+Represents a text message authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[Get](../api/smsauthenticationmethodconfiguration-get.md)|[smsAuthenticationMethodConfiguration](../resources/smsauthenticationmethodconfiguration.md)|Read the properties and relationships of a smsAuthenticationMethodConfiguration object.|
+|[Update](../api/smsauthenticationmethodconfiguration-update.md)|None|Update the properties of a smsAuthenticationMethodConfiguration object.|
+|[Delete](../api/smsauthenticationmethodconfiguration-delete.md)|None|Reverts the smsAuthenticationMethodConfiguration object to its default configuration.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|id|String|The authentication method policy identifier.|
+|state|authenticationMethodState|Possible values are: `enabled`, `disabled`.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|includeTargets|[smsAuthenticationMethodTarget](../resources/smsauthenticationmethodtarget.md) collection|A collection of groups that are enabled to use the authentication method.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.smsAuthenticationMethodConfiguration",
+ "baseType": "microsoft.graph.authenticationMethodConfiguration",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.smsAuthenticationMethodConfiguration",
+ "id": "String (identifier)",
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ]
+}
+```
+
v1.0 Smsauthenticationmethodtarget https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/smsauthenticationmethodtarget.md
+
+ Title: "smsAuthenticationMethodTarget resource type"
+description: "A collection of groups enabled to use the text message authentication methods policy."
+
+ms.localizationpriority: medium
++
+# smsAuthenticationMethodTarget resource type
+Namespace: microsoft.graph
+
+A collection of groups enabled to use the [text message authentication methods policy](../resources/smsAuthenticationMethodConfiguration.md) in Azure AD.
+
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Object ID of an Azure AD user or group.|
+|isRegistrationRequired|Boolean|Determines whether the user is enforced to register the authentication method. **Not supported**.|
+|isUsableForSignIn|Boolean|Determines if users can use this authentication method to sign in to Azure AD. `true` if users can use this method for primary authentication, otherwise `false`.|
+|targetType|authenticationMethodTargetType|Possible values are: `user`, `group`, and `unknownFutureValue`. From December 2022, targeting individual users using `user` is no longer recommended. Existing targets will remain but we recommend to move the individual users to a targeted group. Inherited from [authenticationMethodTarget](authenticationMethodTarget.md).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.smsAuthenticationMethodTarget",
+ "baseType": "microsoft.graph.authenticationMethodTarget",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.smsAuthenticationMethodTarget",
+ "id": "String (identifier)",
+ "targetType": "String",
+ "isRegistrationRequired": "Boolean",
+ "isUsableForSignIn": "Boolean"
+}
+```
+
v1.0 Softwareoathauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/softwareoathauthenticationmethodconfiguration.md
+
+ Title: "softwareOathAuthenticationMethodConfiguration resource type"
+description: "Represents the authentication policy for a third-party software OATH authentication method."
+
+ms.localizationpriority: medium
++
+# softwareOathAuthenticationMethodConfiguration resource type
+
+Namespace: microsoft.graph
+
+Represents the authentication policy for a third-party software OATH authentication method. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
++
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[Get softwareOathAuthenticationMethodConfiguration](../api/softwareoathauthenticationmethodconfiguration-get.md)|[softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md)|Read the properties and relationships of a [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object.|
+|[Update softwareOathAuthenticationMethodConfiguration](../api/softwareoathauthenticationmethodconfiguration-update.md)|None|Update the properties of a [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object.|
+|[Delete softwareOathAuthenticationMethodConfiguration](../api/softwareoathauthenticationmethodconfiguration-delete.md)|None|Reverts the [softwareOathAuthenticationMethodConfiguration](../resources/softwareoathauthenticationmethodconfiguration.md) object to its default configuration.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|id|String|The authentication method policy identifier.|
+|state|authenticationMethodState|Represents whether users can register this authentication method. The possible values are: `enabled`, `disabled`.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|includeTargets|[authenticationMethodTarget](../resources/authenticationmethodtarget.md) collection| A collection of groups that are enabled to use the authentication method. Expanded by default.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.softwareOathAuthenticationMethodConfiguration",
+ "baseType": "microsoft.graph.authenticationMethodConfiguration",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.softwareOathAuthenticationMethodConfiguration",
+ "id": "String (identifier)",
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ]
+}
+```
+
v1.0 Subscription https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/subscription.md
For the possible resource path values for each supported resource, see [Use the
| **presence** | 60 minutes (1 hour) | | Print **printer** | 4230 minutes (under 3 days) | | Print **printTaskDefinition** | 4230 minutes (under 3 days) |
-| **todoTask** | 4230 minutes (under 3 days) |
+| **todoTask** | 4230 minutes (under 3 days)<br/><br/>**Note:** Webhooks for this resources are only available in the worldwide endpoint and no other national clouds. |
Here is a JSON representation of the resource.
"notificationQueryOptions": "String", "notificationUrlAppId": "String" }
-```
+```
v1.0 Teamworktag https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/teamworktag.md
Inherits from [entity](../resources/entity.md).
## Properties |Property|Type|Description| |:|:|:|
-|description|String|The description of the tag as it will appear to the user in Microsoft Teams.|
+|description|String|The description of the tag as it will appear to the user in Microsoft Teams. A **teamworkTag** can't have more than 200 **teamworkTagMembers**.|
|displayName|String|The name of the tag as it will appear to the user in Microsoft Teams.| |id|String|The unique identifier for the tag. Inherited from [entity](../resources/entity.md).| |memberCount|Int32|The number of users assigned to the tag.|
The following is a JSON representation of the resource.
``` ## See also-- [teamworkTagMember](../resources/teamworktagmember.md)
+- [teamworkTagMember](../resources/teamworktagmember.md)
v1.0 Temporaryaccesspassauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/temporaryaccesspassauthenticationmethodconfiguration.md
Namespace: microsoft.graph
Represents a Temporary Access Pass authentication methods policy that defines the configuration settings and users or groups who are enabled to use the [Temporary Access Pass authentication method](temporaryaccesspassauthenticationmethod.md).
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+ ## Methods |Method|Return type|Description| |:|:|:|
Represents a Temporary Access Pass authentication methods policy that defines th
|:|:|:| |defaultLength|Int|Default length in characters of a Temporary Access Pass object. Must be between 8 and 48 characters.| |defaultLifetimeInMinutes|Int|Default lifetime in minutes for a Temporary Access Pass. Value can be any integer between the **minimumLifetimeInMinutes** and **maximumLifetimeInMinutes**.|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|id|String|The identifier of the authentication method policy. Inherited from [entity](entity.md).| |isUsableOnce|Boolean |If `true`, all the passes in the tenant will be restricted to one-time use. If `false`, passes in the tenant can be created to be either one-time use or reusable.| |maximumLifetimeInMinutes|Int|Maximum lifetime in minutes for any Temporary Access Pass created in the tenant. Value can be between 10 and 43200 minutes (equivalent to 30 days).|
The following is a JSON representation of the resource.
"@odata.type": "#microsoft.graph.temporaryAccessPassAuthenticationMethodConfiguration", "id": "String (identifier)", "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ],
"defaultLifetimeInMinutes": "Integer", "defaultLength": "Integer", "minimumLifetimeInMinutes": "Integer",
v1.0 Tenantappmanagementpolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/tenantAppManagementPolicy.md
+
+ Title: "tenantAppManagementPolicy resource type"
+description: "Tenant-wide application authentication method policy to enforce app management restrictions for all applications and service principals."
+
+ms.localizationpriority: medium
++
+# tenantAppManagementPolicy resource type
+
+Namespace: microsoft.graph
+
+Tenant-wide application authentication method policy to enforce app management restrictions for all applications and service principals. This policy applies to all apps and service principals unless overridden when an [appManagementPolicy](../resources/appmanagementpolicy.md) is applied to the object.
+
+Inherits from [policyBase](policybase.md).
+
+## Methods
+
+| Method | Return type | Description |
+| : | : | :- |
+| [Get](../api/tenantAppManagementPolicy-get.md) | [tenantAppManagementPolicy](../resources/tenantAppManagementPolicy.md) | Read the properties of the default app management policy set for applications and service principals. |
+| [Update](../api/tenantAppManagementPolicy-update.md) | None | Updates the default app management policy for applications and service principals. |
+
+## Properties
+
+| Property | Type | Description |
+| : | :-- | :- |
+| applicationRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all application objects in the tenant. |
+| description | String | The description of the default policy. Inherited from [policyBase](policybase.md). |
+| displayName | String | The display name of the default policy. Inherited from [policyBase](policybase.md). |
+| id | String | The default policy identifier. |
+| isEnabled | Boolean | Denotes whether the policy is enabled. Default value is `false`. |
+| servicePrincipalRestrictions | [appManagementConfiguration](../resources/appManagementConfiguration.md) | Restrictions that apply as default to all service principal objects in the tenant. |
+
+## Relationships
+
+None.
+
+## JSON representation
+
+The following is a JSON representation of the resource.
+
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.tenantAppManagementPolicy",
+ "baseType": "microsoft.graph.policyBase",
+ "openType": false
+}
+-->
+
+```json
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#policies/defaultAppManagementPolicy",
+ "id": "string (identifier)",
+ "description": "string",
+ "displayName": "string",
+ "isEnabled": false,
+ "applicationRestrictions": {
+ "@odata.type":"microsoft.graph.appManagementConfiguration"
+ },
+ "servicePrincipalRestrictions": {
+ "@odata.type":"microsoft.graph.appManagementConfiguration"
+ }
+}
+```
v1.0 Tokenlifetimepolicy https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/tokenlifetimepolicy.md
Inherits from [stsPolicy](stsPolicy.md).
| [Update tokenLifetimePolicy](../api/tokenlifetimepolicy-update.md) | None | Update a tokenLifetimePolicy object. | | [Delete tokenLifetimePolicy](../api/tokenlifetimepolicy-delete.md) | None | Delete a tokenLifetimePolicy object. | | [List appliesTo](../api/tokenlifetimepolicy-list-appliesto.md) | [directoryObject](directoryobject.md) collection | Get the list of directoryObjects that this policy has been applied to. |
+| [Assign tokenLifetimePolicy](../api/application-post-tokenlifetimepolicies.md) | None | Assign a tokenLifetimePolicy object to an [application](application.md) or [servicePrincipal](serviceprincipal.md) object. |
+| [List assigned tokenLifetimePolicy](../api/application-list-tokenlifetimepolicies.md) | [tokenLifetimePolicy](tokenlifetimepolicy.md) collection | List the tokenLifetimePolicy objects that are assigned to an [application](application.md) or [servicePrincipal](serviceprincipal.md) object. |
+| [Remove tokenLifetimePolicy](../api/application-delete-tokenlifetimepolicies.md) | None | Remove a tokenLifetimePolicy object from an [application](application.md) or [servicePrincipal](serviceprincipal.md) object. |
## Properties
Inherits from [stsPolicy](stsPolicy.md).
|id|String| Unique identifier for this policy. Read-only.| |isOrganizationDefault|Boolean|If set to `true`, activates this policy. There can be many policies for the same policy type, but only one can be activated as the organization default. Optional, default value is `false`.| - ### Properties of a token lifetime policy definition+ The properties below form the JSON object that represents a token lifetime policy. This JSON object must be **converted to a string with quotations escaped** to be inserted into the **definition** property. An example is shown below in JSON format: <!-- {
v1.0 Voiceauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/voiceauthenticationmethodconfiguration.md
+
+ Title: "voiceAuthenticationMethodConfiguration resource type"
+description: "Represents a voice call authenticaiton methods policy"
+
+ms.localizationpriority: medium
++
+# voiceAuthenticationMethodConfiguration resource type
+
+Namespace: microsoft.graph
+
+Represents a voice call authentication methods policy. Authentication methods policies define configuration settings and users or groups that are enabled to use the authentication method.
+
+Inherits from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).
+
+## Methods
+|Method|Return type|Description|
+|:|:|:|
+|[Get voiceAuthenticationMethodConfiguration](../api/voiceauthenticationmethodconfiguration-get.md)|[voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md)|Read the properties and relationships of a [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object.|
+|[Update voiceAuthenticationMethodConfiguration](../api/voiceauthenticationmethodconfiguration-update.md)|None|Update the properties of a [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object.|
+|[Delete voiceAuthenticationMethodConfiguration](../api/voiceauthenticationmethodconfiguration-delete.md)|None|Revert the [voiceAuthenticationMethodConfiguration](../resources/voiceauthenticationmethodconfiguration.md) object to its default configuration.|
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
+|id|String|The authentication method policy identifier.|
+|isOfficePhoneAllowed|Boolean|`true` if users can register office phones, otherwise, `false`. |
+|state|authenticationMethodState|Represents whether users can register this authentication method. The possible values are: `enabled`, `disabled`.|
+
+## Relationships
+|Relationship|Type|Description|
+|:|:|:|
+|includeTargets|[voiceAuthenticationMethodTarget](../resources/voiceauthenticationmethodtarget.md) collection|A collection of groups that are enabled to use the authentication method. Expanded by default.|
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.voiceAuthenticationMethodConfiguration",
+ "baseType": "microsoft.graph.authenticationMethodConfiguration",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.voiceAuthenticationMethodConfiguration",
+ "id": "String (identifier)",
+ "state": "String",
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
+ ],
+ "isOfficePhoneAllowed": "Boolean"
+}
+```
+
v1.0 Voiceauthenticationmethodtarget https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/voiceauthenticationmethodtarget.md
+
+ Title: "voiceAuthenticationMethodTarget resource type"
+description: "A collection of groups enabled to use voice call authentication method via policy."
+
+ms.localizationpriority: medium
++
+# voiceAuthenticationMethodTarget resource type
+
+Namespace: microsoft.graph
+
+A collection of groups enabled to use voice call authentication via the [voice call authentication methods policy](../resources/voiceAuthenticationMethodConfiguration.md) in Azure AD.
+
+## Properties
+|Property|Type|Description|
+|:|:|:|
+|id|String|Object ID of an Azure AD group.|
+|isRegistrationRequired|Boolean|Determines whether the user is enforced to register the authentication method. **Not supported**.|
+|targetType|authenticationMethodTargetType|Possible values are: `group`, and `unknownFutureValue`. From December 2022, targeting individual users using `user` is no longer recommended. Existing targets will remain but we recommend to move the individual users to a targeted group. Inherited from [authenticationMethodTarget](authenticationMethodTarget.md).|
+
+## Relationships
+None.
+
+## JSON representation
+The following is a JSON representation of the resource.
+<!-- {
+ "blockType": "resource",
+ "keyProperty": "id",
+ "@odata.type": "microsoft.graph.voiceAuthenticationMethodTarget",
+ "baseType": "microsoft.graph.authenticationMethodTarget",
+ "openType": false
+}
+-->
+``` json
+{
+ "@odata.type": "#microsoft.graph.voiceAuthenticationMethodTarget",
+ "id": "String (identifier)",
+ "targetType": "String",
+ "isRegistrationRequired": "Boolean"
+}
+```
+
v1.0 X509certificateauthenticationmethodconfiguration https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/resources/x509certificateauthenticationmethodconfiguration.md
Inherits from [authenticationMethodConfiguration](../resources/authenticationmet
|:|:|:| |authenticationModeConfiguration|[x509CertificateAuthenticationModeConfiguration](../resources/x509certificateauthenticationmodeconfiguration.md)|Defines strong authentication configurations. This configuration includes the default authentication mode and the different rules for strong authentication bindings. | |certificateUserBindings|[x509CertificateUserBinding](../resources/x509certificateuserbinding.md) collection|Defines fields in the X.509 certificate that map to attributes of the Azure AD user object in order to bind the certificate to the user. The **priority** of the object determines the order in which the binding is carried out. The first binding that matches will be used and the rest ignored. |
+|excludeTargets|[excludeTarget](../resources/excludetarget.md) collection|Groups of users that are excluded from the policy.|
|id|String|The identifier for the authentication method policy. The value is always `X509Certificate`. Inherited from |state|authenticationMethodState|The possible values are: `enabled`, `disabled`. Inherited from [authenticationMethodConfiguration](../resources/authenticationmethodconfiguration.md).|
The following is a JSON representation of the resource.
{ "@odata.type": "microsoft.graph.x509CertificateUserBinding" }
+ ],
+ "excludeTargets": [
+ {
+ "@odata.type": "microsoft.graph.excludeTarget"
+ }
], "id": "String (identifier)", "state": "String"
v1.0 Toc.Yml https://github.com/microsoftgraph/microsoft-graph-docs/commits/main/api-reference/v1.0/toc.yml a/api-reference/v1.0/toc.yml
items:
- name: Overview displayName: Azure AD, Microsoft identity platform, Identity and access href: resources/azure-ad-overview.md
- - name: Customer relationship management
- items:
- - name: Granular delegated admin privileges
- items:
- - name: Overview
- displayName: GDAP, Partner Center, CSP, VAR
- href: resources/delegatedadminrelationships-api-overview.md
- - name: Delegated admin relationships
- href: resources/delegatedadminrelationship.md
- items:
- - name: Create
- href: api/tenantrelationship-post-delegatedadminrelationships.md
- - name: List
- href: api/tenantrelationship-list-delegatedadminrelationships.md
- - name: Get
- href: api/delegatedadminrelationship-get.md
- - name: Update
- href: api/delegatedadminrelationship-update.md
- - name: Delete
- href: api/delegatedadminrelationship-delete.md
- - name: Delegated admin access assignments
- href: resources/delegatedadminaccessassignment.md
- items:
- - name: Create
- href: api/delegatedadminrelationship-post-accessassignments.md
- - name: List
- href: api/delegatedadminrelationship-list-accessassignments.md
- - name: Get
- href: api/delegatedadminaccessassignment-get.md
- - name: Update
- href: api/delegatedadminaccessassignment-update.md
- - name: Delete
- href: api/delegatedadminaccessassignment-delete.md
- - name: Delegated admin relationship requests
- href: resources/delegatedadminrelationshiprequest.md
- items:
- - name: Create
- href: api/delegatedadminrelationship-post-requests.md
- - name: List
- href: api/delegatedadminrelationship-list-requests.md
- - name: Get
- href: api/delegatedadminrelationshiprequest-get.md
- - name: Delegated admin relationship operations
- href: resources/delegatedadminrelationshipoperation.md
- items:
- - name: List
- href: api/delegatedadminrelationship-list-operations.md
- - name: Get
- href: api/delegatedadminrelationshipoperation-get.md
- - name: Delegated admin customer
- href: resources/delegatedadmincustomer.md
- items:
- - name: List
- href: api/tenantrelationship-list-delegatedadmincustomers.md
- - name: Get
- href: api/delegatedadmincustomer-get.md
- - name: Service management details
- href: resources/delegatedadminservicemanagementdetail.md
- items:
- - name: List
- href: api/delegatedadmincustomer-list-servicemanagementdetails.md
- name: Directory management items: - name: Administrative unit
items:
href: api/onpremisesdirectorysynchronization-get.md - name: Update href: api/onpremisesdirectorysynchronization-update.md
- - name: Identity and sign-in
+ - name: Governance
+ href: resources/identitygovernance-overview.md
+ displayName: Identity Governance, Access reviews, Entitlement Management, Terms of Use, Privileged Identity Management
items:
- - name: Authentication methods
+ - name: Access reviews
+ href: resources/accessreviewsv2-overview.md
items:
- - name: Overview
- href: resources/authenticationmethods-overview.md
- - name: Authentication methods
- href: resources/authenticationmethod.md
- items:
- - name: List
- href: api/authentication-list-methods.md
- - name: FIDO2 security keys
- href: resources/fido2authenticationmethod.md
- items:
- - name: List
- href: api/fido2authenticationmethod-list.md
- - name: Get
- href: api/fido2authenticationmethod-get.md
- - name: Delete
- href: api/fido2authenticationmethod-delete.md
- - name: Microsoft Authenticator
- href: resources/microsoftauthenticatorauthenticationmethod.md
- items:
- - name: List
- href: api/microsoftauthenticatorauthenticationmethod-list.md
- - name: Get
- href: api/microsoftauthenticatorauthenticationmethod-get.md
- - name: Delete
- href: api/microsoftauthenticatorauthenticationmethod-delete.md
- - name: Software OATH token
- href: resources/softwareOathAuthenticationMethod.md
+ - name: Access review schedule definition
+ href: resources/accessreviewscheduledefinition.md
items: - name: List
- href: api/authentication-list-softwareoathmethods.md
+ href: api/accessreviewset-list-definitions.md
- name: Get
- href: api/softwareOathAuthenticationMethod-get.md
+ href: api/accessreviewscheduledefinition-get.md
+ - name: Create
+ href: api/accessreviewset-post-definitions.md
- name: Delete
- href: api/softwareOathAuthenticationMethod-delete.md
- - name: Windows Hello for Business
- href: resources/windowshelloforbusinessauthenticationmethod.md
+ href: api/accessreviewscheduledefinition-delete.md
+ - name: Update
+ href: api/accessreviewscheduledefinition-update.md
+ - name: Filter by current user
+ href: api/accessreviewscheduledefinition-filterbycurrentuser.md
+ - name: Access review instance
+ href: resources/accessreviewinstance.md
items: - name: List
- href: api/windowshelloforbusinessauthenticationmethod-list.md
+ href: api/accessreviewscheduledefinition-list-instances.md
- name: Get
- href: api/windowshelloforbusinessauthenticationmethod-get.md
- - name: Delete
- href: api/windowshelloforbusinessauthenticationmethod-delete.md
- - name: Phone
- href: resources/phoneauthenticationmethod.md
+ href: api/accessreviewinstance-get.md
+ - name: Update
+ href: api/accessreviewinstance-update.md
+ - name: Filter by current user
+ href: api/accessreviewinstance-filterbycurrentuser.md
+ - name: Send reminder
+ href: api/accessreviewinstance-sendreminder.md
+ - name: Stop
+ href: api/accessreviewinstance-stop.md
+ - name: Accept recommendations
+ href: api/accessreviewinstance-acceptrecommendations.md
+ - name: Apply decisions
+ href: api/accessreviewinstance-applydecisions.md
+ - name: Batch record decisions
+ href: api/accessreviewinstance-batchrecorddecisions.md
+ - name: Reset decisions
+ href: api/accessreviewinstance-resetdecisions.md
+ - name: List contacted reviewers
+ href: api/accessreviewinstance-list-contactedreviewers.md
+ - name: Access review stage
+ href: resources/accessreviewstage.md
items: - name: List
- href: api/authentication-list-phonemethods.md
+ href: api/accessreviewinstance-list-stages.md
- name: Get
- href: api/phoneauthenticationmethod-get.md
+ href: api/accessreviewstage-get.md
- name: Update
- href: api/phoneauthenticationmethod-update.md
- - name: Delete
- href: api/phoneauthenticationmethod-delete.md
- - name: Add
- href: api/authentication-post-phonemethods.md
- - name: Enable SMS sign-in
- href: api/phoneauthenticationmethod-enablesmssignin.md
- - name: Disable SMS sign-in
- href: api/phoneauthenticationmethod-disablesmssignin.md
- - name: Email
- href: resources/emailauthenticationmethod.md
+ href: api/accessreviewstage-update.md
+ - name: Filter by current user
+ href: api/accessreviewstage-filterbycurrentuser.md
+ - name: Stop
+ href: api/accessreviewstage-stop.md
+ - name: Access review instance decision item
+ displayName: access review decisions
+ href: resources/accessreviewinstancedecisionitem.md
items:
- - name: List
- href: api/authentication-list-emailmethods.md
+ - name: List decisions from an instance
+ href: api/accessreviewinstance-list-decisions.md
+ - name: List decisions from a stage of an instance
+ href: api/accessreviewstage-list-decisions.md
+ - name: Filter by current user
+ href: api/accessreviewinstancedecisionitem-filterbycurrentuser.md
- name: Get
- href: api/emailauthenticationmethod-get.md
+ href: api/accessreviewinstancedecisionitem-get.md
- name: Update
- href: api/emailauthenticationmethod-update.md
- - name: Delete
- href: api/emailauthenticationmethod-delete.md
- - name: Add
- href: api/authentication-post-emailmethods.md
- - name: Certificate-based auth configuration
- displayName: CBA
- href: resources/certificatebasedauthconfiguration.md
+ href: api/accessreviewinstancedecisionitem-update.md
+ - name: Access review history definition
+ href: resources/accessreviewhistorydefinition.md
items:
+ - name: Get
+ href: api/accessreviewhistorydefinition-get.md
- name: List
- href: api/certificatebasedauthconfiguration-list.md
+ href: api/accessreviewset-list-historydefinitions.md
- name: Create
- href: api/certificatebasedauthconfiguration-post-certificatebasedauthconfiguration.md
+ href: api/accessreviewset-post-historydefinitions.md
+ - name: Access review history instance
+ href: resources/accessreviewhistoryinstance.md
+ items:
+ - name: List
+ href: api/accessreviewhistorydefinition-list-instances.md
+ - name: Generate download URI
+ displayName: Downloadable access review history report
+ href: api/accessreviewhistoryinstance-generatedownloaduri.md
+ - name: Consent requests
+ href: resources/consentrequests-overview.md
+ items:
+ - name: Admin consent request policy
+ href: resources/adminconsentrequestpolicy.md
+ items:
- name: Get
- href: api/certificatebasedauthconfiguration-get.md
- - name: Delete
- href: api/certificatebasedauthconfiguration-delete.md
- - name: Password
- href: resources/passwordauthenticationmethod.md
+ href: api/adminconsentrequestpolicy-get.md
+ - name: Update
+ href: api/adminconsentrequestpolicy-update.md
+ - name: App consent requests
+ href: resources/appconsentrequest.md
items: - name: List
- href: api/authentication-list-passwordmethods.md
+ href: api/appconsentapprovalroute-list-appconsentrequests.md
- name: Get
- href: api/passwordauthenticationmethod-get.md
- - name: Reset
- href: api/authenticationmethod-resetpassword.md
- - name: Get operation status
- href: api/longrunningoperation-get.md
- - name: Temporary Access Pass
- displayName: TAP
- href: resources/temporaryaccesspassauthenticationmethod.md
+ href: api/appconsentrequest-get.md
+ - name: Filter by current user
+ href: api/appconsentrequest-filterByCurrentUser.md
+ - name: User consent requests
+ href: resources/userconsentrequest.md
items: - name: List
- href: api/authentication-list-temporaryaccesspassmethods.md
- - name: Create
- href: api/authentication-post-temporaryaccesspassmethods.md
+ href: api/appconsentrequest-list-userconsentrequests.md
- name: Get
- href: api/temporaryaccesspassauthenticationmethod-get.md
- - name: Delete
- href: api/temporaryaccesspassauthenticationmethod-delete.md
- - name: Conditional Access
+ href: api/userconsentrequest-get.md
+ - name: Filter by current user
+ href: api/userconsentrequest-filterByCurrentUser.md
+ - name: Entitlement management
+ href: resources/entitlementmanagement-overview.md
items:
- - name: Conditional Access
- href: resources/conditionalaccessroot.md
- - name: Policies
+ - name: Access package
+ href: resources/accesspackage.md
items:
- - name: Conditional Access policy
- href: resources/conditionalaccesspolicy.md
- name: List
- href: api/conditionalaccessroot-list-policies.md
+ href: api/entitlementmanagement-list-accesspackages.md
- name: Create
- href: api/conditionalaccessroot-post-policies.md
+ href: api/entitlementmanagement-post-accesspackages.md
- name: Get
- href: api/conditionalaccesspolicy-get.md
+ href: api/accesspackage-get.md
- name: Update
- href: api/conditionalaccesspolicy-update.md
+ href: api/accesspackage-update.md
- name: Delete
- href: api/conditionalaccesspolicy-delete.md
- - name: Named locations
+ href: api/accesspackage-delete.md
+ - name: Filter by current user
+ href: api/accesspackage-filterbycurrentuser.md
+ - name: Get applicable policy requirements
+ href: api/accesspackage-getapplicablepolicyrequirements.md
+ - name: List incompatible access packages
+ href: api/accesspackage-list-incompatibleaccesspackages.md
+ - name: Add incompatible access package
+ href: api/accesspackage-post-incompatibleaccesspackage.md
+ - name: Remove incompatible access package
+ href: api/accesspackage-delete-incompatibleaccesspackage.md
+ - name: List incompatible groups
+ href: api/accesspackage-list-incompatiblegroups.md
+ - name: Add incompatible group
+ href: api/accesspackage-post-incompatiblegroup.md
+ - name: Remove incompatible group
+ href: api/accesspackage-delete-incompatiblegroup.md
+ - name: List access packages incompatible with
+ href: api/accesspackage-list-accesspackagesincompatiblewith.md
+ - name: Access package assignment
+ href: resources/accesspackageassignment.md
items:
- - name: Named location
+ - name: List
+ href: api/entitlementmanagement-list-assignments.md
+ - name: Get
+ href: api/accesspackageassignment-get.md
+ - name: Check additional access
+ href: api/accesspackageassignment-additionalaccess.md
+ - name: Filter by current user
+ href: api/accesspackageassignment-filterbycurrentuser.md
+ - name: Reprocess
+ href: api/accesspackageassignment-reprocess.md
+ - name: Access package assignment request approval
+ items:
+ - name: Approval
+ href: resources/approval.md
+ - name: Get
+ href: api/approval-get.md
+ - name: Filter by current user
+ href: api/approval-filterbycurrentuser.md
+ - name: Approval stage
items:
- - name: Named location
- href: resources/namedlocation.md
+ - name: Approval stage
+ href: resources/approvalstage.md
- name: List
- href: api/conditionalaccessroot-list-namedlocations.md
+ href: api/approval-list-stages.md
- name: Get
- href: api/namedlocation-get.md
- - name: Delete
- href: api/namedlocation-delete.md
- - name: Country named location
- items:
- - name: Country named location
- href: resources/countrynamedlocation.md
- - name: List
- href: api/conditionalaccessroot-list-namedlocations.md
- - name: Create
- href: api/conditionalaccessroot-post-namedlocations.md
- - name: Get
- href: api/countrynamedlocation-get.md
- - name: Update
- href: api/countrynamedlocation-update.md
- - name: Delete
- href: api/countrynamedlocation-delete.md
- - name: IP named location
- items:
- - name: IP named location
- href: resources/ipnamedlocation.md
- - name: List
- href: api/conditionalaccessroot-list-namedlocations.md
- - name: Create
- href: api/conditionalaccessroot-post-namedlocations.md
- - name: Get
- href: api/ipnamedlocation-get.md
- - name: Update
- href: api/ipnamedlocation-update.md
- - name: Delete
- href: api/ipnamedlocation-delete.md
- - name: Authentication context
+ href: api/approvalstage-get.md
+ - name: Update
+ href: api/approvalstage-update.md
+ - name: Access package assignment request
+ href: resources/accesspackageassignmentrequest.md
items:
- - name: Authentication context class reference
- href: resources/authenticationcontextclassreference.md
- name: List
- href: api/conditionalaccessroot-list-authenticationcontextclassreferences.md
- - name: Create or update
- href: api/authenticationcontextclassreference-update.md
+ href: api/entitlementmanagement-list-assignmentrequests.md
+ - name: Create
+ href: api/entitlementmanagement-post-assignmentrequests.md
- name: Get
- href: api/authenticationcontextclassreference-get.md
+ href: api/accesspackageassignmentrequest-get.md
- name: Delete
- href: api/authenticationcontextclassreference-delete.md
- - name: Templates
+ href: api/accesspackageassignmentrequest-delete.md
+ - name: Filter by current user
+ href: api/accesspackageassignmentrequest-filterbycurrentuser.md
+ - name: Cancel
+ href: api/accesspackageassignmentrequest-cancel.md
+ - name: Reprocess
+ href: api/accesspackageassignmentrequest-reprocess.md
+ - name: Access package catalog
+ href: resources/accesspackagecatalog.md
items:
- - name: Conditional access template
- href: resources/conditionalAccessTemplate.md
- name: List
- href: api/conditionalaccessroot-list-templates.md
+ href: api/entitlementmanagement-list-catalogs.md
+ - name: Create
+ href: api/entitlementmanagement-post-catalogs.md
- name: Get
- href: api/conditionalaccesstemplate-get.md
- - name: Cross-tenant access
- items:
- - name: Overview
- href: resources/crosstenantaccesspolicy-overview.md
- - name: Policy
+ href: api/accesspackagecatalog-get.md
+ - name: Update
+ href: api/accesspackagecatalog-update.md
+ - name: Delete
+ href: api/accesspackagecatalog-delete.md
+ - name: Connected organization
+ href: resources/connectedorganization.md
items:
- - name: Cross-tenant access policy
- href: resources/crosstenantaccesspolicy.md
+ - name: List
+ href: api/entitlementmanagement-list-connectedorganizations.md
+ - name: Create
+ href: api/entitlementmanagement-post-connectedorganizations.md
- name: Get
- href: api/crosstenantaccesspolicy-get.md
+ href: api/connectedorganization-get.md
- name: Update
- href: api/crosstenantaccesspolicy-update.md
- - name: Default settings
+ href: api/connectedorganization-update.md
+ - name: Delete
+ href: api/connectedorganization-delete.md
+ - name: List external sponsors
+ href: api/connectedorganization-list-externalsponsors.md
+ - name: List internal sponsors
+ href: api/connectedorganization-list-internalsponsors.md
+ - name: Add external sponsors
+ href: api/connectedorganization-post-externalsponsors.md
+ - name: Add internal sponsors
+ href: api/connectedorganization-post-internalsponsors.md
+ - name: Remove external sponsors
+ href: api/connectedorganization-delete-externalsponsors.md
+ - name: Remove internal sponsors
+ href: api/connectedorganization-delete-internalsponsors.md
+ - name: Entitlement management settings
+ href: resources/entitlementmanagementsettings.md
items:
- - name: Cross-tenant access default settings
- href: resources/crosstenantaccesspolicyconfigurationdefault.md
- name: Get
- href: api/crosstenantaccesspolicyconfigurationdefault-get.md
+ href: api/entitlementmanagementsettings-get.md
- name: Update
- href: api/crosstenantaccesspolicyconfigurationdefault-update.md
- - name: Reset to system default
- href: api/crosstenantaccesspolicyconfigurationdefault-resettosystemdefault.md
- - name: Partner settings
+ href: api/entitlementmanagementsettings-update.md
+ - name: Access package assignment policy
+ href: resources/accesspackageassignmentpolicy.md
items:
- - name: Cross-tenant access partner settings
- href: resources/crosstenantaccesspolicyconfigurationpartner.md
- name: List
- href: api/crosstenantaccesspolicy-list-partners.md
+ href: api/entitlementmanagement-list-assignmentpolicies.md
- name: Create
- href: api/crosstenantaccesspolicy-post-partners.md
+ href: api/entitlementmanagement-post-assignmentpolicies.md
- name: Get
- href: api/crosstenantaccesspolicyconfigurationpartner-get.md
+ href: api/accesspackageassignmentpolicy-get.md
- name: Update
- href: api/crosstenantaccesspolicyconfigurationpartner-update.md
+ href: api/accesspackageassignmentpolicy-update.md
- name: Delete
- href: api/crosstenantaccesspolicyconfigurationpartner-delete.md
- - name: Data policy operation
- href: resources/datapolicyoperation.md
- items:
- - name: Get data policy operation
- href: api/datapolicyoperation-get.md
- - name: Delegated permission grant
- items:
- - name: OAuth 2.0 permission grant
- href: resources/oauth2permissiongrant.md
- - name: List
- href: api/oauth2permissiongrant-list.md
- - name: Create
- href: api/oauth2permissiongrant-post.md
- - name: Get
- href: api/oauth2permissiongrant-get.md
- - name: Update
- href: api/oauth2permissiongrant-update.md
- - name: Delete
- href: api/oauth2permissiongrant-delete.md
- - name: Get delta
- href: api/oauth2permissiongrant-delta.md
- - name: Identity protection
- href: resources/identityprotection-overview.md
+ href: api/accesspackageassignmentpolicy-delete.md
+ - name: Privileged Identity Management
+ displayName: Privileged Identity Management, PIM, Identity Governance
+ href: resources/privilegedidentitymanagementv3-overview.md
items:
- - name: Risk detection
- href: resources/riskdetection.md
+ - name: Role assignment schedule requests
+ href: resources/unifiedroleassignmentschedulerequest.md
items: - name: List
- href: api/riskdetection-list.md
+ href: api/rbacapplication-list-roleassignmentschedulerequests.md
+ - name: Create
+ href: api/rbacapplication-post-roleassignmentschedulerequests.md
- name: Get
- href: api/riskdetection-get.md
- - name: Risky user
- href: resources/riskyuser.md
+ href: api/unifiedroleassignmentschedulerequest-get.md
+ - name: Cancel
+ href: api/unifiedroleassignmentschedulerequest-cancel.md
+ - name: Filter by current user
+ href: api/unifiedroleassignmentschedulerequest-filterbycurrentuser.md
+ - name: Role assignment schedules
+ href: resources/unifiedroleassignmentschedule.md
items:
- - name: List risky users
- href: api/riskyuser-list.md
- - name: Get risky user
- href: api/riskyuser-get.md
- - name: List history
- href: api/riskyuser-list-history.md
- - name: Get history
- href: api/riskyuser-get-riskyuserhistoryitem.md
- - name: Confirm compromised
- href: api/riskyuser-confirmcompromised.md
- - name: Dismiss
- href: api/riskyuser-dismiss.md
- - name: Service principal risk detection
+ - name: List
+ href: api/rbacapplication-list-roleassignmentschedules.md
+ - name: Get
+ href: api/unifiedroleassignmentschedule-get.md
+ - name: Filter by current user
+ href: api/unifiedroleassignmentschedule-filterbycurrentuser.md
+ - name: Role assignment schedule instances
+ href: resources/unifiedroleassignmentscheduleinstance.md
items:
- - name: Risk detection
- href: resources/serviceprincipalriskdetection.md
- name: List
- href: api/identityprotectionroot-list-serviceprincipalriskdetections.md
+ href: api/rbacapplication-list-roleassignmentscheduleinstances.md
- name: Get
- href: api/serviceprincipalriskdetection-get.md
- - name: Risky service principal
+ href: api/unifiedroleassignmentscheduleinstance-get.md
+ - name: Filter by current user
+ href: api/unifiedroleassignmentscheduleinstance-filterbycurrentuser.md
+ - name: Role eligibility schedule requests
+ href: resources/unifiedroleeligibilityschedulerequest.md
items:
- - name: Risky service principal
- href: resources/riskyserviceprincipal.md
- - name: List risky service principals
+ - name: List
+ href: api/rbacapplication-list-roleeligibilityschedulerequests.md
+ - name: Create
+ href: api/rbacapplication-post-roleeligibilityschedulerequests.md
+ - name: Get
+ href: api/unifiedroleeligibilityschedulerequest-get.md
+ - name: Cancel
+ href: api/unifiedroleeligibilityschedulerequest-cancel.md
+ - name: Filter by current user
+ href: api/unifiedroleeligibilityschedulerequest-filterbycurrentuser.md
+ - name: Role eligibility schedules
+ href: resources/unifiedroleeligibilityschedule.md
+ items:
+ - name: List
+ href: api/rbacapplication-list-roleeligibilityschedules.md
+ - name: Get
+ href: api/unifiedroleeligibilityschedule-get.md
+ - name: Filter by current user
+ href: api/unifiedroleeligibilityschedule-filterbycurrentuser.md
+ - name: Role eligibility schedule instances
+ href: resources/unifiedroleeligibilityscheduleinstance.md
+ items:
+ - name: List
+ href: api/rbacapplication-list-roleeligibilityscheduleinstances.md
+ - name: Get
+ href: api/unifiedroleeligibilityscheduleinstance-get.md
+ - name: Filter by current user
+ href: api/unifiedroleeligibilityscheduleinstance-filterbycurrentuser.md
+ - name: Role management policies
+ items:
+ - name: Policies and rules
+ href: resources/unifiedrolemanagementpolicy.md
+ - name: List
+ href: api/policyroot-list-rolemanagementpolicies.md
+ - name: Get
+ href: api/unifiedrolemanagementpolicy-get.md
+ - name: List rules
+ href: api/unifiedrolemanagementpolicy-list-rules.md
+ - name: Get rule
+ href: api/unifiedrolemanagementpolicyrule-get.md
+ - name: Update rule
+ href: api/unifiedrolemanagementpolicyrule-update.md
+ - name: Role management policy assignments
+ href: resources/unifiedrolemanagementpolicyassignment.md
+ items:
+ - name: List
+ href: api/policyroot-list-rolemanagementpolicyassignments.md
+ - name: Get
+ href: api/unifiedrolemanagementpolicyassignment-get.md
+ - name: Terms of use
+ items:
+ - name: Agreement
+ href: resources/agreement.md
+ - name: List
+ href: api/termsofusecontainer-list-agreements.md
+ - name: Create
+ href: api/termsofusecontainer-post-agreements.md
+ - name: Get
+ href: api/agreement-get.md
+ - name: Update
+ href: api/agreement-update.md
+ - name: Delete
+ href: api/agreement-delete.md
+ - name: Agreement acceptances
+ href: resources/agreementacceptance.md
+ items:
+ - name: List acceptances
+ href: api/user-list-agreementacceptances.md
+ - name: List acceptance status
+ href: api/agreement-list-acceptances.md
+ - name: Agreement files
+ items:
+ - name: Default agreement file
+ href: resources/agreementfile.md
+ - name: Localized agreement files
+ href: resources/agreementfilelocalization.md
+ - name: Get default file
+ href: api/agreementfile-get.md
+ - name: Create localized files
+ href: api/agreement-post-files.md
+ - name: List localized files
+ href: api/agreement-list-files.md
+ - name: Identity and sign-in
+ items:
+ - name: Authentication methods
+ items:
+ - name: Overview
+ href: resources/authenticationmethods-overview.md
+ - name: Authentication methods
+ href: resources/authenticationmethod.md
+ items:
+ - name: List
+ href: api/authentication-list-methods.md
+ - name: FIDO2 security keys
+ href: resources/fido2authenticationmethod.md
+ items:
+ - name: List
+ href: api/fido2authenticationmethod-list.md
+ - name: Get
+ href: api/fido2authenticationmethod-get.md
+ - name: Delete
+ href: api/fido2authenticationmethod-delete.md
+ - name: Microsoft Authenticator
+ href: resources/microsoftauthenticatorauthenticationmethod.md
+ items:
+ - name: List
+ href: api/microsoftauthenticatorauthenticationmethod-list.md
+ - name: Get
+ href: api/microsoftauthenticatorauthenticationmethod-get.md
+ - name: Delete
+ href: api/microsoftauthenticatorauthenticationmethod-delete.md
+ - name: Software OATH token
+ href: resources/softwareOathAuthenticationMethod.md
+ items:
+ - name: List
+ href: api/authentication-list-softwareoathmethods.md
+ - name: Get
+ href: api/softwareOathAuthenticationMethod-get.md
+ - name: Delete
+ href: api/softwareOathAuthenticationMethod-delete.md
+ - name: Windows Hello for Business
+ href: resources/windowshelloforbusinessauthenticationmethod.md
+ items:
+ - name: List
+ href: api/windowshelloforbusinessauthenticationmethod-list.md
+ - name: Get
+ href: api/windowshelloforbusinessauthenticationmethod-get.md
+ - name: Delete
+ href: api/windowshelloforbusinessauthenticationmethod-delete.md
+ - name: Phone
+ href: resources/phoneauthenticationmethod.md
+ items:
+ - name: List
+ href: api/authentication-list-phonemethods.md
+ - name: Get
+ href: api/phoneauthenticationmethod-get.md
+ - name: Update
+ href: api/phoneauthenticationmethod-update.md
+ - name: Delete
+ href: api/phoneauthenticationmethod-delete.md
+ - name: Add
+ href: api/authentication-post-phonemethods.md
+ - name: Enable SMS sign-in
+ href: api/phoneauthenticationmethod-enablesmssignin.md
+ - name: Disable SMS sign-in
+ href: api/phoneauthenticationmethod-disablesmssignin.md
+ - name: Email
+ href: resources/emailauthenticationmethod.md
+ items:
+ - name: List
+ href: api/authentication-list-emailmethods.md
+ - name: Get
+ href: api/emailauthenticationmethod-get.md
+ - name: Update
+ href: api/emailauthenticationmethod-update.md
+ - name: Delete
+ href: api/emailauthenticationmethod-delete.md
+ - name: Add
+ href: api/authentication-post-emailmethods.md
+ - name: Certificate-based auth configuration
+ displayName: CBA
+ href: resources/certificatebasedauthconfiguration.md
+ items:
+ - name: List
+ href: api/certificatebasedauthconfiguration-list.md
+ - name: Create
+ href: api/certificatebasedauthconfiguration-post-certificatebasedauthconfiguration.md
+ - name: Get
+ href: api/certificatebasedauthconfiguration-get.md
+ - name: Delete
+ href: api/certificatebasedauthconfiguration-delete.md
+ - name: Password
+ href: resources/passwordauthenticationmethod.md
+ items:
+ - name: List
+ href: api/authentication-list-passwordmethods.md
+ - name: Get
+ href: api/passwordauthenticationmethod-get.md
+ - name: Reset
+ href: api/authenticationmethod-resetpassword.md
+ - name: Get operation status
+ href: api/longrunningoperation-get.md
+ - name: Temporary Access Pass
+ displayName: TAP
+ href: resources/temporaryaccesspassauthenticationmethod.md
+ items:
+ - name: List
+ href: api/authentication-list-temporaryaccesspassmethods.md
+ - name: Create
+ href: api/authentication-post-temporaryaccesspassmethods.md
+ - name: Get
+ href: api/temporaryaccesspassauthenticationmethod-get.md
+ - name: Delete
+ href: api/temporaryaccesspassauthenticationmethod-delete.md
+ - name: Conditional Access
+ items:
+ - name: Conditional Access
+ href: resources/conditionalaccessroot.md
+ - name: Policies
+ items:
+ - name: Conditional Access policy
+ href: resources/conditionalaccesspolicy.md
+ - name: List
+ href: api/conditionalaccessroot-list-policies.md
+ - name: Create
+ href: api/conditionalaccessroot-post-policies.md
+ - name: Get
+ href: api/conditionalaccesspolicy-get.md
+ - name: Update
+ href: api/conditionalaccesspolicy-update.md
+ - name: Delete
+ href: api/conditionalaccesspolicy-delete.md
+ - name: Named locations
+ items:
+ - name: Named location
+ items:
+ - name: Named location
+ href: resources/namedlocation.md
+ - name: List
+ href: api/conditionalaccessroot-list-namedlocations.md
+ - name: Get
+ href: api/namedlocation-get.md
+ - name: Delete
+ href: api/namedlocation-delete.md
+ - name: Country named location
+ items:
+ - name: Country named location
+ href: resources/countrynamedlocation.md
+ - name: List
+ href: api/conditionalaccessroot-list-namedlocations.md
+ - name: Create
+ href: api/conditionalaccessroot-post-namedlocations.md
+ - name: Get
+ href: api/countrynamedlocation-get.md
+ - name: Update
+ href: api/countrynamedlocation-update.md
+ - name: Delete
+ href: api/countrynamedlocation-delete.md
+ - name: IP named location
+ items:
+ - name: IP named location
+ href: resources/ipnamedlocation.md
+ - name: List
+ href: api/conditionalaccessroot-list-namedlocations.md
+ - name: Create
+ href: api/conditionalaccessroot-post-namedlocations.md
+ - name: Get
+ href: api/ipnamedlocation-get.md
+ - name: Update
+ href: api/ipnamedlocation-update.md
+ - name: Delete
+ href: api/ipnamedlocation-delete.md
+ - name: Authentication context
+ items:
+ - name: Authentication context class reference
+ href: resources/authenticationcontextclassreference.md
+ - name: List
+ href: api/conditionalaccessroot-list-authenticationcontextclassreferences.md
+ - name: Create or update
+ href: api/authenticationcontextclassreference-update.md
+ - name: Get
+ href: api/authenticationcontextclassreference-get.md
+ - name: Delete
+ href: api/authenticationcontextclassreference-delete.md
+ - name: Templates
+ items:
+ - name: Conditional access template
+ href: resources/conditionalAccessTemplate.md
+ - name: List
+ href: api/conditionalaccessroot-list-templates.md
+ - name: Get
+ href: api/conditionalaccesstemplate-get.md
+ - name: Cross-tenant access
+ items:
+ - name: Overview
+ href: resources/crosstenantaccesspolicy-overview.md
+ - name: Policy
+ items:
+ - name: Cross-tenant access policy
+ href: resources/crosstenantaccesspolicy.md
+ - name: Get
+ href: api/crosstenantaccesspolicy-get.md
+ - name: Update
+ href: api/crosstenantaccesspolicy-update.md
+ - name: Default settings
+ items:
+ - name: Cross-tenant access default settings
+ href: resources/crosstenantaccesspolicyconfigurationdefault.md
+ - name: Get
+ href: api/crosstenantaccesspolicyconfigurationdefault-get.md
+ - name: Update
+ href: api/crosstenantaccesspolicyconfigurationdefault-update.md
+ - name: Reset to system default
+ href: api/crosstenantaccesspolicyconfigurationdefault-resettosystemdefault.md
+ - name: Partner settings
+ items:
+ - name: Cross-tenant access partner settings
+ href: resources/crosstenantaccesspolicyconfigurationpartner.md
+ - name: List
+ href: api/crosstenantaccesspolicy-list-partners.md
+ - name: Create
+ href: api/crosstenantaccesspolicy-post-partners.md
+ - name: Get
+ href: api/crosstenantaccesspolicyconfigurationpartner-get.md
+ - name: Update
+ href: api/crosstenantaccesspolicyconfigurationpartner-update.md
+ - name: Delete
+ href: api/crosstenantaccesspolicyconfigurationpartner-delete.md
+ - name: Data policy operation
+ href: resources/datapolicyoperation.md
+ items:
+ - name: Get data policy operation
+ href: api/datapolicyoperation-get.md
+ - name: Delegated permission grant
+ items:
+ - name: OAuth 2.0 permission grant
+ href: resources/oauth2permissiongrant.md
+ - name: List
+ href: api/oauth2permissiongrant-list.md
+ - name: Create
+ href: api/oauth2permissiongrant-post.md
+ - name: Get
+ href: api/oauth2permissiongrant-get.md
+ - name: Update
+ href: api/oauth2permissiongrant-update.md
+ - name: Delete
+ href: api/oauth2permissiongrant-delete.md
+ - name: Get delta
+ href: api/oauth2permissiongrant-delta.md
+ - name: Identity protection
+ href: resources/identityprotection-overview.md
+ items:
+ - name: Risk detection
+ href: resources/riskdetection.md
+ items:
+ - name: List
+ href: api/riskdetection-list.md
+ - name: Get
+ href: api/riskdetection-get.md
+ - name: Risky user
+ href: resources/riskyuser.md
+ items:
+ - name: List risky users
+ href: api/riskyuser-list.md
+ - name: Get risky user
+ href: api/riskyuser-get.md
+ - name: List history
+ href: api/riskyuser-list-history.md
+ - name: Get history
+ href: api/riskyuser-get-riskyuserhistoryitem.md
+ - name: Confirm compromised
+ href: api/riskyuser-confirmcompromised.md
+ - name: Dismiss
+ href: api/riskyuser-dismiss.md
+ - name: Service principal risk detection
+ items:
+ - name: Risk detection
+ href: resources/serviceprincipalriskdetection.md
+ - name: List
+ href: api/identityprotectionroot-list-serviceprincipalriskdetections.md
+ - name: Get
+ href: api/serviceprincipalriskdetection-get.md
+ - name: Risky service principal
+ items:
+ - name: Risky service principal
+ href: resources/riskyserviceprincipal.md
+ - name: List risky service principals
href: api/identityprotectionroot-list-riskyserviceprincipals.md - name: Get risky service principal href: api/riskyserviceprincipal-get.md
items:
href: api/activitybasedtimeoutpolicy-update.md - name: Delete href: api/activitybasedtimeoutpolicy-delete.md
+ - name: Application authentication method policy
+ items:
+ - name: Overview
+ href: resources/applicationauthenticationmethodpolicy.md
+ - name: Tenant app management policy
+ items:
+ - name: Tenant app management policy
+ href: resources/tenantappmanagementpolicy.md
+ - name: Get
+ href: api/tenantappmanagementpolicy-get.md
+ - name: Update
+ href: api/tenantappmanagementpolicy-update.md
+ - name: App management policy
+ items:
+ - name: App management policy
+ href: resources/appmanagementpolicy.md
+ - name: List
+ href: api/appmanagementpolicy-list.md
+ - name: Get
+ href: api/appmanagementpolicy-get.md
+ - name: Create
+ href: api/appmanagementpolicy-post.md
+ - name: Update
+ href: api/appmanagementpolicy-update.md
+ - name: Delete
+ href: api/appmanagementpolicy-delete.md
+ - name: Create applies to
+ href: api/appmanagementpolicy-post-appliesto.md
+ - name: List applies to
+ href: api/appmanagementpolicy-list-appliesto.md
+ - name: Delete applies to
+ href: api/appmanagementpolicy-delete-appliesto.md
- name: Authentication flows policy items: - name: Authentication flows policy
items:
href: api/authenticationmethodspolicy-get.md - name: Update href: api/authenticationmethodspolicy-update.md
+ - name: Email policy
+ href: resources/emailauthenticationmethodconfiguration.md
+ items:
+ - name: Get
+ href: api/emailauthenticationmethodconfiguration-get.md
+ - name: Update
+ href: api/emailauthenticationmethodconfiguration-update.md
+ - name: Delete
+ href: api/emailauthenticationmethodconfiguration-delete.md
- name: FIDO2 policy href: resources/fido2authenticationmethodconfiguration.md items:
items:
href: api/temporaryaccesspassauthenticationmethodconfiguration-update.md - name: Delete href: api/temporaryaccesspassauthenticationmethodconfiguration-delete.md
- - name: Email policy
- href: resources/emailauthenticationmethodconfiguration.md
- items:
- - name: Get
- href: api/emailauthenticationmethodconfiguration-get.md
- - name: Update
- href: api/emailauthenticationmethodconfiguration-update.md
- - name: Delete
- href: api/emailauthenticationmethodconfiguration-delete.md
- name: X509 certificate displayName: certificate-based authentication, CBA href: resources/x509Certificateauthenticationmethodconfiguration.md items: - name: Get
- href: api/x509certificateauthenticationmethodconfiguration-get.md
- - name: Update
- href: api/x509certificateauthenticationmethodconfiguration-update.md
- - name: Delete
- href: api/x509certificateauthenticationmethodconfiguration-delete.md
- - name: Authorization policy
- href: resources/authorizationpolicy.md
- items:
- - name: Get
- href: api/authorizationpolicy-get.md
- - name: Update
- href: api/authorizationpolicy-update.md
- - name: Claims mapping policy
- href: resources/claimsmappingpolicy.md
- items:
- - name: Create
- href: api/claimsmappingpolicy-post-claimsmappingpolicies.md
- - name: List
- href: api/claimsmappingpolicy-list.md
- - name: Get
- href: api/claimsmappingpolicy-get.md
- - name: Update
- href: api/claimsmappingpolicy-update.md
- - name: Delete
- href: api/claimsmappingpolicy-delete.md
- - name: List applied to applications
- href: api/claimsmappingpolicy-list-appliesto.md
- - name: Feature rollout policy
- href: resources/featurerolloutpolicy.md
- items:
- - name: List
- href: api/featurerolloutpolicies-list.md
- - name: Create
- href: api/featurerolloutpolicies-post.md
- - name: Get
- href: api/featurerolloutpolicy-get.md
- - name: Update
- href: api/featurerolloutpolicy-update.md
- - name: Delete
- href: api/featurerolloutpolicy-delete.md
- - name: Create appliesTo
- href: api/featurerolloutpolicy-post-appliesto.md
- - name: Delete appliesTo
- href: api/featurerolloutpolicy-delete-appliesto.md
- - name: Home realm discovery policy
- href: resources/homerealmdiscoverypolicy.md
- items:
- - name: List
- href: api/homerealmdiscoverypolicy-list.md
- - name: Create
- href: api/homerealmdiscoverypolicy-post-homerealmdiscoverypolicies.md
- - name: Get
- href: api/homerealmdiscoverypolicy-get.md
- - name: Update
- href: api/homerealmdiscoverypolicy-update.md
- - name: Delete
- href: api/homerealmdiscoverypolicy-delete.md
- - name: List applied to applications
- href: api/homerealmdiscoverypolicy-list-appliesto.md
- - name: Token issuance policy
- href: resources/tokenissuancepolicy.md
- items:
- - name: List
- href: api/tokenissuancepolicy-list.md
- - name: Create
- href: api/tokenissuancepolicy-post-tokenissuancepolicy.md
- - name: Get
- href: api/tokenissuancepolicy-get.md
- - name: Update
- href: api/tokenissuancepolicy-update.md
- - name: Delete
- href: api/tokenissuancepolicy-delete.md
- - name: List applied to applications
- href: api/tokenissuancepolicy-list-appliesto.md
- - name: Token lifetime policy
- href: resources/tokenlifetimepolicy.md
- items:
- - name: List
- href: api/tokenlifetimepolicy-list.md
- - name: Create
- href: api/tokenlifetimepolicy-post-tokenlifetimepolicies.md
- - name: Get
- href: api/tokenlifetimepolicy-get.md
- - name: Update
- href: api/tokenlifetimepolicy-update.md
- - name: Delete
- href: api/tokenlifetimepolicy-delete.md
- - name: List applied to applications
- href: api/tokenlifetimepolicy-list-appliesto.md
- - name: Security defaults policy
- href: resources/identitysecuritydefaultsenforcementpolicy.md
- items:
- - name: Get
- href: api/identitysecuritydefaultsenforcementpolicy-get.md
- - name: Update
- href: api/identitysecuritydefaultsenforcementpolicy-update.md
- - name: User flows
- items:
- - name: Self-service sign up user flows
- items:
- - name: Self-service sign up user flow
- href: resources/b2xidentityuserflow.md
- - name: List
- href: api/identitycontainer-list-b2xuserflows.md
- - name: Create
- href: api/identitycontainer-post-b2xuserflows.md
- - name: Get
- href: api/b2xidentityuserflow-get.md
- - name: Delete
- href: api/b2xidentityuserflow-delete.md
- - name: List identity providers
- href: api/b2xidentityuserflow-list-identityproviders.md
- - name: Add identity provider
- href: api/b2xidentityuserflow-post-identityproviders.md
- - name: Remove identity provider
- href: api/b2xidentityuserflow-delete-identityproviders.md
- - name: List user attribute assignments
- href: api/b2xidentityuserflow-list-userattributeassignments.md
- - name: Create user attribute assignment
- href: api/b2xidentityuserflow-post-userattributeassignments.md
- - name: List languages
- href: api/b2xidentityuserflow-list-languages.md
- - name: Get API connectors configuration
- href: api/b2xidentityuserflow-get-apiConnectorConfiguration.md
- - name: Configure an API connector
- href: api/b2xidentityuserflow-put-apiConnectorConfiguration.md
- - name: User flow attributes
- items:
- - name: User flow attribute
- href: resources/identityuserflowattribute.md
- - name: List
- href: api/identityuserflowattribute-list.md
- - name: Create
- href: api/identityuserflowattribute-post.md
- - name: Get
- href: api/identityuserflowattribute-get.md
- - name: Update
- href: api/identityuserflowattribute-update.md
- - name: Delete
- href: api/identityuserflowattribute-delete.md
- - name: User flow attribute assignment
- items:
- - name: User flow attribute assignment
- href: resources/identityuserflowattributeassignment.md
- - name: Get
- href: api/identityuserflowattributeassignment-get.md
- - name: Update
- href: api/identityuserflowattributeassignment-update.md
- - name: Delete
- href: api/identityuserflowattributeassignment-delete.md
- - name: User flow language configuration
+ href: api/x509certificateauthenticationmethodconfiguration-get.md
+ - name: Update
+ href: api/x509certificateauthenticationmethodconfiguration-update.md
+ - name: Delete
+ href: api/x509certificateauthenticationmethodconfiguration-delete.md
+ - name: Authorization policy
+ href: resources/authorizationpolicy.md
items:
- - name: User flow language configuration
- href: resources/userflowlanguageconfiguration.md
- - name: Get
- href: api/userflowlanguageconfiguration-get.md
- - name: List default pages
- href: api/userflowlanguageconfiguration-list-defaultpages.md
- - name: List overrides pages
- href: api/userflowlanguageconfiguration-list-overridespages.md
- - name: User flow language page
- href: resources/userflowlanguagepage.md
- name: Get
- href: api/userflowlanguagepage-get.md
+ href: api/authorizationpolicy-get.md
- name: Update
- href: api/userflowlanguagepage-put.md
- - name: Delete
- href: api/userflowlanguagepage-delete.md
- - name: API connectors
+ href: api/authorizationpolicy-update.md
+ - name: Claims mapping policy
+ href: resources/claimsmappingpolicy.md
items:
- - name: API connector
- href: resources/identityapiconnector.md
- - name: List
- href: api/identityapiconnector-list.md
- name: Create
- href: api/identityapiconnector-create.md
+ href: api/claimsmappingpolicy-post-claimsmappingpolicies.md
+ - name: List
+ href: api/claimsmappingpolicy-list.md
- name: Get
- href: api/identityapiconnector-get.md
+ href: api/claimsmappingpolicy-get.md
- name: Update
- href: api/identityapiconnector-update.md
- - name: Upload a client certificate
- href: api/identityapiconnector-uploadclientcertificate.md
+ href: api/claimsmappingpolicy-update.md
- name: Delete
- href: api/identityapiconnector-delete.md
- - name: Governance
- href: resources/identitygovernance-overview.md
- displayName: Identity Governance, Access reviews, Entitlement Management, Terms of Use, Privileged Identity Management
- items:
- - name: Access reviews
- href: resources/accessreviewsv2-overview.md
- items:
- - name: Access review schedule definition
- href: resources/accessreviewscheduledefinition.md
+ href: api/claimsmappingpolicy-delete.md
+ - name: List applied to applications
+ href: api/claimsmappingpolicy-list-appliesto.md
+ - name: Feature rollout policy
+ href: resources/featurerolloutpolicy.md
items: - name: List
- href: api/accessreviewset-list-definitions.md
- - name: Get
- href: api/accessreviewscheduledefinition-get.md
+ href: api/featurerolloutpolicies-list.md
- name: Create
- href: api/accessreviewset-post-definitions.md
- - name: Delete
- href: api/accessreviewscheduledefinition-delete.md
- - name: Update
- href: api/accessreviewscheduledefinition-update.md
- - name: Filter by current user
- href: api/accessreviewscheduledefinition-filterbycurrentuser.md
- - name: Access review instance
- href: resources/accessreviewinstance.md
- items:
- - name: List
- href: api/accessreviewscheduledefinition-list-instances.md
+ href: api/featurerolloutpolicies-post.md
- name: Get
- href: api/accessreviewinstance-get.md
+ href: api/featurerolloutpolicy-get.md
- name: Update
- href: api/accessreviewinstance-update.md
- - name: Filter by current user
- href: api/accessreviewinstance-filterbycurrentuser.md
- - name: Send reminder
- href: api/accessreviewinstance-sendreminder.md
- - name: Stop
- href: api/accessreviewinstance-stop.md
- - name: Accept recommendations
- href: api/accessreviewinstance-acceptrecommendations.md
- - name: Apply decisions
- href: api/accessreviewinstance-applydecisions.md
- - name: Batch record decisions
- href: api/accessreviewinstance-batchrecorddecisions.md
- - name: Reset decisions
- href: api/accessreviewinstance-resetdecisions.md
- - name: List contacted reviewers
- href: api/accessreviewinstance-list-contactedreviewers.md
- - name: Access review stage
- href: resources/accessreviewstage.md
+ href: api/featurerolloutpolicy-update.md
+ - name: Delete
+ href: api/featurerolloutpolicy-delete.md
+ - name: Create appliesTo
+ href: api/featurerolloutpolicy-post-appliesto.md
+ - name: Delete appliesTo
+ href: api/featurerolloutpolicy-delete-appliesto.md
+ - name: Home realm discovery policy
+ href: resources/homerealmdiscoverypolicy.md
items: - name: List
- href: api/accessreviewinstance-list-stages.md
- - name: Get
- href: api/accessreviewstage-get.md
- - name: Update
- href: api/accessreviewstage-update.md
- - name: Filter by current user
- href: api/accessreviewstage-filterbycurrentuser.md
- - name: Stop
- href: api/accessreviewstage-stop.md
- - name: Access review instance decision item
- displayName: access review decisions
- href: resources/accessreviewinstancedecisionitem.md
- items:
- - name: List decisions from an instance
- href: api/accessreviewinstance-list-decisions.md
- - name: List decisions from a stage of an instance
- href: api/accessreviewstage-list-decisions.md
- - name: Filter by current user
- href: api/accessreviewinstancedecisionitem-filterbycurrentuser.md
+ href: api/homerealmdiscoverypolicy-list.md
+ - name: Create
+ href: api/homerealmdiscoverypolicy-post-homerealmdiscoverypolicies.md
- name: Get
- href: api/accessreviewinstancedecisionitem-get.md
+ href: api/homerealmdiscoverypolicy-get.md
- name: Update
- href: api/accessreviewinstancedecisionitem-update.md
- - name: Access review history definition
- href: resources/accessreviewhistorydefinition.md
+ href: api/homerealmdiscoverypolicy-update.md
+ - name: Delete
+ href: api/homerealmdiscoverypolicy-delete.md
+ - name: List applied to applications
+ href: api/homerealmdiscoverypolicy-list-appliesto.md
+ - name: Token issuance policy
+ href: resources/tokenissuancepolicy.md
items:
- - name: Get
- href: api/accessreviewhistorydefinition-get.md
- name: List
- href: api/accessreviewset-list-historydefinitions.md
+ href: api/tokenissuancepolicy-list.md
- name: Create
- href: api/accessreviewset-post-historydefinitions.md
- - name: Access review history instance
- href: resources/accessreviewhistoryinstance.md
- items:
- - name: List
- href: api/accessreviewhistorydefinition-list-instances.md
- - name: Generate download URI
- displayName: Downloadable access review history report
- href: api/accessreviewhistoryinstance-generatedownloaduri.md
- - name: Consent requests
- href: resources/consentrequests-overview.md
- items:
- - name: Admin consent request policy
- href: resources/adminconsentrequestpolicy.md
- items:
+ href: api/tokenissuancepolicy-post-tokenissuancepolicy.md
- name: Get
- href: api/adminconsentrequestpolicy-get.md
+ href: api/tokenissuancepolicy-get.md
- name: Update
- href: api/adminconsentrequestpolicy-update.md
- - name: App consent requests
- href: resources/appconsentrequest.md
- items:
- - name: List
- href: api/appconsentapprovalroute-list-appconsentrequests.md
- - name: Get
- href: api/appconsentrequest-get.md
- - name: Filter by current user
- href: api/appconsentrequest-filterByCurrentUser.md
- - name: User consent requests
- href: resources/userconsentrequest.md
- items:
- - name: List
- href: api/appconsentrequest-list-userconsentrequests.md
- - name: Get
- href: api/userconsentrequest-get.md
- - name: Filter by current user
- href: api/userconsentrequest-filterByCurrentUser.md
- - name: Entitlement management
- href: resources/entitlementmanagement-overview.md
- items:
- - name: Access package
- href: resources/accesspackage.md
+ href: api/tokenissuancepolicy-update.md
+ - name: Delete
+ href: api/tokenissuancepolicy-delete.md
+ - name: List applied to applications
+ href: api/tokenissuancepolicy-list-appliesto.md
+ - name: Token lifetime policy
+ href: resources/tokenlifetimepolicy.md
items: - name: List
- href: api/entitlementmanagement-list-accesspackages.md
+ href: api/tokenlifetimepolicy-list.md
- name: Create
- href: api/entitlementmanagement-post-accesspackages.md
+ href: api/tokenlifetimepolicy-post-tokenlifetimepolicies.md
- name: Get
- href: api/accesspackage-get.md
+ href: api/tokenlifetimepolicy-get.md
- name: Update
- href: api/accesspackage-update.md
+ href: api/tokenlifetimepolicy-update.md
- name: Delete
- href: api/accesspackage-delete.md
- - name: Filter by current user
- href: api/accesspackage-filterbycurrentuser.md
- - name: Get applicable policy requirements
- href: api/accesspackage-getapplicablepolicyrequirements.md
- - name: List incompatible access packages
- href: api/accesspackage-list-incompatibleaccesspackages.md
- - name: Add incompatible access package
- href: api/accesspackage-post-incompatibleaccesspackage.md
- - name: Remove incompatible access package
- href: api/accesspackage-delete-incompatibleaccesspackage.md
- - name: List incompatible groups
- href: api/accesspackage-list-incompatiblegroups.md
- - name: Add incompatible group
- href: api/accesspackage-post-incompatiblegroup.md
- - name: Remove incompatible group
- href: api/accesspackage-delete-incompatiblegroup.md
- - name: List access packages incompatible with
- href: api/accesspackage-list-accesspackagesincompatiblewith.md
- - name: Access package assignment
- href: resources/accesspackageassignment.md
- items:
- - name: List
- href: api/entitlementmanagement-list-assignments.md
- - name: Get
- href: api/accesspackageassignment-get.md
- - name: Check additional access
- href: api/accesspackageassignment-additionalaccess.md
- - name: Filter by current user
- href: api/accesspackageassignment-filterbycurrentuser.md
- - name: Reprocess
- href: api/accesspackageassignment-reprocess.md
- - name: Access package assignment request approval
+ href: api/tokenlifetimepolicy-delete.md
+ - name: List applied to applications
+ href: api/tokenlifetimepolicy-list-appliesto.md
+ - name: Security defaults policy
+ href: resources/identitysecuritydefaultsenforcementpolicy.md
items:
- - name: Approval
- href: resources/approval.md
- name: Get
- href: api/approval-get.md
- - name: Filter by current user
- href: api/approval-filterbycurrentuser.md
- - name: Approval stage
- items:
- - name: Approval stage
- href: resources/approvalstage.md
- - name: List
- href: api/approval-list-stages.md
- - name: Get
- href: api/approvalstage-get.md
- - name: Update
- href: api/approvalstage-update.md
- - name: Access package assignment request
- href: resources/accesspackageassignmentrequest.md
+ href: api/identitysecuritydefaultsenforcementpolicy-get.md
+ - name: Update
+ href: api/identitysecuritydefaultsenforcementpolicy-update.md
+ - name: User flows
+ items:
+ - name: Self-service sign up user flows
items:
+ - name: Self-service sign up user flow
+ href: resources/b2xidentityuserflow.md
- name: List
- href: api/entitlementmanagement-list-assignmentrequests.md
+ href: api/identitycontainer-list-b2xuserflows.md
- name: Create
- href: api/entitlementmanagement-post-assignmentrequests.md
+ href: api/identitycontainer-post-b2xuserflows.md
- name: Get
- href: api/accesspackageassignmentrequest-get.md
+ href: api/b2xidentityuserflow-get.md
- name: Delete
- href: api/accesspackageassignmentrequest-delete.md
- - name: Filter by current user
- href: api/accesspackageassignmentrequest-filterbycurrentuser.md
- - name: Cancel
- href: api/accesspackageassignmentrequest-cancel.md
- - name: Reprocess
- href: api/accesspackageassignmentrequest-reprocess.md
- - name: Access package catalog
- href: resources/accesspackagecatalog.md
+ href: api/b2xidentityuserflow-delete.md
+ - name: List identity providers
+ href: api/b2xidentityuserflow-list-identityproviders.md
+ - name: Add identity provider
+ href: api/b2xidentityuserflow-post-identityproviders.md
+ - name: Remove identity provider
+ href: api/b2xidentityuserflow-delete-identityproviders.md
+ - name: List user attribute assignments
+ href: api/b2xidentityuserflow-list-userattributeassignments.md
+ - name: Create user attribute assignment
+ href: api/b2xidentityuserflow-post-userattributeassignments.md
+ - name: List languages
+ href: api/b2xidentityuserflow-list-languages.md
+ - name: Get API connectors configuration
+ href: api/b2xidentityuserflow-get-apiConnectorConfiguration.md
+ - name: Configure an API connector
+ href: api/b2xidentityuserflow-put-apiConnectorConfiguration.md
+ - name: User flow attributes
items:
+ - name: User flow attribute
+ href: resources/identityuserflowattribute.md
- name: List
- href: api/entitlementmanagement-list-catalogs.md
+ href: api/identityuserflowattribute-list.md
- name: Create
- href: api/entitlementmanagement-post-catalogs.md
+ href: api/identityuserflowattribute-post.md
- name: Get
- href: api/accesspackagecatalog-get.md
+ href: api/identityuserflowattribute-get.md
- name: Update
- href: api/accesspackagecatalog-update.md
+ href: api/identityuserflowattribute-update.md
- name: Delete
- href: api/accesspackagecatalog-delete.md
- - name: Connected organization
- href: resources/connectedorganization.md
+ href: api/identityuserflowattribute-delete.md
+ - name: User flow attribute assignment
items:
- - name: List
- href: api/entitlementmanagement-list-connectedorganizations.md
- - name: Create
- href: api/entitlementmanagement-post-connectedorganizations.md
+ - name: User flow attribute assignment
+ href: resources/identityuserflowattributeassignment.md
- name: Get
- href: api/connectedorganization-get.md
+ href: api/identityuserflowattributeassignment-get.md
- name: Update
- href: api/connectedorganization-update.md
+ href: api/identityuserflowattributeassignment-update.md
- name: Delete
- href: api/connectedorganization-delete.md
- - name: List external sponsors
- href: api/connectedorganization-list-externalsponsors.md
- - name: List internal sponsors
- href: api/connectedorganization-list-internalsponsors.md
- - name: Add external sponsors
- href: api/connectedorganization-post-externalsponsors.md
- - name: Add internal sponsors
- href: api/connectedorganization-post-internalsponsors.md
- - name: Remove external sponsors
- href: api/connectedorganization-delete-externalsponsors.md
- - name: Remove internal sponsors
- href: api/connectedorganization-delete-internalsponsors.md
- - name: Entitlement management settings
- href: resources/entitlementmanagementsettings.md
+ href: api/identityuserflowattributeassignment-delete.md
+ - name: User flow language configuration
items:
+ - name: User flow language configuration
+ href: resources/userflowlanguageconfiguration.md
- name: Get
- href: api/entitlementmanagementsettings-get.md
+ href: api/userflowlanguageconfiguration-get.md
+ - name: List default pages
+ href: api/userflowlanguageconfiguration-list-defaultpages.md
+ - name: List overrides pages
+ href: api/userflowlanguageconfiguration-list-overridespages.md
+ - name: User flow language page
+ href: resources/userflowlanguagepage.md
+ - name: Get
+ href: api/userflowlanguagepage-get.md
- name: Update
- href: api/entitlementmanagementsettings-update.md
- - name: Access package assignment policy
- href: resources/accesspackageassignmentpolicy.md
+ href: api/userflowlanguagepage-put.md
+ - name: Delete
+ href: api/userflowlanguagepage-delete.md
+ - name: API connectors
items:
+ - name: API connector
+ href: resources/identityapiconnector.md
- name: List
- href: api/entitlementmanagement-list-assignmentpolicies.md
+ href: api/identityapiconnector-list.md
- name: Create
- href: api/entitlementmanagement-post-assignmentpolicies.md
+ href: api/identityapiconnector-create.md
- name: Get
- href: api/accesspackageassignmentpolicy-get.md
+ href: api/identityapiconnector-get.md
- name: Update
- href: api/accesspackageassignmentpolicy-update.md
+ href: api/identityapiconnector-update.md
+ - name: Upload a client certificate
+ href: api/identityapiconnector-uploadclientcertificate.md
- name: Delete
- href: api/accesspackageassignmentpolicy-delete.md
- - name: Privileged Identity Management
- displayName: Privileged Identity Management, PIM, Identity Governance
- href: resources/privilegedidentitymanagementv3-overview.md
+ href: api/identityapiconnector-delete.md
+ - name: Partner customer administration
+ items:
+ - name: Granular delegated admin privileges
items:
- - name: Role assignment schedule requests
- href: resources/unifiedroleassignmentschedulerequest.md
+ - name: Overview
+ displayName: GDAP, Partner Center, CSP, VAR
+ href: resources/delegatedadminrelationships-api-overview.md
+ - name: Delegated admin relationships
+ href: resources/delegatedadminrelationship.md
items:
- - name: List
- href: api/rbacapplication-list-roleassignmentschedulerequests.md
- name: Create
- href: api/rbacapplication-post-roleassignmentschedulerequests.md
- - name: Get
- href: api/unifiedroleassignmentschedulerequest-get.md
- - name: Cancel
- href: api/unifiedroleassignmentschedulerequest-cancel.md
- - name: Filter by current user
- href: api/unifiedroleassignmentschedulerequest-filterbycurrentuser.md
- - name: Role assignment schedules
- href: resources/unifiedroleassignmentschedule.md
- items:
- - name: List
- href: api/rbacapplication-list-roleassignmentschedules.md
- - name: Get
- href: api/unifiedroleassignmentschedule-get.md
- - name: Filter by current user
- href: api/unifiedroleassignmentschedule-filterbycurrentuser.md
- - name: Role assignment schedule instances
- href: resources/unifiedroleassignmentscheduleinstance.md
- items:
+ href: api/tenantrelationship-post-delegatedadminrelationships.md
- name: List
- href: api/rbacapplication-list-roleassignmentscheduleinstances.md
+ href: api/tenantrelationship-list-delegatedadminrelationships.md
- name: Get
- href: api/unifiedroleassignmentscheduleinstance-get.md
- - name: Filter by current user
- href: api/unifiedroleassignmentscheduleinstance-filterbycurrentuser.md
- - name: Role eligibility schedule requests
- href: resources/unifiedroleeligibilityschedulerequest.md
+ href: api/delegatedadminrelationship-get.md
+ - name: Update
+ href: api/delegatedadminrelationship-update.md
+ - name: Delete
+ href: api/delegatedadminrelationship-delete.md
+ - name: Delegated admin access assignments
+ href: resources/delegatedadminaccessassignment.md
items:
- - name: List
- href: api/rbacapplication-list-roleeligibilityschedulerequests.md
- name: Create
- href: api/rbacapplication-post-roleeligibilityschedulerequests.md
- - name: Get
- href: api/unifiedroleeligibilityschedulerequest-get.md
- - name: Cancel
- href: api/unifiedroleeligibilityschedulerequest-cancel.md
- - name: Filter by current user
- href: api/unifiedroleeligibilityschedulerequest-filterbycurrentuser.md
- - name: Role eligibility schedules
- href: resources/unifiedroleeligibilityschedule.md
- items:
+ href: api/delegatedadminrelationship-post-accessassignments.md
- name: List
- href: api/rbacapplication-list-roleeligibilityschedules.md
+ href: api/delegatedadminrelationship-list-accessassignments.md
- name: Get
- href: api/unifiedroleeligibilityschedule-get.md
- - name: Filter by current user
- href: api/unifiedroleeligibilityschedule-filterbycurrentuser.md
- - name: Role eligibility schedule instances
- href: resources/unifiedroleeligibilityscheduleinstance.md
+ href: api/delegatedadminaccessassignment-get.md
+ - name: Update
+ href: api/delegatedadminaccessassignment-update.md
+ - name: Delete
+ href: api/delegatedadminaccessassignment-delete.md
+ - name: Delegated admin relationship requests
+ href: resources/delegatedadminrelationshiprequest.md
items:
+ - name: Create
+ href: api/delegatedadminrelationship-post-requests.md
- name: List
- href: api/rbacapplication-list-roleeligibilityscheduleinstances.md
+ href: api/delegatedadminrelationship-list-requests.md
- name: Get
- href: api/unifiedroleeligibilityscheduleinstance-get.md
- - name: Filter by current user
- href: api/unifiedroleeligibilityscheduleinstance-filterbycurrentuser.md
- - name: Role management policies
+ href: api/delegatedadminrelationshiprequest-get.md
+ - name: Delegated admin relationship operations
+ href: resources/delegatedadminrelationshipoperation.md
items:
- - name: Policies and rules
- href: resources/unifiedrolemanagementpolicy.md
- name: List
- href: api/policyroot-list-rolemanagementpolicies.md
+ href: api/delegatedadminrelationship-list-operations.md
- name: Get
- href: api/unifiedrolemanagementpolicy-get.md
- - name: List rules
- href: api/unifiedrolemanagementpolicy-list-rules.md
- - name: Get rule
- href: api/unifiedrolemanagementpolicyrule-get.md
- - name: Update rule
- href: api/unifiedrolemanagementpolicyrule-update.md
- - name: Role management policy assignments
- href: resources/unifiedrolemanagementpolicyassignment.md
+ href: api/delegatedadminrelationshipoperation-get.md
+ - name: Delegated admin customer
+ href: resources/delegatedadmincustomer.md
items: - name: List
- href: api/policyroot-list-rolemanagementpolicyassignments.md
+ href: api/tenantrelationship-list-delegatedadmincustomers.md
- name: Get
- href: api/unifiedrolemanagementpolicyassignment-get.md
- - name: Terms of use
- items:
- - name: Agreement
- href: resources/agreement.md
- - name: List
- href: api/termsofusecontainer-list-agreements.md
- - name: Create
- href: api/termsofusecontainer-post-agreements.md
- - name: Get
- href: api/agreement-get.md
- - name: Update
- href: api/agreement-update.md
- - name: Delete
- href: api/agreement-delete.md
- - name: Agreement acceptances
- href: resources/agreementacceptance.md
- items:
- - name: List acceptances
- href: api/user-list-agreementacceptances.md
- - name: List acceptance status
- href: api/agreement-list-acceptances.md
- - name: Agreement files
- items:
- - name: Default agreement file
- href: resources/agreementfile.md
- - name: Localized agreement files
- href: resources/agreementfilelocalization.md
- - name: Get default file
- href: api/agreementfile-get.md
- - name: Create localized files
- href: api/agreement-post-files.md
- - name: List localized files
- href: api/agreement-list-files.md
+ href: api/delegatedadmincustomer-get.md
+ - name: Service management details
+ href: resources/delegatedadminservicemanagementdetail.md
+ items:
+ - name: List
+ href: api/delegatedadmincustomer-list-servicemanagementdetails.md
- name: Mail displayName: Outlook, Outlook mail items: